[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 18/23] arch/x86: Add missing mem_sharing XSM hooks
Cc'ing Joe, the author of the original check I'm talking about below. At 11:23 -0400 on 17 Sep (1347881020), Daniel De Graaf wrote: > diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c > index 24e2d93..7062f02 100644 > --- a/xen/arch/x86/domctl.c > +++ b/xen/arch/x86/domctl.c > @@ -1447,10 +1447,8 @@ long arch_do_domctl( > d = rcu_lock_domain_by_id(domctl->domain); > if ( d != NULL ) > { > - ret = xsm_mem_event(d); > - if ( !ret ) > - ret = mem_event_domctl(d, &domctl->u.mem_event_op, > - guest_handle_cast(u_domctl, void)); > + ret = mem_event_domctl(d, &domctl->u.mem_event_op, > + guest_handle_cast(u_domctl, void)); > rcu_unlock_domain(d); > copy_to_guest(u_domctl, domctl, 1); > } > @@ -1506,7 +1504,7 @@ long arch_do_domctl( > d = rcu_lock_domain_by_id(domctl->domain); > if ( d != NULL ) > { > - ret = xsm_mem_event(d); > + ret = xsm_mem_event_setup(d); > if ( !ret ) { > p2m = p2m_get_hostp2m(d); > p2m->access_required = > domctl->u.access_required.access_required; [...] > diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h > index 626a332..5fb0afe 100644 > --- a/xen/include/xsm/dummy.h > +++ b/xen/include/xsm/dummy.h > @@ -551,16 +551,37 @@ static XSM_DEFAULT(int, hvm_inject_msi) (struct domain > *d) > return 0; > } > > -static XSM_DEFAULT(int, mem_event) (struct domain *d) > +static XSM_DEFAULT(int, mem_event_setup) (struct domain *d) > { > return 0; > } I think this ought to be at least IS_PRIV_FOR. I can see the original code allowed all callers to use it, but surely it ought to be only for the tools. Since only the tools can actually set the mem-access rights (and so this is pretty much a noop) I don't think this causes any substantial problem but we might as well adjust it anyway. Tim. > +static XSM_DEFAULT(int, mem_event_control) (struct domain *d, int mode, int > op) > +{ > + if ( !IS_PRIV(current->domain) ) > + return -EPERM; > + return 0; > +} > + > +static XSM_DEFAULT(int, mem_event_op) (struct domain *d, int op) > +{ > + if ( !IS_PRIV_FOR(current->domain, d) ) > + return -EPERM; > + return 0; > +} > + > static XSM_DEFAULT(int, mem_sharing) (struct domain *d) > { > return 0; > } > > +static XSM_DEFAULT(int, mem_sharing_op) (struct domain *d, struct domain > *cd, int op) > +{ > + if ( !IS_PRIV_FOR(current->domain, cd) ) > + return -EPERM; > + return 0; > +} > + > static XSM_DEFAULT(int, apic) (struct domain *d, int cmd) > { > if ( !IS_PRIV(d) ) > diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h > index 96e4b13..c08a664 100644 > --- a/xen/include/xsm/xsm.h > +++ b/xen/include/xsm/xsm.h > @@ -151,8 +151,11 @@ struct xsm_operations { > int (*hvm_set_isa_irq_level) (struct domain *d); > int (*hvm_set_pci_link_route) (struct domain *d); > int (*hvm_inject_msi) (struct domain *d); > - int (*mem_event) (struct domain *d); > + int (*mem_event_setup) (struct domain *d); > + int (*mem_event_control) (struct domain *d, int mode, int op); > + int (*mem_event_op) (struct domain *d, int op); > int (*mem_sharing) (struct domain *d); > + int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op); > int (*apic) (struct domain *d, int cmd); > int (*xen_settime) (void); > int (*memtype) (uint32_t access); > @@ -663,9 +666,19 @@ static inline int xsm_hvm_inject_msi (struct domain *d) > return xsm_ops->hvm_inject_msi(d); > } > > -static inline int xsm_mem_event (struct domain *d) > +static inline int xsm_mem_event_setup (struct domain *d) > { > - return xsm_ops->mem_event(d); > + return xsm_ops->mem_event_setup(d); > +} > + > +static inline int xsm_mem_event_control (struct domain *d, int mode, int op) > +{ > + return xsm_ops->mem_event_control(d, mode, op); > +} > + > +static inline int xsm_mem_event_op (struct domain *d, int op) > +{ > + return xsm_ops->mem_event_op(d, op); > } > > static inline int xsm_mem_sharing (struct domain *d) > @@ -673,6 +686,11 @@ static inline int xsm_mem_sharing (struct domain *d) > return xsm_ops->mem_sharing(d); > } > > +static inline int xsm_mem_sharing_op (struct domain *d, struct domain *cd, > int op) > +{ > + return xsm_ops->mem_sharing_op(d, cd, op); > +} > + > static inline int xsm_apic (struct domain *d, int cmd) > { > return xsm_ops->apic(d, cmd); > diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c > index 43e8617..3926b2b 100644 > --- a/xen/xsm/dummy.c > +++ b/xen/xsm/dummy.c > @@ -135,8 +135,11 @@ void xsm_fixup_ops (struct xsm_operations *ops) > set_to_dummy_if_null(ops, hvm_set_isa_irq_level); > set_to_dummy_if_null(ops, hvm_set_pci_link_route); > set_to_dummy_if_null(ops, hvm_inject_msi); > - set_to_dummy_if_null(ops, mem_event); > + set_to_dummy_if_null(ops, mem_event_setup); > + set_to_dummy_if_null(ops, mem_event_control); > + set_to_dummy_if_null(ops, mem_event_op); > set_to_dummy_if_null(ops, mem_sharing); > + set_to_dummy_if_null(ops, mem_sharing_op); > set_to_dummy_if_null(ops, apic); > set_to_dummy_if_null(ops, xen_settime); > set_to_dummy_if_null(ops, memtype); > diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c > index a242d65..65db2b7 100644 > --- a/xen/xsm/flask/hooks.c > +++ b/xen/xsm/flask/hooks.c > @@ -1277,7 +1277,17 @@ static int flask_hvm_inject_msi(struct domain *d) > return current_has_perm(d, SECCLASS_HVM, HVM__SEND_IRQ); > } > > -static int flask_mem_event(struct domain *d) > +static int flask_mem_event_setup(struct domain *d) > +{ > + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); > +} > + > +static int flask_mem_event_control(struct domain *d, int mode, int op) > +{ > + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); > +} > + > +static int flask_mem_event_op(struct domain *d, int op) > { > return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); > } > @@ -1287,6 +1297,14 @@ static int flask_mem_sharing(struct domain *d) > return current_has_perm(d, SECCLASS_HVM, HVM__MEM_SHARING); > } > > +static int flask_mem_sharing_op(struct domain *d, struct domain *cd, int op) > +{ > + int rc = current_has_perm(cd, SECCLASS_HVM, HVM__MEM_SHARING); > + if ( rc ) > + return rc; > + return domain_has_perm(d, cd, SECCLASS_HVM, HVM__SHARE_MEM); > +} > + > static int flask_apic(struct domain *d, int cmd) > { > u32 perm; > @@ -1736,8 +1754,11 @@ static struct xsm_operations flask_ops = { > .hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level, > .hvm_set_pci_link_route = flask_hvm_set_pci_link_route, > .hvm_inject_msi = flask_hvm_inject_msi, > - .mem_event = flask_mem_event, > + .mem_event_setup = flask_mem_event_setup, > + .mem_event_control = flask_mem_event_control, > + .mem_event_op = flask_mem_event_op, > .mem_sharing = flask_mem_sharing, > + .mem_sharing_op = flask_mem_sharing_op, > .apic = flask_apic, > .xen_settime = flask_xen_settime, > .memtype = flask_memtype, > diff --git a/xen/xsm/flask/include/av_perm_to_string.h > b/xen/xsm/flask/include/av_perm_to_string.h > index 894910c..186f1fa 100644 > --- a/xen/xsm/flask/include/av_perm_to_string.h > +++ b/xen/xsm/flask/include/av_perm_to_string.h > @@ -84,6 +84,7 @@ > S_(SECCLASS_HVM, HVM__MEM_SHARING, "mem_sharing") > S_(SECCLASS_HVM, HVM__AUDIT_P2M, "audit_p2m") > S_(SECCLASS_HVM, HVM__SEND_IRQ, "send_irq") > + S_(SECCLASS_HVM, HVM__SHARE_MEM, "share_mem") > S_(SECCLASS_EVENT, EVENT__BIND, "bind") > S_(SECCLASS_EVENT, EVENT__SEND, "send") > S_(SECCLASS_EVENT, EVENT__STATUS, "status") > diff --git a/xen/xsm/flask/include/av_permissions.h > b/xen/xsm/flask/include/av_permissions.h > index 1bdb515..b3831f6 100644 > --- a/xen/xsm/flask/include/av_permissions.h > +++ b/xen/xsm/flask/include/av_permissions.h > @@ -87,6 +87,7 @@ > #define HVM__MEM_SHARING 0x00001000UL > #define HVM__AUDIT_P2M 0x00002000UL > #define HVM__SEND_IRQ 0x00004000UL > +#define HVM__SHARE_MEM 0x00008000UL > > #define EVENT__BIND 0x00000001UL > #define EVENT__SEND 0x00000002UL > -- > 1.7.11.4 > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@xxxxxxxxxxxxx > http://lists.xen.org/xen-devel _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |