This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] Re: [Xen-staging] [xen-unstable] Xen Security Modules: XSM

To: Alex Williamson <alex.williamson@xxxxxx>
Subject: [Xen-devel] Re: [Xen-staging] [xen-unstable] Xen Security Modules: XSM
From: "George S. Coker, II" <gscoker@xxxxxxxxxxxxxx>
Date: Tue, 04 Sep 2007 13:22:27 -0400
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx, Keir Fraser <keir@xxxxxxxxxxxxx>
Delivery-date: Wed, 05 Sep 2007 08:11:42 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <1188914841.6716.10.camel@bling>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <200708311022.l7VAMLno003138@xxxxxxxxxxxxxxxxxxxxxxx> <1188914841.6716.10.camel@bling>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
On Tue, 2007-09-04 at 08:07 -0600, Alex Williamson wrote:
> On Fri, 2007-08-31 at 11:22 +0100, Xen staging patchbot-unstable wrote:
> > diff -r 0f196e11a143 -r 96f64f4c42f0 xen/include/xsm/xsm.h
> > --- /dev/null   Thu Jan 01 00:00:00 1970 +0000
> > +++ b/xen/include/xsm/xsm.h     Fri Aug 31 11:21:35 2007 +0100
> ...
> > +    int (*update_va_mapping) (struct domain *d, l1_pgentry_t pte);
> ...
> > +static inline int xsm_update_va_mapping(struct domain *d,
> > l1_pgentry_t pte)
> > +{
> > +    return xsm_call(update_va_mapping(d, pte));
> > +}
>    Shouldn't we be using a more opaque type here?  l1_pgentry_t is
> rather arch specific.  The implementation of update_va_mapping() in
> flask is also very x86 centric.  Thanks,

For the moment, I would say no since this hook is in the
do_update_va_mapping hypercall which currently exists only in the x86
bits of xen.  The flask module and XSM code are also bounded by ifdefs,
so for non-x86 archs it is not included.  Should other archs ever
develop equivalent funcs, I'd be happy to update this hook to a more
generic interface to accommodate these archs and reduce the number of
arch specific hooks.


Xen-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>