|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] xsm_remove_from_physmap is (so far) only defined for X86 architecture, not for ARM
On Tue, 15 Jan 2013, Ian Campbell wrote:
> From 469d20054b96b8bc749891c366659532b67d6031 Mon Sep 17 00:00:00 2001
> From: Ian Campbell <ian.campbell@xxxxxxxxxx>
> Date: Fri, 11 Jan 2013 16:44:14 +0000
> Subject: [PATCH] xen arm: add XSM hooks to arch_memory_op
>
> Treat XENMEM_add_to_physmap_range the same as XENMEM_add_to_physmap.
>
> Also conditionalise more x86-isms and add required headers such that
> it compiles on ARM. Totally untested.
>
> Reported-by: Lars Rasmusson <Lars.Rasmusson@xxxxxxx>
> Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
> Cc: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
the patch looks mostly to me
> diff --git a/xen/xsm/flask/flask_op.c b/xen/xsm/flask/flask_op.c
> index 4426ab9..f9b16f2 100644
> --- a/xen/xsm/flask/flask_op.c
> +++ b/xen/xsm/flask/flask_op.c
> @@ -10,9 +10,11 @@
>
> #include <xen/errno.h>
> #include <xen/event.h>
> +#include <xen/init.h>
> #include <xsm/xsm.h>
> #include <xen/guest_access.h>
>
> +#include <public/event_channel.h>
> #include <public/xsm/flask_op.h>
>
> #include <avc.h>
> @@ -71,7 +73,7 @@ static int domain_has_security(struct domain *d, u32 perms)
> perms, NULL);
> }
>
> -static int flask_copyin_string(XEN_GUEST_HANDLE_PARAM(char) u_buf, char
> **buf, uint32_t size)
> +static int flask_copyin_string(XEN_GUEST_HANDLE(char) u_buf, char **buf,
> uint32_t size)
> {
> char *tmp = xmalloc_bytes(size + 1);
> if ( !tmp )
this change is correct
> diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
> index ba67502..c39f129 100644
> --- a/xen/xsm/flask/hooks.c
> +++ b/xen/xsm/flask/hooks.c
> @@ -19,11 +19,15 @@
> #include <xen/errno.h>
> #include <xen/guest_access.h>
> #include <xen/xenoprof.h>
> +#ifdef CONFIG_X86
> #include <asm/msi.h>
> +#endif
> +#include <asm/irq.h>
> #include <public/xen.h>
> #include <public/physdev.h>
> #include <public/platform.h>
>
> +#include <public/event_channel.h>
> #include <public/xsm/flask_op.h>
>
> #include <avc.h>
> @@ -100,7 +104,9 @@ static int domain_has_xen(struct domain *d, u32 perms)
>
> static int get_irq_sid(int irq, u32 *sid, struct avc_audit_data *ad)
> {
> +#ifdef CONFIG_X86
> struct irq_desc *desc = irq_to_desc(irq);
> +#endif
> if ( irq >= nr_irqs || irq < 0 )
> return -EINVAL;
> if ( irq < nr_static_irqs ) {
> @@ -110,6 +116,7 @@ static int get_irq_sid(int irq, u32 *sid, struct
> avc_audit_data *ad)
> }
> return security_irq_sid(irq, sid);
> }
> +#ifdef CONFIG_X86
> if ( desc->msi_desc ) {
> struct pci_dev *dev = desc->msi_desc->dev;
> u32 sbdf = (dev->seg << 16) | (dev->bus << 8) | dev->devfn;
> @@ -119,6 +126,7 @@ static int get_irq_sid(int irq, u32 *sid, struct
> avc_audit_data *ad)
> }
> return security_device_sid(sbdf, sid);
> }
> +#endif
> if (ad) {
> AVC_AUDIT_DATA_INIT(ad, IRQ);
> ad->irq = irq;
> @@ -822,7 +830,9 @@ static int flask_map_domain_pirq (struct domain *d, int
> irq, void *data)
> {
> u32 sid, dsid;
> int rc = -EPERM;
> +#ifdef CONFIG_X86
> struct msi_info *msi = data;
> +#endif
> struct avc_audit_data ad;
>
> rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD);
> @@ -830,12 +840,17 @@ static int flask_map_domain_pirq (struct domain *d, int
> irq, void *data)
> if ( rc )
> return rc;
>
> - if ( irq >= nr_static_irqs && msi ) {
> +#ifdef CONFIG_X86
> + if ( irq >= nr_static_irqs && msi )
> + {
> u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn;
> AVC_AUDIT_DATA_INIT(&ad, DEV);
> ad.device = machine_bdf;
> rc = security_device_sid(machine_bdf, &sid);
> - } else {
> + }
> + else
> +#endif
> + {
> rc = get_irq_sid(irq, &sid, &ad);
> }
> if ( rc )
this part is a bit ugly, can we refactor the msi checks into separate,
arch specific, functions?
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |