[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen master] convert XSM_ENABLE to Kconfig
commit 20c8f1a8a5fd61cb6f0ba6f3c3b3d567b1765116 Author: Doug Goldstein <cardoe@xxxxxxxxxx> AuthorDate: Tue Jan 12 11:39:47 2016 +0100 Commit: Jan Beulich <jbeulich@xxxxxxxx> CommitDate: Tue Jan 12 11:39:47 2016 +0100 convert XSM_ENABLE to Kconfig Converts the existing XSM_ENABLE flag from Config.mk to CONFIG_XSM within Kconfig. This also re-adds the dependency of CONFIG_FLASK on CONFIG_XSM. Signed-off-by: Doug Goldstein <cardoe@xxxxxxxxxx> Acked-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> --- Config.mk | 3 --- INSTALL | 8 ++------ docs/misc/xsm-flask.txt | 6 +++--- xen/Rules.mk | 1 - xen/common/Kconfig | 37 ++++++++++++++++++++++++++++++++++++- xen/include/asm-x86/config.h | 4 ---- xen/include/xen/sched.h | 2 +- xen/include/xsm/dummy.h | 10 +++++----- xen/include/xsm/xsm.h | 6 +++--- xen/xsm/Makefile | 6 ++---- xen/xsm/xsm_core.c | 2 +- 11 files changed, 53 insertions(+), 32 deletions(-) diff --git a/Config.mk b/Config.mk index 1315918..62f8209 100644 --- a/Config.mk +++ b/Config.mk @@ -212,9 +212,6 @@ APPEND_CFLAGS += $(foreach i, $(APPEND_INCLUDES), -I$(i)) EMBEDDED_EXTRA_CFLAGS := -nopie -fno-stack-protector -fno-stack-protector-all EMBEDDED_EXTRA_CFLAGS += -fno-exceptions -# Enable XSM security module (by default, Flask). -XSM_ENABLE ?= n - XEN_EXTFILES_URL ?= http://xenbits.xen.org/xen-extfiles # All the files at that location were downloaded from elsewhere on # the internet. The original download URL is preserved as a comment diff --git a/INSTALL b/INSTALL index c51447b..3d2e86a 100644 --- a/INSTALL +++ b/INSTALL @@ -275,14 +275,10 @@ Building the python tools may fail unless certain options are passed to setup.py. Config.mk contains additional info how to use this variable. PYTHON_PREFIX_ARG= -The hypervisor may be build with XSM support, which can be changed with -the following variables. -XSM_ENABLE=y - -The hypervisor may be build with Flask support, which can be changed +he hypervisor may be build with XSM/Flask support, which can be changed by running: make -C xen menuconfig -and enabling Flask in the 'Common Features' menu. +and enabling XSM/Flask in the 'Common Features' menu. Do a build for coverage. coverage=y diff --git a/docs/misc/xsm-flask.txt b/docs/misc/xsm-flask.txt index f2f0fd4..fb2fe9f 100644 --- a/docs/misc/xsm-flask.txt +++ b/docs/misc/xsm-flask.txt @@ -172,9 +172,9 @@ Setting up FLASK ---------------- Xen must be compiled with XSM and FLASK enabled; by default, the security -framework is disabled. Edit Config.mk or the .config file to set XSM_ENABLE to -"y" and running 'make -C xen menuconfig' and enabling FLASK inside 'Common -Features'; this change requires a make clean and rebuild. +framework is disabled. Running 'make -C xen menuconfig' and enabling XSM +and FLASK inside 'Common Features'; this change requires a make clean and +rebuild. FLASK uses only one domain configuration parameter (seclabel) defining the full security label of the newly created domain. If using the example policy, diff --git a/xen/Rules.mk b/xen/Rules.mk index 9e4e6ff..8bd1098 100644 --- a/xen/Rules.mk +++ b/xen/Rules.mk @@ -52,7 +52,6 @@ CFLAGS += -Werror -Wredundant-decls -Wno-pointer-arith CFLAGS += -pipe -g -D__XEN__ -include $(BASEDIR)/include/xen/config.h CFLAGS += '-D__OBJECT_FILE__="$@"' -CFLAGS-$(XSM_ENABLE) += -DXSM_ENABLE CFLAGS-$(verbose) += -DVERBOSE CFLAGS-$(crash_debug) += -DCRASH_DEBUG CFLAGS-$(perfc) += -DPERF_COUNTERS diff --git a/xen/common/Kconfig b/xen/common/Kconfig index 3419816..eadfc3b 100644 --- a/xen/common/Kconfig +++ b/xen/common/Kconfig @@ -10,7 +10,8 @@ config COMPAT config FLASK bool "FLux Advanced Security Kernel support" - default n + default y + depends on XSM ---help--- Enables the FLASK (FLux Advanced Security Kernel) support which provides a mandatory access control framework by which security @@ -62,4 +63,38 @@ config KEXEC If unsure, say Y. +# Allows "late" initialization of the hardware domain +config LATE_HWDOM + bool "dedicated hardware domain" + default n + depends on XSM && X86 + ---help--- + Allows the creation of a dedicated hardware domain distinct from + domain 0 that manages devices without needing access to other + privileged functionality such as the ability to manage domains. + This requires that the actual domain 0 be a stub domain that + constructs the actual hardware domain instead of initializing the + hardware itself. Because