Xen project Mailing List

Re: [PATCH] xsm: refactor and optimize policy loading

From: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>

Date: Tue, 24 May 2022 13:58:33 -0400

Arc-authentication-results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@xxxxxxxxxxxxxxxxxxxx; dmarc=pass header.from=<dpsmith@xxxxxxxxxxxxxxxxxxxx>

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1653415213; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=A0NTTAo1SuOkAyNJpRscid4Uxwkm6A6JVfaNhMYraAc=; b=MBhQv8sUsuQCAM2OE+Y8tUVmg2TqUoKNrD0+Oo4+nOa9H4V9C0gKlBaAX9p+Cx6NLszCQynxCrePUjrBVZtDkI9pXw4VJ9Cy8ApKQHt1klWvEhAmFJ7Th7SLasv/zoWHSyp2C5ljclWJ0PmtktoIogf6hum3uCudBP5QbgVl5P4=

Arc-seal: i=1; a=rsa-sha256; t=1653415213; cv=none; d=zohomail.com; s=zohoarc; b=WBK6L3Nel+O6afU+R/ZpE0N5PK/NOQEv56faR79y+sm8o3HadX8Y30hZGQT2IHrhe4h9Z4CFmCK8Oe4h2d6pJLubUMmUt2eEW/zchNEIQfF63lGSz/ZlSqpg5K3ymGvnCFNvBRDWEcG6aKd1LmKGJ0L3rFteAQ5ggt49N2pSF7Q=

Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Scott Davis <scott.davis@xxxxxxxxxx>, christopher.clark@xxxxxxxxxx, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>

Delivery-date: Tue, 24 May 2022 18:00:17 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 5/24/22 12:17, Jason Andryuk wrote: > On Mon, May 23, 2022 at 11:40 AM Daniel P. Smith > <dpsmith@xxxxxxxxxxxxxxxxxxxx> wrote: >> >> It is possible to select a few different build configurations that results in >> the unnecessary walking of the boot module list looking for a policy module. >> This specifically occurs when the flask policy is enabled but either the >> dummy >> or the SILO policy is selected as the enforcing policy. This is not ideal for >> configurations like hyperlaunch and dom0less when there could be a number of >> modules to be walked or unnecessary device tree lookups >> >> This patch does two things, it moves all policy initialization logic under >> the >> xsm_XXXX_policy_init() functions and introduces the init_policy flag. The >> init_policy flag will be set based on which enforcing policy is selected and >> gates whether the boot modules should be checked for a policy file. > > I can see the use of init_policy to skip the search. (I'm not the > biggest fan of the name, need_policy/uses_policy/has_policy?, but > that's not a big deal). That part seems fine. Yep, I went through that and several other variations trying to find the one that would "read" best at the places it was set and checked. If anyone has a strong stance for a preferred naming, I have no objections. > I don't care for the movement of `policy_buffer = > xsm_flask_init_policy;` since it replaces the single location with two > locations. I prefer leaving the built-in policy fallback in > xsm_core_init since it is multiboot/devicetree agnostic. i.e. the > boot-method specific code passes a policy if it finds one, and > xsm_core_init can fallback to the built-in policy if none is supplied. > Since a built-in policy is flask specific, it could potentially be > pushed down in flask_init. > > Is there a need for the xsm_flask_init_policy movement I am missing? I would be willing to bet that the de-duplication is the reason it was initially done this way. But as I explained in the response to Jan, doing so means that xsm_XXXX_policy_init() will have to return success even if it did not successfully initialize the policy buffer. I considered making a static inline function to point the policy buffer at the built-in policy, but quickly walked back from it. The reason being is that it is not any real logic duplications, just two lines of variable setting. IMHO a single repeat of setting a pair of variables is better than the bifurcating of the policy buffer initialization. v/r, dps

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.