[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3] Merge IS_PRIV checks into XSM hooks

On 09/13/2012 10:37 AM, Ian Jackson wrote:
> Daniel De Graaf writes ("[Xen-devel] [PATCH v3] Merge IS_PRIV checks into XSM 
> hooks"):
>> The ARM architecture is not touched at all in these patches; however,
>> none of the changes should affect ARM. XSM hooks will need to be added
>> for the arch-specific controls in order for FLASK to be useful on ARM,
>> but those changes are outside the scope of this series.
> 
> By "not useful" I guess you mean that it wouldn't have the desired
> security property.  Is there already something that will prevent
> attempts to use xsm on arm ?  The code which enforces this should
> ideally have a comment listing everything that was done to x86 but not
> to arm, so that we have a useful todo list and don't miss anything
> before enabling xsm on arm.
> 
> Ian.
> 

Correct, XSM itself should work (i.e. boot and not crash) on ARM, 
assuming there is support for loading a policy and the xsm_op hypercall
is wired up. The reason I noted that FLASK is not currently useful is
the lack of XSM hooks in various arch-specific functions (do_hvm_op and
arch_memory_op are the ones I have looked at). Adding these hooks
requires moving some of the definitions out of the #ifdef CONFIG_X86
blocks in the XSM code.

The ARM support in xen-unstable.h doesn't currently have any domctls or
sysctls defined; when it does, they will need to be added to the list of
hooks in flask_domctl/flask_sysctl with either an access check or a
pass-through due to the use of another hook. If not, they will trigger a
printk and be denied, so it's fairly easy to catch this.

Beyond the places where IS_PRIV is checked, FLASK hooks to control
access to hardware need to be added where there are ARM-specific
functions. For x86, this involved I/O ports, IRQ<->PIRQ mapping, and PCI
device access; some of these will apply to ARM if device passthrough is
supported there.

-- 
Daniel De Graaf
National Security Agency

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.