[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v12 11/14] flask/policy: allow domU to use previously-mapped I/O-memory

To: Arianna Avanzini <avanzini.arianna@xxxxxxxxx>
From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Date: Wed, 03 Sep 2014 10:45:18 -0400
Cc: julien.grall@xxxxxxxxxx, paolo.valente@xxxxxxxxxx, keir@xxxxxxx, stefano.stabellini@xxxxxxxxxxxxx, Ian.Jackson@xxxxxxxxxxxxx, dario.faggioli@xxxxxxxxxx, tim@xxxxxxx, xen-devel@xxxxxxxxxxxxx, Ian Campbell <Ian.Campbell@xxxxxxxxxxxxx>, etrudeau@xxxxxxxxxxxx, JBeulich@xxxxxxxx, andrew.cooper3@xxxxxxxxxx, viktor.kleinik@xxxxxxxxxxxxxxx, andrii.tseglytskyi@xxxxxxxxxxxxxxx
Delivery-date: Wed, 03 Sep 2014 14:45:46 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 09/03/2014 07:21 AM, Ian Campbell wrote:

On Sat, 2014-08-30 at 18:29 +0200, Arianna Avanzini wrote:

From: Andrii Tseglytskyi <andrii.tseglytskyi@xxxxxxxxxxxxxxx>

This commit allows the domU to access previously-mapped I/O-memory
even if XSM is enabled and FLASK is enforced.


CCing Daniel (XSM maintainer).

I think this is probably OK, but I'm no XSM expert.

(If I were writing the ocmmit message I would have said something like
"Update the example XSM policy to allow...")


The message Ian suggests is a bit clearer as to the effect of the patch.

Regarding the patch: at minimum, a domU should only need the permissions
defined by "use_device(domU_t, iomem_t)" to access mapped memory.  However,
it is preferred to label the IO memory being used instead of allowing access
to the default/fallback iomem_t.

The intention for handing pass-through devices with FLASK is to label the
device (either using the tool flask-label-pci or manually in the policy;
example lines for the latter are present and commented out).  The example
policy defines the type nic_dev_t as a device that is usable by domU_t, and
docs/misc/xsm-flask.txt has an example of flask-label-pci's use.

If you are actually only passing IO memory and not a PCI device, labeling
the IO memory range would be the preferred solution.  If you cannot label
it statically, a tool similar to flask-label-pci for memory will be needed -
something like "flask-label-resource <type> <start>-<end> <label>".  This
may be more common on ARM than on x86; I am not familiar with pass-through
on ARM, and the only non-PCI device on x86 that I have used pass-through on
is the TPM, which has a well-defined IO memory range.

--
Daniel De Graaf
National Security Agency

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v12 11/14] flask/policy: allow domU to use previously-mapped I/O-memory
  - From: Arianna Avanzini

References:
- Re: [Xen-devel] [PATCH v12 11/14] flask/policy: allow domU to use previously-mapped I/O-memory
  - From: Ian Campbell

Prev by Date: Re: [Xen-devel] [PATCH v12 10/14] xsm/flask: avoid spurious error messages when mapping I/O-memory
Next by Date: Re: [Xen-devel] [PATCH v1 1/4] xen: add real time scheduler rt
Previous by thread: Re: [Xen-devel] [PATCH v12 11/14] flask/policy: allow domU to use previously-mapped I/O-memory
Next by thread: Re: [Xen-devel] [PATCH v12 11/14] flask/policy: allow domU to use previously-mapped I/O-memory
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.