 Home |
Products |
Support |
Community |
News |
xen-devel
Re: [Xen-devel] PATCH: makes acm_setup arch independant
| To: | Tristan Gingold <Tristan.Gingold@xxxxxxxx> |
|---|---|
| Subject: | Re: [Xen-devel] PATCH: makes acm_setup arch independant |
| From: | Stefan Berger <stefanb@xxxxxxxxxx> |
| Date: | Wed, 6 Sep 2006 15:49:36 -0400 |
| Cc: | xen-ppc-devel@xxxxxxxxxxxxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxx, hollisb@xxxxxxxxxx, xen-ia64-devel@xxxxxxxxxxxxxxxxxxx |
| Delivery-date: | Wed, 06 Sep 2006 12:50:13 -0700 |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxx |
| In-reply-to: | <200609051010.51781.Tristan.Gingold@xxxxxxxx> |
| List-help: | <mailto:xen-devel-request@lists.xensource.com?subject=help> |
| List-id: | Xen developer discussion <xen-devel.lists.xensource.com> |
| List-post: | <mailto:xen-devel@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
| Sender: | xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
|
xen-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 09/05/2006 04:10:51 AM: > Hi, > > the acm_setup code use a multiboot descriptor to extract the policy module. > Because multiboot is not used on every platform, I slightly changed the > interface: acm_setup now use buffer/len arguments. > The module extraction code is moved to arch/x86/setup.c > > I have just tested this code on ia64. Does 'tested' mean that it compiles on ia64 or does it 'work' and you can boot with an ACM policy on ia64? In the latter case I would say that there's some ia64-specific code missing in the patch. A minor issue is whether as much as possible of the ACM-specific code should be kept inside the acm directory and we use #ifdefs like #if defined(__i386__) #if defined(__x86_64__) to compile architecture-specific functions there, or whether functions like the extract_acm_policy below should be surrounded by #ifdef ACM_SECURITY and they can stay inside the architecture-specific code. The assumption would be that no one boots with an ACM policy if the compile time option ACM_SECURITY was not set. Thoughts? Stefan > The code compiles on x86 but I am unable to test it. > > I have also fixed the alignment issue in acm_dump_policy_reference (ia64 > doesn't like unaligned accesses). And yes there is a memset to avoid > garbage. > > > Tristan. diff -r 31e9909a7221 -r 37c90a210d71 xen/arch/x86/setup.c --- a/xen/arch/x86/setup.c Tue Sep 05 07:38:00 2006 +0200 +++ b/xen/arch/x86/setup.c Tue Sep 05 07:48:49 2006 +0200 @@ -203,6 +203,55 @@ static void __init percpu_free_unused_ar #endif } +/* Fecth acm policy module from multiboot modules. */ +static void +extract_acm_policy(multiboot_info_t *mbi, + unsigned int *initrdidx, + char **_policy_start, unsigned long *_policy_len) +{ + int i; + module_t *mod = (module_t *)__va(mbi->mods_addr); + + if ( mbi->mods_count > 1 ) + *initrdidx = 1; + + /* + * Try all modules and see whichever could be the binary policy. + * Adjust the initrdidx if module[1] is the binary policy. + */ + for ( i = mbi->mods_count-1; i >= 1; i-- ) + { + unsigned long start; + char *policy_start; + unsigned long policy_len; + + start = initial_images_start + (mod[i].mod_start-mod[0].mod_start); +#if defined(__i386__) + policy_start = (char *)start; +#elif defined(__x86_64__) + policy_start = __va(start); +#endif + policy_len = mod[i].mod_end - mod[i].mod_start; + if ( acm_is_policy(policy_start, policy_len) ) + { + printf("Policy len 0x%lx, start at %p - module %d.\n", + policy_len, policy_start, i); + *_policy_start = policy_start; + *_policy_len = policy_len; + if ( i == 1 ) + { + if (mbi->mods_count > 2) + *initrdidx = 2; + else + *initrdidx = 0; + } + else + *initrdidx = 1; + break; + } + } +} + static void __init init_idle_domain(void) { struct domain *idle_domain; @@ -225,6 +274,8 @@ void __init __start_xen(multiboot_info_t char __cmdline[] = "", *cmdline = __cmdline; unsigned long _initrd_start = 0, _initrd_len = 0; unsigned int initrdidx = 1; + char *_policy_start = NULL; + unsigned long _policy_len = 0; module_t *mod = (module_t *)__va(mbi->mods_addr); unsigned long nr_pages, modules_length; paddr_t s, e; @@ -559,8 +610,11 @@ void __init __start_xen(multiboot_info_t if ( opt_watchdog ) watchdog_enable(); + /* Extract policy from multiboot. */ + extract_acm_policy(mbi, &initrdidx, &_policy_start, &_policy_len); + /* initialize access control security module */ - acm_init(&initrdidx, mbi, initial_images_start); + acm_init(_policy_start, _policy_len); /* Create initial domain 0. */ dom0 = domain_create(0); diff -r 31e9909a7221 -r 37c90a210d71 xen/include/acm/acm_hooks.h --- a/xen/include/acm/acm_hooks.h Tue Sep 05 07:38:00 2006 +0200 +++ b/xen/include/acm/acm_hooks.h Tue Sep 05 07:48:49 2006 +0200 @@ -369,9 +369,11 @@ static inline int acm_sharing(ssidref_t return ACM_ACCESS_PERMITTED; } -extern int acm_init(unsigned int *initrdidx, - const multiboot_info_t *mbi, - unsigned long start); + +extern int acm_init(char *policy_start, unsigned long policy_len); + +/* Return true iff buffer has an acm policy magic number. */ +extern int acm_is_policy(char *buf, unsigned long len); #endif _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [Xen-devel] [RFC PATCH] allow connecting to xenconsole from remote hosts, Keir Fraser |
|---|---|
| Next by Date: | Re: [Xen-devel] PATCH: makes acm_setup arch independant, Hollis Blanchard |
| Previous by Thread: | Re: [Xen-devel] PATCH: makes acm_setup arch independant, Hollis Blanchard |
| Next by Thread: | Re: [Xen-devel] PATCH: makes acm_setup arch independant, Hollis Blanchard |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
