[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] xsm_remove_from_physmap is (so far) only defined for X86 architecture, not for ARM
On Tue, 15 Jan 2013, Ian Campbell wrote: > From 469d20054b96b8bc749891c366659532b67d6031 Mon Sep 17 00:00:00 2001 > From: Ian Campbell <ian.campbell@xxxxxxxxxx> > Date: Fri, 11 Jan 2013 16:44:14 +0000 > Subject: [PATCH] xen arm: add XSM hooks to arch_memory_op > > Treat XENMEM_add_to_physmap_range the same as XENMEM_add_to_physmap. > > Also conditionalise more x86-isms and add required headers such that > it compiles on ARM. Totally untested. > > Reported-by: Lars Rasmusson <Lars.Rasmusson@xxxxxxx> > Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx> > Cc: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> the patch looks mostly to me > diff --git a/xen/xsm/flask/flask_op.c b/xen/xsm/flask/flask_op.c > index 4426ab9..f9b16f2 100644 > --- a/xen/xsm/flask/flask_op.c > +++ b/xen/xsm/flask/flask_op.c > @@ -10,9 +10,11 @@ > > #include <xen/errno.h> > #include <xen/event.h> > +#include <xen/init.h> > #include <xsm/xsm.h> > #include <xen/guest_access.h> > > +#include <public/event_channel.h> > #include <public/xsm/flask_op.h> > > #include <avc.h> > @@ -71,7 +73,7 @@ static int domain_has_security(struct domain *d, u32 perms) > perms, NULL); > } > > -static int flask_copyin_string(XEN_GUEST_HANDLE_PARAM(char) u_buf, char > **buf, uint32_t size) > +static int flask_copyin_string(XEN_GUEST_HANDLE(char) u_buf, char **buf, > uint32_t size) > { > char *tmp = xmalloc_bytes(size + 1); > if ( !tmp ) this change is correct > diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c > index ba67502..c39f129 100644 > --- a/xen/xsm/flask/hooks.c > +++ b/xen/xsm/flask/hooks.c > @@ -19,11 +19,15 @@ > #include <xen/errno.h> > #include <xen/guest_access.h> > #include <xen/xenoprof.h> > +#ifdef CONFIG_X86 > #include <asm/msi.h> > +#endif > +#include <asm/irq.h> > #include <public/xen.h> > #include <public/physdev.h> > #include <public/platform.h> > > +#include <public/event_channel.h> > #include <public/xsm/flask_op.h> > > #include <avc.h> > @@ -100,7 +104,9 @@ static int domain_has_xen(struct domain *d, u32 perms) > > static int get_irq_sid(int irq, u32 *sid, struct avc_audit_data *ad) > { > +#ifdef CONFIG_X86 > struct irq_desc *desc = irq_to_desc(irq); > +#endif > if ( irq >= nr_irqs || irq < 0 ) > return -EINVAL; > if ( irq < nr_static_irqs ) { > @@ -110,6 +116,7 @@ static int get_irq_sid(int irq, u32 *sid, struct > avc_audit_data *ad) > } > return security_irq_sid(irq, sid); > } > +#ifdef CONFIG_X86 > if ( desc->msi_desc ) { > struct pci_dev *dev = desc->msi_desc->dev; > u32 sbdf = (dev->seg << 16) | (dev->bus << 8) | dev->devfn; > @@ -119,6 +126,7 @@ static int get_irq_sid(int irq, u32 *sid, struct > avc_audit_data *ad) > } > return security_device_sid(sbdf, sid); > } > +#endif > if (ad) { > AVC_AUDIT_DATA_INIT(ad, IRQ); > ad->irq = irq; > @@ -822,7 +830,9 @@ static int flask_map_domain_pirq (struct domain *d, int > irq, void *data) > { > u32 sid, dsid; > int rc = -EPERM; > +#ifdef CONFIG_X86 > struct msi_info *msi = data; > +#endif > struct avc_audit_data ad; > > rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); > @@ -830,12 +840,17 @@ static int flask_map_domain_pirq (struct domain *d, int > irq, void *data) > if ( rc ) > return rc; > > - if ( irq >= nr_static_irqs && msi ) { > +#ifdef CONFIG_X86 > + if ( irq >= nr_static_irqs && msi ) > + { > u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn; > AVC_AUDIT_DATA_INIT(&ad, DEV); > ad.device = machine_bdf; > rc = security_device_sid(machine_bdf, &sid); > - } else { > + } > + else > +#endif > + { > rc = get_irq_sid(irq, &sid, &ad); > } > if ( rc ) this part is a bit ugly, can we refactor the msi checks into separate, arch specific, functions? _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |