|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH v1 03/19] xen/sysctl: wrap around XEN_SYSCTL_readconsole
Hi,
Ok, so readconsole is done here. I see how if you're also removing the console
handler for the sysctl that's a bit unwiledly to do in one go.
I think my earlier remarks still hold in terms of removal of else branches of
ifdefs.
On Wed Mar 12, 2025 at 4:06 AM GMT, Penny Zheng wrote:
> The following functions is to deal with XEN_SYSCTL_readconsole sub-op, and
> shall be wrapped:
> - xsm_readconsole
> - read_console_ring
>
> Signed-off-by: Penny Zheng <Penny.Zheng@xxxxxxx>
> ---
> xen/drivers/char/console.c | 2 ++
> xen/include/xen/console.h | 8 ++++++++
> xen/include/xsm/dummy.h | 11 ++++++++---
> xen/include/xsm/xsm.h | 11 ++++++++---
> xen/xsm/dummy.c | 2 +-
> xen/xsm/flask/hooks.c | 4 ++--
> 6 files changed, 29 insertions(+), 9 deletions(-)
>
> diff --git a/xen/drivers/char/console.c b/xen/drivers/char/console.c
> index 2f028c5d44..6e4f3c4659 100644
> --- a/xen/drivers/char/console.c
> +++ b/xen/drivers/char/console.c
> @@ -336,6 +336,7 @@ static void conring_puts(const char *str, size_t len)
> conringc = conringp - conring_size;
> }
>
> +#ifdef CONFIG_SYSCTL
> long read_console_ring(struct xen_sysctl_readconsole *op)
> {
> XEN_GUEST_HANDLE_PARAM(char) str;
> @@ -378,6 +379,7 @@ long read_console_ring(struct xen_sysctl_readconsole *op)
>
> return 0;
> }
> +#endif /* CONFIG_SYSCTL */
>
>
> /*
> diff --git a/xen/include/xen/console.h b/xen/include/xen/console.h
> index 83cbc9fbda..e7d5063d82 100644
> --- a/xen/include/xen/console.h
> +++ b/xen/include/xen/console.h
> @@ -7,12 +7,20 @@
> #ifndef __CONSOLE_H__
> #define __CONSOLE_H__
>
> +#include <xen/errno.h>
> #include <xen/inttypes.h>
> #include <xen/ctype.h>
> #include <public/xen.h>
>
> struct xen_sysctl_readconsole;
That forward declaration should probably be inside the ifdef
> +#ifdef CONFIG_SYSCTL
> long read_console_ring(struct xen_sysctl_readconsole *op);
> +#else
> +static inline long read_console_ring(struct xen_sysctl_readconsole *op)
> +{
> + return -EOPNOTSUPP;
> +}
> +#endif
This is only called from sysctl.c, which will be compiled out. Why is the else
needed?
>
> void console_init_preirq(void);
> void console_init_ring(void);
> diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
> index afc54a0b2f..35d084aca7 100644
> --- a/xen/include/xsm/dummy.h
> +++ b/xen/include/xsm/dummy.h
> @@ -186,18 +186,23 @@ static XSM_INLINE int cf_check
> xsm_sysctl(XSM_DEFAULT_ARG int cmd)
> XSM_ASSERT_ACTION(XSM_PRIV);
> return xsm_default_action(action, current->domain, NULL);
> }
> +
> +static XSM_INLINE int cf_check xsm_readconsole(XSM_DEFAULT_ARG uint32_t
> clear)
> +{
> + XSM_ASSERT_ACTION(XSM_HOOK);
> + return xsm_default_action(action, current->domain, NULL);
> +}
> #else
> static XSM_INLINE int cf_check xsm_sysctl(XSM_DEFAULT_ARG int cmd)
> {
> return -EOPNOTSUPP;
> }
> -#endif
>
> static XSM_INLINE int cf_check xsm_readconsole(XSM_DEFAULT_ARG uint32_t
> clear)
> {
> - XSM_ASSERT_ACTION(XSM_HOOK);
> - return xsm_default_action(action, current->domain, NULL);
> + return -EOPNOTSUPP;
> }
> +#endif /* CONFIG_SYSCTL */
>
> static XSM_INLINE int cf_check xsm_alloc_security_domain(struct domain *d)
> {
> diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
> index 276507b515..d322740de1 100644
> --- a/xen/include/xsm/xsm.h
> +++ b/xen/include/xsm/xsm.h
> @@ -62,8 +62,8 @@ struct xsm_ops {
> int (*domctl)(struct domain *d, unsigned int cmd, uint32_t ssidref);
> #ifdef CONFIG_SYSCTL
> int (*sysctl)(int cmd);
> -#endif
> int (*readconsole)(uint32_t clear);
> +#endif
>
> int (*evtchn_unbound)(struct domain *d, struct evtchn *chn, domid_t id2);
> int (*evtchn_interdomain)(struct domain *d1, struct evtchn *chn1,
> @@ -266,17 +266,22 @@ static inline int xsm_sysctl(xsm_default_t def, int cmd)
> {
> return alternative_call(xsm_ops.sysctl, cmd);
> }
> +
> +static inline int xsm_readconsole(xsm_default_t def, uint32_t clear)
> +{
> + return alternative_call(xsm_ops.readconsole, clear);
> +}
> #else
> static inline int xsm_sysctl(xsm_default_t def, int cmd)
> {
> return -EOPNOTSUPP;
> }
> -#endif
>
> static inline int xsm_readconsole(xsm_default_t def, uint32_t clear)
> {
> - return alternative_call(xsm_ops.readconsole, clear);
> + return -EOPNOTSUPP;
> }
> +#endif
>
> static inline int xsm_evtchn_unbound(
> xsm_default_t def, struct domain *d1, struct evtchn *chn, domid_t id2)
> diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
> index 0a5fc06bbf..4c97db0c48 100644
> --- a/xen/xsm/dummy.c
> +++ b/xen/xsm/dummy.c
> @@ -24,8 +24,8 @@ static const struct xsm_ops __initconst_cf_clobber
> dummy_ops = {
> .domctl = xsm_domctl,
> #ifdef CONFIG_SYSCTL
> .sysctl = xsm_sysctl,
> -#endif
> .readconsole = xsm_readconsole,
> +#endif
>
> .evtchn_unbound = xsm_evtchn_unbound,
> .evtchn_interdomain = xsm_evtchn_interdomain,
> diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
> index 7c5e7f5879..7c46657d97 100644
> --- a/xen/xsm/flask/hooks.c
> +++ b/xen/xsm/flask/hooks.c
> @@ -934,7 +934,6 @@ static int cf_check flask_sysctl(int cmd)
> return avc_unknown_permission("sysctl", cmd);
> }
> }
> -#endif
>
> static int cf_check flask_readconsole(uint32_t clear)
> {
> @@ -945,6 +944,7 @@ static int cf_check flask_readconsole(uint32_t clear)
>
> return domain_has_xen(current->domain, perms);
> }
> +#endif /* CONFIG_SYSCTL */
>
> static inline uint32_t resource_to_perm(uint8_t access)
> {
> @@ -1888,8 +1888,8 @@ static const struct xsm_ops __initconst_cf_clobber
> flask_ops = {
> .domctl = flask_domctl,
> #ifdef CONFIG_SYSCTL
> .sysctl = flask_sysctl,
> -#endif
> .readconsole = flask_readconsole,
> +#endif
>
> .evtchn_unbound = flask_evtchn_unbound,
> .evtchn_interdomain = flask_evtchn_interdomain,
Otherwise, same remarks as in the sysctl hooks for xsm.
Cheers,
Alejandro
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |