[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v4 1/2] xsm: create idle domain privileged and demote after setup
- To: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Tue, 26 Apr 2022 08:35:27 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qcCVFyv0cbzKV80b6CyuFDTdQsQeNKXTwHyhv2INAVE=; b=Y285KV6nbBG7YCafQFAJ/QeH5KGLV/JEw/7r58a/33RKfbfCmR0J/Z9onhsJuPnQqLhYGy6qbLl5/4r480H2FphyhIl8jOpRKAk83l4E2Z1btkcET+c+cOl+ClcCFNd8JyLWWiQQ61Bo+52I8mP8BhoH1P45WbUR+pFw4LB1ajYjrCBCRFadz4LYfDqhe3E1qgNW192VYVczsxOCM7X5IaDM0bqz678GGJ/VYP8N5fN7OuuoUjB48W2GtRzeMVm8LZfXQ7SWH4DvHJdvYtE9r8D9luWchKoJ0INNHBV74pudm7mo6jZw7i+CP1XbesO8uLrh2km9SwsxHaMrocAnVg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mr/V+WuMa/jZlQzFO4AL1ifw5fpXjI+HORwp0QX1O/0P/XfHvaBHp6IZwpX8IZHgz4MbsZfTJZKGsh7DZ0993Xf+WNE3+Cl3QK0tZjUIHaUEqjJnCFIvzHEKRavhBbzlLmp7igZvUrMCcl2MFfkMgRJJClwYpyyL3oGS5RwVe0+yhzHB2NumOOzO5CWac7wwl/UFflDVwbgiKV+QaEXDmcESmtCxz1MG/fZEgFtWHTmUKN2b3/qSU9lwtLJoCggJyeccf9CH2wUqOPefeRhLs1Zy4Mwic+7q8AyNPFSjLgXVqwTFcvDoLNumrHDk1RY/+s33MGuy5DYT9VL7wo2OSw==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
- Cc: scott.davis@xxxxxxxxxx, jandryuk@xxxxxxxxx, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Dario Faggioli <dfaggioli@xxxxxxxx>, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Wei Liu <wl@xxxxxxx>
- Delivery-date: Tue, 26 Apr 2022 06:36:00 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 25.04.2022 19:22, Daniel P. Smith wrote:
> --- a/xen/arch/x86/setup.c
> +++ b/xen/arch/x86/setup.c
> @@ -621,6 +621,9 @@ static void noreturn init_done(void)
> void *va;
> unsigned long start, end;
>
> + if ( xsm_set_system_active() != 0 )
> + panic("xsm: unable to set hypervisor to SYSTEM_ACTIVE privilege\n");
Roger did request that the panic() either also report the error
code, or that the function be returning bool. You did neither,
and your earlier verbal reply also didn't really respond to this
part of Roger's comments.
> --- a/xen/xsm/flask/hooks.c
> +++ b/xen/xsm/flask/hooks.c
> @@ -186,6 +186,26 @@ static int cf_check flask_domain_alloc_security(struct
> domain *d)
> return 0;
> }
>
> +static int cf_check flask_set_system_active(void)
> +{
> + struct domain *d = current->domain;
> +
> + if ( d->domain_id != DOMID_IDLE )
> + {
> + printk("xsm_set_system_active should only be called by idle
> domain\n");
> + return -EPERM;
> + }
> +
> + /*
> + * While is_privileged has no significant meaning under flask, set to
> false
> + * as there are times in hypervisor code privilege checks check this
> + * directly instead of going through XSM.
> + */
It feels as if there is "which" missing between "checks" and "check",
or something else (better fitting "as there are times"), without which
the sentence is a little hard to follow.
Jan
|
