|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH v5 20/28] HYPERCALL_version_op: Add VERSION_build_id to retrieve build-id.
The VERSION hypercall provides the flexibility to expose
the size of the build-id (so the callers can allocate the
proper size before trying to retrieve it). It also allows
in one nice swoop to retrieve the hypervisor build-id in the
provided buffer.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
---
Cc: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Cc: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
Cc: Wei Liu <wei.liu2@xxxxxxxxxx>
---
v4: New patch.
v5: Rebase - s/VERSION_OP/VERSION/
---
tools/flask/policy/policy/modules/xen/xen.te | 1 +
xen/common/kernel.c | 4 ++++
xen/include/public/version.h | 3 +++
xen/xsm/flask/hooks.c | 3 +++
xen/xsm/flask/policy/access_vectors | 2 ++
5 files changed, 13 insertions(+)
diff --git a/tools/flask/policy/policy/modules/xen/xen.te
b/tools/flask/policy/policy/modules/xen/xen.te
index 68ef6de..9ad5953 100644
--- a/tools/flask/policy/policy/modules/xen/xen.te
+++ b/tools/flask/policy/policy/modules/xen/xen.te
@@ -81,6 +81,7 @@ allow dom0_t xen_t:version {
xen_extraversion xen_compile_info xen_capabilities
xen_changeset xen_pagesize xen_guest_handle xen_commandline
extraversion capabilities changeset pagesize guest_handle commandline
+ build_id
};
allow dom0_t xen_t:mmu memorymap;
diff --git a/xen/common/kernel.c b/xen/common/kernel.c
index 5616c06..f0a5b04 100644
--- a/xen/common/kernel.c
+++ b/xen/common/kernel.c
@@ -475,6 +475,10 @@ DO(version_op)(unsigned int cmd,
XEN_GUEST_HANDLE_PARAM(void) arg,
ptr = saved_cmdline;
break;
+ case XEN_VERSION_build_id:
+ rc = xen_build_id(&ptr, &sz);
+ break;
+
default:
rc = -ENOSYS;
}
diff --git a/xen/include/public/version.h b/xen/include/public/version.h
index d71ec5b..5d5565a 100644
--- a/xen/include/public/version.h
+++ b/xen/include/public/version.h
@@ -155,6 +155,9 @@ DEFINE_XEN_GUEST_HANDLE(xen_version_op_val_t);
/* arg = char[]. Contains NUL terminated utf-8 string. */
#define XEN_VERSION_commandline 9
+/* arg = void. Contains binary value of hypervisor build-id. */
+#define XEN_VERSION_build_id 10
+
#endif /* __XEN_PUBLIC_VERSION_H__ */
/*
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 3ef0441..f3a2160 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1693,6 +1693,9 @@ static int flask_version_op (uint32_t op)
case XEN_VERSION_commandline:
return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_VERSION,
VERSION__COMMANDLINE, NULL);
+ case XEN_VERSION_build_id:
+ return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_VERSION,
+ VERSION__BUILD_ID, NULL);
default:
return -EPERM;
}
diff --git a/xen/xsm/flask/policy/access_vectors
b/xen/xsm/flask/policy/access_vectors
index 1c59b58..6e7888c 100644
--- a/xen/xsm/flask/policy/access_vectors
+++ b/xen/xsm/flask/policy/access_vectors
@@ -536,4 +536,6 @@ class version
guest_handle
# Xen command line.
commandline
+# Build id of the hypervisor
+ build_id
}
--
2.5.0
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |