All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] flask: Allow device model to raise PCI interrupts (pcilevel capability)
@ 2015-12-14 11:55 Ian Campbell
  2015-12-14 12:05 ` Ian Jackson
  2015-12-19  3:11 ` Wei Liu
  0 siblings, 2 replies; 5+ messages in thread
From: Ian Campbell @ 2015-12-14 11:55 UTC (permalink / raw)
  To: Daniel De Graaf; +Cc: wei.liu2, ian.jackson, Ian Campbell, xen-devel

Allows:

(XEN) avc:  denied  { pcilevel } for domid=2 target=1 scontext=system_u:system_r:dm_dom_t tcontext=system_u:system_r:domU_t_target tclass=hvm

Which otherwise leads to the following on resume after migrate (comparing
non-XSM to XSM):

 ata2.00: configured for MWDMA2
 usb 1-2: reset full-speed USB device number 2 using uhci_hcd
+PM: restore of devices complete after 3779.268 msecs
 usb 1-2: USB disconnect, device number 2
-PM: restore of devices complete after 2342.528 msecs
 usb 1-2: new full-speed USB device number 3 using uhci_hcd
 usb 1-2: New USB device found, idVendor=0627, idProduct=0001
 usb 1-2: New USB device strings: Mfr=3, Product=2, SerialNumber=1
 usb 1-2: Product: QEMU USB Tablet
 usb 1-2: Manufacturer: QEMU 0.10.2
 usb 1-2: SerialNumber: 1
 input: QEMU 0.10.2 QEMU USB Tablet as /devices/pci0000:00/0000:00:01.2/usb1/1-2/1-2:1.0/input/input8
 generic-usb 0003:0627:0001.0002: input,hidraw0: USB HID v0.01 Pointer [QEMU 0.10.2 QEMU USB Tablet] on usb-0000:00:01.2-2/input0
 Restarting tasks ... done.
 Setting capacity to 20480000
 Setting capacity to 20480000
+uhci_hcd 0000:00:01.2: Unlink after no-IRQ?  Controller is probably using the wrong IRQ.

And a glitch in the domU which is sufficient to disrupt the post migration
checks done by osstest.

This has been through a test run on merlot1 and resolved the migration
issues with the test-amd64-amd64-xl-qemut-stubdom-debianhvm-amd64-xsm
osstest test case.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Cc: Daniel De Graaf <dgdegra@tycho.nsa.gov>
---
 tools/flask/policy/policy/modules/xen/xen.if | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/flask/policy/policy/modules/xen/xen.if b/tools/flask/policy/policy/modules/xen/xen.if
index 32dd7b3..00d1bbb 100644
--- a/tools/flask/policy/policy/modules/xen/xen.if
+++ b/tools/flask/policy/policy/modules/xen/xen.if
@@ -150,7 +150,7 @@ define(`device_model', `
 
 	allow $1 $2_target:domain shutdown;
 	allow $1 $2_target:mmu { map_read map_write adjust physmap target_hack };
-	allow $1 $2_target:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute cacheattr send_irq };
+	allow $1 $2_target:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute pcilevel cacheattr send_irq };
 ')
 
 # make_device_model(priv, dm_dom, hvm_dom)
-- 
2.6.1

^ permalink raw reply related	[flat|nested] 5+ messages in thread
* Re: [PATCH] flask: Allow device model to raise PCI interrupts (pcilevel capability)
  2015-12-14 11:55 [PATCH] flask: Allow device model to raise PCI interrupts (pcilevel capability) Ian Campbell
@ 2015-12-14 12:05 ` Ian Jackson
  2015-12-15 21:34   ` Daniel De Graaf
  2015-12-19  3:11 ` Wei Liu
  1 sibling, 1 reply; 5+ messages in thread
From: Ian Jackson @ 2015-12-14 12:05 UTC (permalink / raw)
  To: Ian Campbell; +Cc: Daniel De Graaf, wei.liu2, xen-devel

Ian Campbell writes ("[PATCH] flask: Allow device model to raise PCI interrupts (pcilevel capability)"):
...
> -	allow $1 $2_target:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute cacheattr send_irq };
> +	allow $1 $2_target:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute pcilevel cacheattr send_irq };

Thanks for tracking this down.

Based on xen/xsm/flask/policy/access_vectors this seems like a
no-brainer.  Hopefully Daniel will agree :-).

Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>

Ian.

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH] flask: Allow device model to raise PCI interrupts (pcilevel capability)
  2015-12-14 12:05 ` Ian Jackson
@ 2015-12-15 21:34   ` Daniel De Graaf
  2015-12-16 10:21     ` Ian Campbell
  0 siblings, 1 reply; 5+ messages in thread
From: Daniel De Graaf @ 2015-12-15 21:34 UTC (permalink / raw)
  To: Ian Jackson, Ian Campbell; +Cc: wei.liu2, xen-devel

On 14/12/15 07:05, Ian Jackson wrote:
> Ian Campbell writes ("[PATCH] flask: Allow device model to raise PCI interrupts (pcilevel capability)"):
> ...
>> -	allow $1 $2_target:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute cacheattr send_irq };
>> +	allow $1 $2_target:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute pcilevel cacheattr send_irq };
>
> Thanks for tracking this down.
>
> Based on xen/xsm/flask/policy/access_vectors this seems like a
> no-brainer.  Hopefully Daniel will agree :-).
>
> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
>
> Ian.

Yep, this change is obvious given the issue.  I didn't find any other
missing XSM_DM_PRIV accesses when I walked through them, so hopefully
this is the only one that wasn't correct.

Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH] flask: Allow device model to raise PCI interrupts (pcilevel capability)
  2015-12-15 21:34   ` Daniel De Graaf
@ 2015-12-16 10:21     ` Ian Campbell
  0 siblings, 0 replies; 5+ messages in thread
From: Ian Campbell @ 2015-12-16 10:21 UTC (permalink / raw)
  To: Daniel De Graaf, Ian Jackson; +Cc: wei.liu2, xen-devel

On Tue, 2015-12-15 at 16:34 -0500, Daniel De Graaf wrote:
> On 14/12/15 07:05, Ian Jackson wrote:
> > Ian Campbell writes ("[PATCH] flask: Allow device model to raise PCI
> > interrupts (pcilevel capability)"):
> > ...
> > > -	allow $1 $2_target:hvm { getparam setparam trackdirtyvram
> > > hvmctl irqlevel pciroute cacheattr send_irq };
> > > +	allow $1 $2_target:hvm { getparam setparam trackdirtyvram
> > > hvmctl irqlevel pciroute pcilevel cacheattr send_irq };
> > 
> > Thanks for tracking this down.
> > 
> > Based on xen/xsm/flask/policy/access_vectors this seems like a
> > no-brainer.  Hopefully Daniel will agree :-).
> > 
> > Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
> > 
> > Ian.
> 
> Yep, this change is obvious given the issue.  I didn't find any other
> missing XSM_DM_PRIV accesses when I walked through them, so hopefully
> this is the only one that wasn't correct.

FWIW I didn't see any other AVC messages in the logs when a ran this
through an ad-hoc osstest job, so I'm hopeful that your hopefulness is not
misplaced ;-)

> Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>

Thanks, applied.

Ian.


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH] flask: Allow device model to raise PCI interrupts (pcilevel capability)
  2015-12-14 11:55 [PATCH] flask: Allow device model to raise PCI interrupts (pcilevel capability) Ian Campbell
  2015-12-14 12:05 ` Ian Jackson
@ 2015-12-19  3:11 ` Wei Liu
  1 sibling, 0 replies; 5+ messages in thread
From: Wei Liu @ 2015-12-19  3:11 UTC (permalink / raw)
  To: Ian Campbell; +Cc: wei.liu2, Daniel De Graaf, ian.jackson, xen-devel

On Mon, Dec 14, 2015 at 11:55:45AM +0000, Ian Campbell wrote:
> Allows:
> 
> (XEN) avc:  denied  { pcilevel } for domid=2 target=1 scontext=system_u:system_r:dm_dom_t tcontext=system_u:system_r:domU_t_target tclass=hvm
> 

Nice work fixing this. :-)

I did notice this when I first started, I would have sworn I produced a
similar patch but it didn't quite work for me so in the end I only sent
out an email to ask Daniel about it.

> Which otherwise leads to the following on resume after migrate (comparing
> non-XSM to XSM):
> 
>  ata2.00: configured for MWDMA2
>  usb 1-2: reset full-speed USB device number 2 using uhci_hcd
> +PM: restore of devices complete after 3779.268 msecs
>  usb 1-2: USB disconnect, device number 2
> -PM: restore of devices complete after 2342.528 msecs
>  usb 1-2: new full-speed USB device number 3 using uhci_hcd
>  usb 1-2: New USB device found, idVendor=0627, idProduct=0001
>  usb 1-2: New USB device strings: Mfr=3, Product=2, SerialNumber=1
>  usb 1-2: Product: QEMU USB Tablet
>  usb 1-2: Manufacturer: QEMU 0.10.2
>  usb 1-2: SerialNumber: 1
>  input: QEMU 0.10.2 QEMU USB Tablet as /devices/pci0000:00/0000:00:01.2/usb1/1-2/1-2:1.0/input/input8
>  generic-usb 0003:0627:0001.0002: input,hidraw0: USB HID v0.01 Pointer [QEMU 0.10.2 QEMU USB Tablet] on usb-0000:00:01.2-2/input0
>  Restarting tasks ... done.
>  Setting capacity to 20480000
>  Setting capacity to 20480000
> +uhci_hcd 0000:00:01.2: Unlink after no-IRQ?  Controller is probably using the wrong IRQ.
> 
> And a glitch in the domU which is sufficient to disrupt the post migration
> checks done by osstest.
> 
> This has been through a test run on merlot1 and resolved the migration
> issues with the test-amd64-amd64-xl-qemut-stubdom-debianhvm-amd64-xsm
> osstest test case.
> 

What is still perplexing is that why significant delay only manifested
on merlot*. Unfortunately we don't have other large machines to collect
enough data points. I guess we can live with the status quo for now and
fix other issues should they surface.

Wei.


> Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
> Cc: Daniel De Graaf <dgdegra@tycho.nsa.gov>
> ---
>  tools/flask/policy/policy/modules/xen/xen.if | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/tools/flask/policy/policy/modules/xen/xen.if b/tools/flask/policy/policy/modules/xen/xen.if
> index 32dd7b3..00d1bbb 100644
> --- a/tools/flask/policy/policy/modules/xen/xen.if
> +++ b/tools/flask/policy/policy/modules/xen/xen.if
> @@ -150,7 +150,7 @@ define(`device_model', `
>  
>  	allow $1 $2_target:domain shutdown;
>  	allow $1 $2_target:mmu { map_read map_write adjust physmap target_hack };
> -	allow $1 $2_target:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute cacheattr send_irq };
> +	allow $1 $2_target:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute pcilevel cacheattr send_irq };
>  ')
>  
>  # make_device_model(priv, dm_dom, hvm_dom)
> -- 
> 2.6.1
> 

^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-12-19  3:11 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-12-14 11:55 [PATCH] flask: Allow device model to raise PCI interrupts (pcilevel capability) Ian Campbell
2015-12-14 12:05 ` Ian Jackson
2015-12-15 21:34   ` Daniel De Graaf
2015-12-16 10:21     ` Ian Campbell
2015-12-19  3:11 ` Wei Liu

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.