[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH v4] Merge IS_PRIV checks into XSM hooks

To: xen-devel@xxxxxxxxxxxxx
From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Date: Mon, 17 Sep 2012 11:23:22 -0400
Cc: dgdegra@xxxxxxxxxxxxx, keir@xxxxxxx
Delivery-date: Mon, 17 Sep 2012 15:24:25 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

Changes from v3:
 * Moved x86-specific sysctls into #ifdef CONFIG_X86 in flask/hooks.c
 * Removed pt_domain parameter from mmu_update hook when unused
 * Renamed xsm___do_xsm_op to xsm_do_xsm_op
 * Added struct domain* argument to arch_do_domctl
 * Cleaned up mem_event code duplication

Changes from v2:
 * Added overall hooks for domctl, sysctl, and platform_hypercall so
   that new sub-operations are protected by IS_PRIV checks
 * Reorganized the IS_PRIV additions to dummy.h so they are added in the
   same patch that removes the IS_PRIV they are replacing
 * Reworked hooks in the MM hotpath to increase efficiency
 * Dropped some unneeded XSM hook additions due to do_domctl hook
 * Dropped the rcu_lock*target_domain_by_id function removal patch
 * Restore IS_PRIV check in PHYSDEVOP_alloc_irq_vector
 * Use the existing hook function structure for tmem

Miscellaneous updates to FLASK:
    [PATCH 01/23] xsm/flask: remove inherited class attributes
    [PATCH 02/23] xsm/flask: remove unneeded create_sid field
    [PATCH 04/23] xsm/flask: add domain relabel support
    [PATCH 05/23] libxl: introduce XSM relabel on build
    [PATCH 06/23] flask/policy: Add domain relabel example
    [PATCH 08/23] xsm/flask: Add checks on the domain performing the

Preparatory new functions/hooks:
    [PATCH 03/23] xen: Add versions of rcu_lock_*_domain without IS_PRIV
    [PATCH 07/23] arch/x86: add distinct XSM hooks for map/unmap
    [PATCH 13/23] xen: lock target domain in do_domctl common code

IS_PRIV Refactoring:
    [PATCH 09/23] xsm: Use the dummy XSM module if XSM is disabled
    [PATCH 10/23] xen: use XSM instead of IS_PRIV where duplicated
    [PATCH 11/23] xen: avoid calling rcu_lock_*target_domain when an XSM
    [PATCH 12/23] arch/x86: convert platform_hypercall to use XSM
    [PATCH 14/23] xen: convert do_domctl to use XSM
    [PATCH 15/23] xen: convert do_sysctl to use XSM

Additional new/updated hooks:
    [PATCH 16/23] xsm/flask: add missing hooks
    [PATCH 17/23] xsm/flask: add distinct SIDs for self/target access
    [PATCH 18/23] arch/x86: Add missing mem_sharing XSM hooks
    [PATCH 19/23] arch/x86: check remote MMIO remap permissions
    [PATCH 20/23] arch/x86: use XSM hooks for get_pg_owner access checks
    [PATCH 21/23] xen: Add XSM hook for XENMEM_exchange
    [PATCH 22/23] tmem: add XSM hooks
    [PATCH 23/23] xen/arch/*: add struct domain parameter to arch_do_domctl

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- [Xen-devel] [PATCH 22/23] tmem: add XSM hooks
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 21/23] xen: Add XSM hook for XENMEM_exchange
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 17/23] xsm/flask: add distinct SIDs for self/target access
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 11/23] xen: avoid calling rcu_lock_*target_domain when an XSM hook exists
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 12/23] arch/x86: convert platform_hypercall to use XSM
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 14/23] xen: convert do_domctl to use XSM
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 23/23] xen/arch/*: add struct domain parameter to arch_do_domctl
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 10/23] xen: use XSM instead of IS_PRIV where duplicated
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 08/23] xsm/flask: Add checks on the domain performing the set_target operation
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 20/23] arch/x86: use XSM hooks for get_pg_owner access checks
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 18/23] arch/x86: Add missing mem_sharing XSM hooks
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 03/23] xen: Add versions of rcu_lock_*_domain without IS_PRIV checks
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 19/23] arch/x86: check remote MMIO remap permissions
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 15/23] xen: convert do_sysctl to use XSM
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 13/23] xen: lock target domain in do_domctl common code
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 09/23] xsm: Use the dummy XSM module if XSM is disabled
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 16/23] xsm/flask: add missing hooks
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 07/23] arch/x86: add distinct XSM hooks for map/unmap
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 01/23] xsm/flask: remove inherited class attributes
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 06/23] flask/policy: Add domain relabel example
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 05/23] libxl: introduce XSM relabel on build
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 04/23] xsm/flask: add domain relabel support
  - From: Daniel De Graaf
- [Xen-devel] [PATCH 02/23] xsm/flask: remove unneeded create_sid field
  - From: Daniel De Graaf

Prev by Date: [Xen-devel] [PATCH 09/23] xsm: Use the dummy XSM module if XSM is disabled
Next by Date: [Xen-devel] [PATCH 13/23] xen: lock target domain in do_domctl common code
Previous by thread: [Xen-devel] Xen PCI passthru supported reset methods (d3d0, FLR, bus reset, link reset)
Next by thread: [Xen-devel] [PATCH 02/23] xsm/flask: remove unneeded create_sid field
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.