WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-changelog

[Xen-changelog] [xen-unstable] xsm: Add support for HVMOP_track_dirty_vr

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] xsm: Add support for HVMOP_track_dirty_vram.
From: Xen patchbot-unstable <patchbot@xxxxxxx>
Date: Fri, 11 Nov 2011 04:33:36 +0000
Delivery-date: Thu, 10 Nov 2011 20:39:45 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User Jean Guyader <jean.guyader@xxxxxxxxxxxxx>
# Date 1320781307 0
# Node ID fb1b32c9d03dfa5af4014688556a97805b118ac9
# Parent  2af5bfbc9fdee08af184d9dfc48c368619719e0f
xsm: Add support for HVMOP_track_dirty_vram.

Xen try to inforce the xsm policy when a HVMOP_track_dirty_vram
is received (xen/arch/x86/hvm/hvm.c:3637). It was failing because
in flask_hvmcontext, xsm didn't have any case for this operation.

Signed-off-by: Jean Guyader <jean.guyader@xxxxxxxxxxxxx>
Committed-by: Keir Fraser <keir@xxxxxxx>
---


diff -r 2af5bfbc9fde -r fb1b32c9d03d 
tools/flask/policy/policy/flask/access_vectors
--- a/tools/flask/policy/policy/flask/access_vectors    Tue Nov 08 19:35:42 
2011 +0000
+++ b/tools/flask/policy/policy/flask/access_vectors    Tue Nov 08 19:41:47 
2011 +0000
@@ -90,6 +90,7 @@
     pciroute
        bind_irq
        cacheattr
+    trackdirtyvram
 }
 
 class event
diff -r 2af5bfbc9fde -r fb1b32c9d03d 
tools/flask/policy/policy/modules/xen/xen.if
--- a/tools/flask/policy/policy/modules/xen/xen.if      Tue Nov 08 19:35:42 
2011 +0000
+++ b/tools/flask/policy/policy/modules/xen/xen.if      Tue Nov 08 19:41:47 
2011 +0000
@@ -22,7 +22,7 @@
 
################################################################################
 define(`create_hvm_dom', `
        create_domain($1, $2, $3)
-       allow $1 $2:hvm { setparam getparam cacheattr pciroute irqlevel 
pcilevel };
+       allow $1 $2:hvm { setparam getparam cacheattr pciroute irqlevel 
pcilevel trackdirtyvram };
        allow $2 $2:hvm setparam;
 ')     
 
diff -r 2af5bfbc9fde -r fb1b32c9d03d xen/xsm/flask/hooks.c
--- a/xen/xsm/flask/hooks.c     Tue Nov 08 19:35:42 2011 +0000
+++ b/xen/xsm/flask/hooks.c     Tue Nov 08 19:41:47 2011 +0000
@@ -816,6 +816,9 @@
     case XEN_DOMCTL_gethvmcontext_partial:
         perm = HVM__GETHVMC;
         break;
+    case HVMOP_track_dirty_vram:
+        perm = HVM__TRACKDIRTYVRAM;
+        break;
     default:
         return -EPERM;
     }
diff -r 2af5bfbc9fde -r fb1b32c9d03d xen/xsm/flask/include/av_perm_to_string.h
--- a/xen/xsm/flask/include/av_perm_to_string.h Tue Nov 08 19:35:42 2011 +0000
+++ b/xen/xsm/flask/include/av_perm_to_string.h Tue Nov 08 19:41:47 2011 +0000
@@ -56,6 +56,7 @@
    S_(SECCLASS_HVM, HVM__GETHVMC, "gethvmc")
    S_(SECCLASS_HVM, HVM__SETPARAM, "setparam")
    S_(SECCLASS_HVM, HVM__GETPARAM, "getparam")
+   S_(SECCLASS_HVM, HVM__TRACKDIRTYVRAM, "trackdirtyvram")
    S_(SECCLASS_HVM, HVM__PCILEVEL, "pcilevel")
    S_(SECCLASS_HVM, HVM__IRQLEVEL, "irqlevel")
    S_(SECCLASS_HVM, HVM__PCIROUTE, "pciroute")
diff -r 2af5bfbc9fde -r fb1b32c9d03d xen/xsm/flask/include/av_permissions.h
--- a/xen/xsm/flask/include/av_permissions.h    Tue Nov 08 19:35:42 2011 +0000
+++ b/xen/xsm/flask/include/av_permissions.h    Tue Nov 08 19:41:47 2011 +0000
@@ -63,6 +63,7 @@
 #define HVM__PCIROUTE                             0x00000040UL
 #define HVM__BIND_IRQ                             0x00000080UL
 #define HVM__CACHEATTR                            0x00000100UL
+#define HVM__TRACKDIRTYVRAM                       0x00000200UL
 
 #define EVENT__BIND                               0x00000001UL
 #define EVENT__SEND                               0x00000002UL

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] xsm: Add support for HVMOP_track_dirty_vram., Xen patchbot-unstable <=