Xen project Mailing List

Re: [Xen-devel] [RFC 09/14] xen/xsm: flask: MSI is PCI specific

To: Julien Grall <julien.grall@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx

From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>

Date: Thu, 13 Mar 2014 10:34:00 -0400

Cc: stefano.stabellini@xxxxxxxxxx, tim@xxxxxxx, ian.campbell@xxxxxxxxxx

Delivery-date: Thu, 13 Mar 2014 14:35:03 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 03/12/2014 12:16 PM, Julien Grall wrote:

MSI is not yet support on ARM and will break the compilation when XSM_ENABLE=y.

Signed-off-by: Julien Grall <julien.grall@xxxxxxxxxx>
Cc: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>

I am assuming that IRQs on ARM are generally allocated in a static manner for a given board, so that a security policy based on their numeric values would be effective. If IRQs above nr_static_irqs are dynamic as on x86, it may be necessary to resolve them in some way. Since this resolution would naturally be split into a separate patch, in either case this patch is Acked-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>

---
  xen/xsm/flask/hooks.c |   72 +++++++++++++++++++++++++++++++++++--------------
  1 file changed, 52 insertions(+), 20 deletions(-)

diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 65343f3..56c7645 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -19,7 +19,9 @@
  #include <xen/errno.h>
  #include <xen/guest_access.h>
  #include <xen/xenoprof.h>
+#ifdef HAS_PCI
  #include <asm/msi.h>
+#endif
  #include <public/xen.h>
  #include <public/physdev.h>
  #include <public/platform.h>
@@ -100,7 +102,6 @@ static int domain_has_xen(struct domain *d, u32 perms)

  static int get_irq_sid(int irq, u32 *sid, struct avc_audit_data *ad)
  {
-    struct irq_desc *desc = irq_to_desc(irq);
      if ( irq >= nr_irqs || irq < 0 )
          return -EINVAL;
      if ( irq < nr_static_irqs ) {
@@ -110,15 +111,21 @@ static int get_irq_sid(int irq, u32 *sid, struct 
avc_audit_data *ad)
          }
          return security_irq_sid(irq, sid);
      }
-    if ( desc->msi_desc && desc->msi_desc->dev ) {
-        struct pci_dev *dev = desc->msi_desc->dev;
-        u32 sbdf = (dev->seg << 16) | (dev->bus << 8) | dev->devfn;
-        if (ad) {
-            AVC_AUDIT_DATA_INIT(ad, DEV);
-            ad->device = sbdf;
+#ifdef HAS_PCI
+    {
+        struct irq_desc *desc = irq_to_desc(irq);
+        if ( desc->msi_desc && desc->msi_desc->dev ) {
+            struct pci_dev *dev = desc->msi_desc->dev;
+            u32 sbdf = (dev->seg << 16) | (dev->bus << 8) | dev->devfn;
+            if (ad) {
+                AVC_AUDIT_DATA_INIT(ad, DEV);
+                ad->device = sbdf;
+            }
+            return security_device_sid(sbdf, sid);
          }
-        return security_device_sid(sbdf, sid);
      }
+#endif
+
      if (ad) {
          AVC_AUDIT_DATA_INIT(ad, IRQ);
          ad->irq = irq;
@@ -825,21 +832,34 @@ static int flask_map_domain_pirq (struct domain *d)
      return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD);
  }

+static int flask_map_domain_msi (struct domain *d, int irq, void *data,
+                                 u32 *sid, struct avc_audit_data *ad)
+{
+#ifdef HAS_PCI
+    struct msi_info *msi = data;
+
+    u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn;
+    AVC_AUDIT_DATA_INIT(ad, DEV);
+    ad->device = machine_bdf;
+
+    return security_device_sid(machine_bdf, sid);
+#else
+    return -EINVAL;
+#endif
+}
+
  static int flask_map_domain_irq (struct domain *d, int irq, void *data)
  {
      u32 sid, dsid;
      int rc = -EPERM;
-    struct msi_info *msi = data;
      struct avc_audit_data ad;

-    if ( irq >= nr_static_irqs && msi ) {
-        u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn;
-        AVC_AUDIT_DATA_INIT(&ad, DEV);
-        ad.device = machine_bdf;
-        rc = security_device_sid(machine_bdf, &sid);
+    if ( irq >= nr_static_irqs && data ) {
+        rc = flask_map_domain_msi(d, irq, data, &sid, &ad);
      } else {
          rc = get_irq_sid(irq, &sid, &ad);
      }
+
      if ( rc )
          return rc;

@@ -858,18 +878,30 @@ static int flask_unmap_domain_pirq (struct domain *d)
      return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE);
  }

+static int flask_unmap_domain_msi (struct domain *d, int irq, void *data,
+                                   u32 *sid, struct avc_audit_data *ad)
+{
+#ifdef HAS_PCI
+    struct msi_info *msi = data;
+    u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn;
+
+    AVC_AUDIT_DATA_INIT(ad, DEV);
+    ad->device = machine_bdf;
+
+    return security_device_sid(machine_bdf, sid);
+#else
+    return -EINVAL;
+#endif
+}
+
  static int flask_unmap_domain_irq (struct domain *d, int irq, void *data)
  {
      u32 sid;
      int rc = -EPERM;
-    struct msi_info *msi = data;
      struct avc_audit_data ad;

-    if ( irq >= nr_static_irqs && msi ) {
-        u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn;
-        AVC_AUDIT_DATA_INIT(&ad, DEV);
-        ad.device = machine_bdf;
-        rc = security_device_sid(machine_bdf, &sid);
+    if ( irq >= nr_static_irqs && data ) {
+        rc = flask_unmap_domain_msi(d, irq, data, &sid, &ad);
      } else {
          rc = get_irq_sid(irq, &sid, &ad);
      }

-- Daniel De Graaf National Security Agency _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.