the hardware domain needs access to + hypercalls not available to unprivileged guests, an XSM policy + is required to properly define the privilege of these domains. + + This feature does nothing if the "hardware_dom" boot parameter is + not present. If this feature is being used for security, it should + be combined with an IOMMU in strict mode. + + If unsure, say N. + +# Enable/Disable XSM support +config XSM + bool "Xen Security Modules support" + default n + ---help--- + Enables the security framework known as Xen Security Modules which + allows administrators fine-grained control over a Xen domain and + its capabilities by defining permissible interactions between domains, + the hypervisor itself, and related resources such as memory and + devices. + + If unsure, say N. + endmenu diff --git a/xen/include/asm-x86/config.h b/xen/include/asm-x86/config.h index f25d92e..3305a75 100644 --- a/xen/include/asm-x86/config.h +++ b/xen/include/asm-x86/config.h @@ -52,10 +52,6 @@ #define CONFIG_MULTIBOOT 1 -#ifdef XSM_ENABLE -#define CONFIG_LATE_HWDOM 1 -#endif - #define HZ 100 #define OPT_CONSOLE_STR "vga" diff --git a/xen/include/xen/sched.h b/xen/include/xen/sched.h index 8fc26ce..82b6dd1 100644 --- a/xen/include/xen/sched.h +++ b/xen/include/xen/sched.h @@ -110,7 +110,7 @@ struct evtchn u8 priority; u8 last_priority; u16 last_vcpu_id; -#ifdef XSM_ENABLE +#ifdef CONFIG_XSM union { #ifdef XSM_NEED_GENERIC_EVTCHN_SSID /* diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index 9803ff4..1d13826 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -27,9 +27,9 @@ /* DO NOT implement this function; it is supposed to trigger link errors */ void __xsm_action_mismatch_detected(void); -#ifdef XSM_ENABLE +#ifdef CONFIG_XSM -/* In XSM_ENABLE builds, this header file is included from xsm/dummy.c, and +/* In CONFIG_XSM builds, this header file is included from xsm/dummy.c, and * contains static (not inline) functions compiled to the dummy XSM module. * There is no xsm_default_t argument available, so the value from the assertion * is used to initialize the variable. @@ -39,9 +39,9 @@ void __xsm_action_mismatch_detected(void); #define XSM_DEFAULT_VOID void #define XSM_ASSERT_ACTION(def) xsm_default_t action = def; (void)action -#else /* XSM_ENABLE */ +#else /* CONFIG_XSM */ -/* In !XSM_ENABLE builds, this header file is included from xsm/xsm.h, and +/* In !CONFIG_XSM builds, this header file is included from xsm/xsm.h, and * contains inline functions for each XSM hook. These functions also perform * compile-time checks on the xsm_default_t argument to ensure that the behavior * of the dummy XSM module is the same as the behavior with XSM disabled. @@ -51,7 +51,7 @@ void __xsm_action_mismatch_detected(void); #define XSM_DEFAULT_VOID xsm_default_t action #define XSM_ASSERT_ACTION(def) LINKER_BUG_ON(def != action) -#endif /* XSM_ENABLE */ +#endif /* CONFIG_XSM */ static always_inline int xsm_default_action( xsm_default_t action, struct domain *src, struct domain *target) diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index 150f94a..3afed70 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -195,7 +195,7 @@ struct xsm_operations { #endif }; -#ifdef XSM_ENABLE +#ifdef CONFIG_XSM extern struct xsm_operations *xsm_ops; @@ -753,7 +753,7 @@ extern int unregister_xsm(struct xsm_operations *ops); extern struct xsm_operations dummy_xsm_ops; extern void xsm_fixup_ops(struct xsm_operations *ops); -#else /* XSM_ENABLE */ +#else /* CONFIG_XSM */ #include <xsm/dummy.h> @@ -773,6 +773,6 @@ static inline int xsm_dt_init(void) } #endif -#endif /* XSM_ENABLE */ +#endif /* CONFIG_XSM */ #endif /* __XSM_H */ diff --git a/xen/xsm/Makefile b/xen/xsm/Makefile index d29e71c..3252c46 100644 --- a/xen/xsm/Makefile +++ b/xen/xsm/Makefile @@ -1,7 +1,5 @@ obj-y += xsm_core.o -ifeq ($(XSM_ENABLE),y) -obj-y += xsm_policy.o -obj-y += dummy.o -endif +obj-$(CONFIG_XSM) += xsm_policy.o +obj-$(CONFIG_XSM) += dummy.o subdir-$(CONFIG_FLASK) += flask diff --git a/xen/xsm/xsm_core.c b/xen/xsm/xsm_core.c index 2a74496..5e432de 100644 --- a/xen/xsm/xsm_core.c +++ b/xen/xsm/xsm_core.c @@ -17,7 +17,7 @@ #include <xen/hypercall.h> #include <xsm/xsm.h> -#ifdef XSM_ENABLE +#ifdef CONFIG_XSM #define XSM_FRAMEWORK_VERSION "1.0.0" -- generated by git-patchbot for /home/xen/git/xen.git#master _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxx http://lists.xensource.com/xen-changelog
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |