* [PATCH 0/4] xsm/flask: more XSA-84 follow-ups
@ 2014-02-25 10:42 Jan Beulich
2014-02-25 10:44 ` [PATCH 1/4] flask: add compat mode guest support Jan Beulich
` (4 more replies)
0 siblings, 5 replies; 7+ messages in thread
From: Jan Beulich @ 2014-02-25 10:42 UTC (permalink / raw)
To: xen-devel; +Cc: dgdegra
1: flask: add compat mode guest support
2: flask: use xzalloc()
3: xsm: use # printk format modifier
4: xsm: streamline xsm_default_action()
Signed-off-by: Jan Beulich <jbeulich@suse.com>
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH 1/4] flask: add compat mode guest support
2014-02-25 10:42 [PATCH 0/4] xsm/flask: more XSA-84 follow-ups Jan Beulich
@ 2014-02-25 10:44 ` Jan Beulich
2014-02-28 15:13 ` Keir Fraser
2014-02-25 10:44 ` [PATCH 2/4] flask: use xzalloc() Jan Beulich
` (3 subsequent siblings)
4 siblings, 1 reply; 7+ messages in thread
From: Jan Beulich @ 2014-02-25 10:44 UTC (permalink / raw)
To: xen-devel; +Cc: dgdegra, Keir Fraser
[-- Attachment #1: Type: text/plain, Size: 10777 bytes --]
... which has been missing since the introduction of the new interface
in the 4.2 development cycle.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
--- a/xen/arch/x86/x86_64/compat/entry.S
+++ b/xen/arch/x86/x86_64/compat/entry.S
@@ -404,7 +404,7 @@ ENTRY(compat_hypercall_table)
.quad compat_vcpu_op
.quad compat_ni_hypercall /* 25 */
.quad compat_mmuext_op
- .quad do_xsm_op
+ .quad compat_xsm_op
.quad compat_nmi_op
.quad compat_sched_op
.quad compat_callback_op /* 30 */
--- a/xen/include/Makefile
+++ b/xen/include/Makefile
@@ -27,6 +27,7 @@ headers-$(CONFIG_X86) += compat/arch
headers-$(CONFIG_X86) += compat/arch-x86/xen.h
headers-$(CONFIG_X86) += compat/arch-x86/xen-$(compat-arch-y).h
headers-y += compat/arch-$(compat-arch-y).h compat/xlat.h
+headers-$(FLASK_ENABLE) += compat/xsm/flask_op.h
cppflags-y := -include public/xen-compat.h
cppflags-$(CONFIG_X86) += -m32
@@ -69,7 +70,9 @@ compat/xlat.h: xlat.lst $(filter-out com
export PYTHON=$(PYTHON); \
grep -v '^[ ]*#' xlat.lst | \
while read what name hdr; do \
- $(SHELL) $(BASEDIR)/tools/get-fields.sh "$$what" compat_$$name $$(echo compat/$$hdr | sed 's,@arch@,$(compat-arch-y),g') || exit $$?; \
+ hdr="compat/$$(echo $$hdr | sed 's,@arch@,$(compat-arch-y),g')"; \
+ echo '$(headers-y)' | grep -q "$$hdr" || continue; \
+ $(SHELL) $(BASEDIR)/tools/get-fields.sh "$$what" compat_$$name $$hdr || exit $$?; \
done >$@.new
mv -f $@.new $@
--- a/xen/include/xlat.lst
+++ b/xen/include/xlat.lst
@@ -99,3 +99,16 @@
! vcpu_set_singleshot_timer vcpu.h
? xenoprof_init xenoprof.h
? xenoprof_passive xenoprof.h
+? flask_access xsm/flask_op.h
+! flask_boolean xsm/flask_op.h
+? flask_cache_stats xsm/flask_op.h
+? flask_hash_stats xsm/flask_op.h
+! flask_load xsm/flask_op.h
+? flask_ocontext xsm/flask_op.h
+? flask_peersid xsm/flask_op.h
+? flask_relabel xsm/flask_op.h
+? flask_setavc_threshold xsm/flask_op.h
+? flask_setenforce xsm/flask_op.h
+! flask_sid_context xsm/flask_op.h
+? flask_transition xsm/flask_op.h
+! flask_userlist xsm/flask_op.h
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -412,6 +412,13 @@ static XSM_INLINE long xsm_do_xsm_op(XEN
return -ENOSYS;
}
+#ifdef CONFIG_COMPAT
+static XSM_INLINE int xsm_do_compat_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
+{
+ return -ENOSYS;
+}
+#endif
+
static XSM_INLINE char *xsm_show_irq_sid(int irq)
{
return NULL;
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -129,6 +129,9 @@ struct xsm_operations {
int (*tmem_control)(void);
long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op);
+#ifdef CONFIG_COMPAT
+ int (*do_compat_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op);
+#endif
int (*hvm_param) (struct domain *d, unsigned long op);
int (*hvm_param_nested) (struct domain *d);
@@ -499,6 +502,13 @@ static inline long xsm_do_xsm_op (XEN_GU
return xsm_ops->do_xsm_op(op);
}
+#ifdef CONFIG_COMPAT
+static inline int xsm_do_compat_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
+{
+ return xsm_ops->do_compat_op(op);
+}
+#endif
+
static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op)
{
return xsm_ops->hvm_param(d, op);
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -105,6 +105,9 @@ void xsm_fixup_ops (struct xsm_operation
set_to_dummy_if_null(ops, hvm_param_nested);
set_to_dummy_if_null(ops, do_xsm_op);
+#ifdef CONFIG_COMPAT
+ set_to_dummy_if_null(ops, do_compat_op);
+#endif
set_to_dummy_if_null(ops, add_to_physmap);
set_to_dummy_if_null(ops, remove_from_physmap);
--- a/xen/xsm/flask/flask_op.c
+++ b/xen/xsm/flask/flask_op.c
@@ -7,7 +7,7 @@
* it under the terms of the GNU General Public License version 2,
* as published by the Free Software Foundation.
*/
-
+#ifndef COMPAT
#include <xen/errno.h>
#include <xen/event.h>
#include <xsm/xsm.h>
@@ -20,6 +20,10 @@
#include <objsec.h>
#include <conditional.h>
+#define ret_t long
+#define _copy_to_guest copy_to_guest
+#define _copy_from_guest copy_from_guest
+
#ifdef FLASK_DEVELOP
int flask_enforcing = 0;
integer_param("flask_enforcing", flask_enforcing);
@@ -95,6 +99,8 @@ static int flask_copyin_string(XEN_GUEST
return 0;
}
+#endif /* COMPAT */
+
static int flask_security_user(struct xen_flask_userlist *arg)
{
char *user;
@@ -119,7 +125,7 @@ static int flask_security_user(struct xe
arg->size = nsids;
- if ( copy_to_guest(arg->u.sids, sids, nsids) )
+ if ( _copy_to_guest(arg->u.sids, sids, nsids) )
rv = -EFAULT;
xfree(sids);
@@ -128,6 +134,8 @@ static int flask_security_user(struct xe
return rv;
}
+#ifndef COMPAT
+
static int flask_security_relabel(struct xen_flask_transition *arg)
{
int rv;
@@ -208,6 +216,8 @@ static int flask_security_setenforce(str
return 0;
}
+#endif /* COMPAT */
+
static int flask_security_context(struct xen_flask_sid_context *arg)
{
int rv;
@@ -252,7 +262,7 @@ static int flask_security_sid(struct xen
arg->size = len;
- if ( !rv && copy_to_guest(arg->context, context, len) )
+ if ( !rv && _copy_to_guest(arg->context, context, len) )
rv = -EFAULT;
xfree(context);
@@ -260,6 +270,8 @@ static int flask_security_sid(struct xen
return rv;
}
+#ifndef COMPAT
+
int flask_disable(void)
{
static int flask_disabled = 0;
@@ -302,6 +314,8 @@ static int flask_security_setavc_thresho
return rv;
}
+#endif /* COMPAT */
+
static int flask_security_resolve_bool(struct xen_flask_boolean *arg)
{
char *name;
@@ -382,24 +396,6 @@ static int flask_security_set_bool(struc
return rv;
}
-static int flask_security_commit_bools(void)
-{
- int rv;
-
- spin_lock(&sel_sem);
-
- rv = domain_has_security(current->domain, SECURITY__SETBOOL);
- if ( rv )
- goto out;
-
- if ( bool_pending_values )
- rv = security_set_bools(bool_num, bool_pending_values);
-
- out:
- spin_unlock(&sel_sem);
- return rv;
-}
-
static int flask_security_get_bool(struct xen_flask_boolean *arg)
{
int rv;
@@ -431,7 +427,7 @@ static int flask_security_get_bool(struc
rv = -ERANGE;
arg->size = nameout_len;
- if ( !rv && copy_to_guest(arg->name, nameout, nameout_len) )
+ if ( !rv && _copy_to_guest(arg->name, nameout, nameout_len) )
rv = -EFAULT;
xfree(nameout);
}
@@ -441,6 +437,26 @@ static int flask_security_get_bool(struc
return rv;
}
+#ifndef COMPAT
+
+static int flask_security_commit_bools(void)
+{
+ int rv;
+
+ spin_lock(&sel_sem);
+
+ rv = domain_has_security(current->domain, SECURITY__SETBOOL);
+ if ( rv )
+ goto out;
+
+ if ( bool_pending_values )
+ rv = security_set_bools(bool_num, bool_pending_values);
+
+ out:
+ spin_unlock(&sel_sem);
+ return rv;
+}
+
static int flask_security_make_bools(void)
{
int ret = 0;
@@ -484,6 +500,7 @@ static int flask_security_avc_cachestats
}
#endif
+#endif /* COMPAT */
static int flask_security_load(struct xen_flask_load *load)
{
@@ -501,7 +518,7 @@ static int flask_security_load(struct xe
if ( !buf )
return -ENOMEM;
- if ( copy_from_guest(buf, load->buffer, load->size) )
+ if ( _copy_from_guest(buf, load->buffer, load->size) )
{
ret = -EFAULT;
goto out_free;
@@ -524,6 +541,8 @@ static int flask_security_load(struct xe
return ret;
}
+#ifndef COMPAT
+
static int flask_ocontext_del(struct xen_flask_ocontext *arg)
{
int rv;
@@ -636,7 +655,9 @@ static int flask_relabel_domain(struct x
return rc;
}
-long do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op)
+#endif /* !COMPAT */
+
+ret_t do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op)
{
xen_flask_op_t op;
int rv;
@@ -763,3 +784,52 @@ long do_flask_op(XEN_GUEST_HANDLE_PARAM(
out:
return rv;
}
+
+#ifndef COMPAT
+#undef _copy_to_guest
+#define _copy_to_guest copy_to_compat
+#undef _copy_from_guest
+#define _copy_from_guest copy_from_compat
+
+#include <compat/event_channel.h>
+#include <compat/xsm/flask_op.h>
+
+CHECK_flask_access;
+CHECK_flask_cache_stats;
+CHECK_flask_hash_stats;
+CHECK_flask_ocontext;
+CHECK_flask_peersid;
+CHECK_flask_relabel;
+CHECK_flask_setavc_threshold;
+CHECK_flask_setenforce;
+CHECK_flask_transition;
+
+#define COMPAT
+#define flask_copyin_string(ch, pb, sz, mx) ({ \
+ XEN_GUEST_HANDLE_PARAM(char) gh; \
+ guest_from_compat_handle(gh, ch); \
+ flask_copyin_string(gh, pb, sz, mx); \
+})
+
+#define xen_flask_load compat_flask_load
+#define flask_security_load compat_security_load
+
+#define xen_flask_userlist compat_flask_userlist
+#define flask_security_user compat_security_user
+
+#define xen_flask_sid_context compat_flask_sid_context
+#define flask_security_context compat_security_context
+#define flask_security_sid compat_security_sid
+
+#define xen_flask_boolean compat_flask_boolean
+#define flask_security_resolve_bool compat_security_resolve_bool
+#define flask_security_get_bool compat_security_get_bool
+#define flask_security_set_bool compat_security_set_bool
+
+#define xen_flask_op_t compat_flask_op_t
+#undef ret_t
+#define ret_t int
+#define do_flask_op compat_flask_op
+
+#include "flask_op.c"
+#endif
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1464,6 +1464,7 @@ static int flask_map_gmfn_foreign(struct
#endif
long do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op);
+int compat_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op);
static struct xsm_operations flask_ops = {
.security_domaininfo = flask_security_domaininfo,
@@ -1538,6 +1539,9 @@ static struct xsm_operations flask_ops =
.hvm_param_nested = flask_hvm_param_nested,
.do_xsm_op = do_flask_op,
+#ifdef CONFIG_COMPAT
+ .do_compat_op = compat_flask_op,
+#endif
.add_to_physmap = flask_add_to_physmap,
.remove_from_physmap = flask_remove_from_physmap,
--- a/xen/xsm/xsm_core.c
+++ b/xen/xsm/xsm_core.c
@@ -116,4 +116,9 @@ long do_xsm_op (XEN_GUEST_HANDLE_PARAM(x
return xsm_do_xsm_op(op);
}
-
+#ifdef CONFIG_COMPAT
+int compat_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
+{
+ return xsm_do_compat_op(op);
+}
+#endif
[-- Attachment #2: flask-op-compat.patch --]
[-- Type: text/plain, Size: 10813 bytes --]
flask: add compat mode guest support
... which has been missing since the introduction of the new interface
in the 4.2 development cycle.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
--- a/xen/arch/x86/x86_64/compat/entry.S
+++ b/xen/arch/x86/x86_64/compat/entry.S
@@ -404,7 +404,7 @@ ENTRY(compat_hypercall_table)
.quad compat_vcpu_op
.quad compat_ni_hypercall /* 25 */
.quad compat_mmuext_op
- .quad do_xsm_op
+ .quad compat_xsm_op
.quad compat_nmi_op
.quad compat_sched_op
.quad compat_callback_op /* 30 */
--- a/xen/include/Makefile
+++ b/xen/include/Makefile
@@ -27,6 +27,7 @@ headers-$(CONFIG_X86) += compat/arch
headers-$(CONFIG_X86) += compat/arch-x86/xen.h
headers-$(CONFIG_X86) += compat/arch-x86/xen-$(compat-arch-y).h
headers-y += compat/arch-$(compat-arch-y).h compat/xlat.h
+headers-$(FLASK_ENABLE) += compat/xsm/flask_op.h
cppflags-y := -include public/xen-compat.h
cppflags-$(CONFIG_X86) += -m32
@@ -69,7 +70,9 @@ compat/xlat.h: xlat.lst $(filter-out com
export PYTHON=$(PYTHON); \
grep -v '^[ ]*#' xlat.lst | \
while read what name hdr; do \
- $(SHELL) $(BASEDIR)/tools/get-fields.sh "$$what" compat_$$name $$(echo compat/$$hdr | sed 's,@arch@,$(compat-arch-y),g') || exit $$?; \
+ hdr="compat/$$(echo $$hdr | sed 's,@arch@,$(compat-arch-y),g')"; \
+ echo '$(headers-y)' | grep -q "$$hdr" || continue; \
+ $(SHELL) $(BASEDIR)/tools/get-fields.sh "$$what" compat_$$name $$hdr || exit $$?; \
done >$@.new
mv -f $@.new $@
--- a/xen/include/xlat.lst
+++ b/xen/include/xlat.lst
@@ -99,3 +99,16 @@
! vcpu_set_singleshot_timer vcpu.h
? xenoprof_init xenoprof.h
? xenoprof_passive xenoprof.h
+? flask_access xsm/flask_op.h
+! flask_boolean xsm/flask_op.h
+? flask_cache_stats xsm/flask_op.h
+? flask_hash_stats xsm/flask_op.h
+! flask_load xsm/flask_op.h
+? flask_ocontext xsm/flask_op.h
+? flask_peersid xsm/flask_op.h
+? flask_relabel xsm/flask_op.h
+? flask_setavc_threshold xsm/flask_op.h
+? flask_setenforce xsm/flask_op.h
+! flask_sid_context xsm/flask_op.h
+? flask_transition xsm/flask_op.h
+! flask_userlist xsm/flask_op.h
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -412,6 +412,13 @@ static XSM_INLINE long xsm_do_xsm_op(XEN
return -ENOSYS;
}
+#ifdef CONFIG_COMPAT
+static XSM_INLINE int xsm_do_compat_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
+{
+ return -ENOSYS;
+}
+#endif
+
static XSM_INLINE char *xsm_show_irq_sid(int irq)
{
return NULL;
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -129,6 +129,9 @@ struct xsm_operations {
int (*tmem_control)(void);
long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op);
+#ifdef CONFIG_COMPAT
+ int (*do_compat_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op);
+#endif
int (*hvm_param) (struct domain *d, unsigned long op);
int (*hvm_param_nested) (struct domain *d);
@@ -499,6 +502,13 @@ static inline long xsm_do_xsm_op (XEN_GU
return xsm_ops->do_xsm_op(op);
}
+#ifdef CONFIG_COMPAT
+static inline int xsm_do_compat_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
+{
+ return xsm_ops->do_compat_op(op);
+}
+#endif
+
static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op)
{
return xsm_ops->hvm_param(d, op);
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -105,6 +105,9 @@ void xsm_fixup_ops (struct xsm_operation
set_to_dummy_if_null(ops, hvm_param_nested);
set_to_dummy_if_null(ops, do_xsm_op);
+#ifdef CONFIG_COMPAT
+ set_to_dummy_if_null(ops, do_compat_op);
+#endif
set_to_dummy_if_null(ops, add_to_physmap);
set_to_dummy_if_null(ops, remove_from_physmap);
--- a/xen/xsm/flask/flask_op.c
+++ b/xen/xsm/flask/flask_op.c
@@ -7,7 +7,7 @@
* it under the terms of the GNU General Public License version 2,
* as published by the Free Software Foundation.
*/
-
+#ifndef COMPAT
#include <xen/errno.h>
#include <xen/event.h>
#include <xsm/xsm.h>
@@ -20,6 +20,10 @@
#include <objsec.h>
#include <conditional.h>
+#define ret_t long
+#define _copy_to_guest copy_to_guest
+#define _copy_from_guest copy_from_guest
+
#ifdef FLASK_DEVELOP
int flask_enforcing = 0;
integer_param("flask_enforcing", flask_enforcing);
@@ -95,6 +99,8 @@ static int flask_copyin_string(XEN_GUEST
return 0;
}
+#endif /* COMPAT */
+
static int flask_security_user(struct xen_flask_userlist *arg)
{
char *user;
@@ -119,7 +125,7 @@ static int flask_security_user(struct xe
arg->size = nsids;
- if ( copy_to_guest(arg->u.sids, sids, nsids) )
+ if ( _copy_to_guest(arg->u.sids, sids, nsids) )
rv = -EFAULT;
xfree(sids);
@@ -128,6 +134,8 @@ static int flask_security_user(struct xe
return rv;
}
+#ifndef COMPAT
+
static int flask_security_relabel(struct xen_flask_transition *arg)
{
int rv;
@@ -208,6 +216,8 @@ static int flask_security_setenforce(str
return 0;
}
+#endif /* COMPAT */
+
static int flask_security_context(struct xen_flask_sid_context *arg)
{
int rv;
@@ -252,7 +262,7 @@ static int flask_security_sid(struct xen
arg->size = len;
- if ( !rv && copy_to_guest(arg->context, context, len) )
+ if ( !rv && _copy_to_guest(arg->context, context, len) )
rv = -EFAULT;
xfree(context);
@@ -260,6 +270,8 @@ static int flask_security_sid(struct xen
return rv;
}
+#ifndef COMPAT
+
int flask_disable(void)
{
static int flask_disabled = 0;
@@ -302,6 +314,8 @@ static int flask_security_setavc_thresho
return rv;
}
+#endif /* COMPAT */
+
static int flask_security_resolve_bool(struct xen_flask_boolean *arg)
{
char *name;
@@ -382,24 +396,6 @@ static int flask_security_set_bool(struc
return rv;
}
-static int flask_security_commit_bools(void)
-{
- int rv;
-
- spin_lock(&sel_sem);
-
- rv = domain_has_security(current->domain, SECURITY__SETBOOL);
- if ( rv )
- goto out;
-
- if ( bool_pending_values )
- rv = security_set_bools(bool_num, bool_pending_values);
-
- out:
- spin_unlock(&sel_sem);
- return rv;
-}
-
static int flask_security_get_bool(struct xen_flask_boolean *arg)
{
int rv;
@@ -431,7 +427,7 @@ static int flask_security_get_bool(struc
rv = -ERANGE;
arg->size = nameout_len;
- if ( !rv && copy_to_guest(arg->name, nameout, nameout_len) )
+ if ( !rv && _copy_to_guest(arg->name, nameout, nameout_len) )
rv = -EFAULT;
xfree(nameout);
}
@@ -441,6 +437,26 @@ static int flask_security_get_bool(struc
return rv;
}
+#ifndef COMPAT
+
+static int flask_security_commit_bools(void)
+{
+ int rv;
+
+ spin_lock(&sel_sem);
+
+ rv = domain_has_security(current->domain, SECURITY__SETBOOL);
+ if ( rv )
+ goto out;
+
+ if ( bool_pending_values )
+ rv = security_set_bools(bool_num, bool_pending_values);
+
+ out:
+ spin_unlock(&sel_sem);
+ return rv;
+}
+
static int flask_security_make_bools(void)
{
int ret = 0;
@@ -484,6 +500,7 @@ static int flask_security_avc_cachestats
}
#endif
+#endif /* COMPAT */
static int flask_security_load(struct xen_flask_load *load)
{
@@ -501,7 +518,7 @@ static int flask_security_load(struct xe
if ( !buf )
return -ENOMEM;
- if ( copy_from_guest(buf, load->buffer, load->size) )
+ if ( _copy_from_guest(buf, load->buffer, load->size) )
{
ret = -EFAULT;
goto out_free;
@@ -524,6 +541,8 @@ static int flask_security_load(struct xe
return ret;
}
+#ifndef COMPAT
+
static int flask_ocontext_del(struct xen_flask_ocontext *arg)
{
int rv;
@@ -636,7 +655,9 @@ static int flask_relabel_domain(struct x
return rc;
}
-long do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op)
+#endif /* !COMPAT */
+
+ret_t do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op)
{
xen_flask_op_t op;
int rv;
@@ -763,3 +784,52 @@ long do_flask_op(XEN_GUEST_HANDLE_PARAM(
out:
return rv;
}
+
+#ifndef COMPAT
+#undef _copy_to_guest
+#define _copy_to_guest copy_to_compat
+#undef _copy_from_guest
+#define _copy_from_guest copy_from_compat
+
+#include <compat/event_channel.h>
+#include <compat/xsm/flask_op.h>
+
+CHECK_flask_access;
+CHECK_flask_cache_stats;
+CHECK_flask_hash_stats;
+CHECK_flask_ocontext;
+CHECK_flask_peersid;
+CHECK_flask_relabel;
+CHECK_flask_setavc_threshold;
+CHECK_flask_setenforce;
+CHECK_flask_transition;
+
+#define COMPAT
+#define flask_copyin_string(ch, pb, sz, mx) ({ \
+ XEN_GUEST_HANDLE_PARAM(char) gh; \
+ guest_from_compat_handle(gh, ch); \
+ flask_copyin_string(gh, pb, sz, mx); \
+})
+
+#define xen_flask_load compat_flask_load
+#define flask_security_load compat_security_load
+
+#define xen_flask_userlist compat_flask_userlist
+#define flask_security_user compat_security_user
+
+#define xen_flask_sid_context compat_flask_sid_context
+#define flask_security_context compat_security_context
+#define flask_security_sid compat_security_sid
+
+#define xen_flask_boolean compat_flask_boolean
+#define flask_security_resolve_bool compat_security_resolve_bool
+#define flask_security_get_bool compat_security_get_bool
+#define flask_security_set_bool compat_security_set_bool
+
+#define xen_flask_op_t compat_flask_op_t
+#undef ret_t
+#define ret_t int
+#define do_flask_op compat_flask_op
+
+#include "flask_op.c"
+#endif
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1464,6 +1464,7 @@ static int flask_map_gmfn_foreign(struct
#endif
long do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op);
+int compat_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op);
static struct xsm_operations flask_ops = {
.security_domaininfo = flask_security_domaininfo,
@@ -1538,6 +1539,9 @@ static struct xsm_operations flask_ops =
.hvm_param_nested = flask_hvm_param_nested,
.do_xsm_op = do_flask_op,
+#ifdef CONFIG_COMPAT
+ .do_compat_op = compat_flask_op,
+#endif
.add_to_physmap = flask_add_to_physmap,
.remove_from_physmap = flask_remove_from_physmap,
--- a/xen/xsm/xsm_core.c
+++ b/xen/xsm/xsm_core.c
@@ -116,4 +116,9 @@ long do_xsm_op (XEN_GUEST_HANDLE_PARAM(x
return xsm_do_xsm_op(op);
}
-
+#ifdef CONFIG_COMPAT
+int compat_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
+{
+ return xsm_do_compat_op(op);
+}
+#endif
[-- Attachment #3: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH 2/4] flask: use xzalloc()
2014-02-25 10:42 [PATCH 0/4] xsm/flask: more XSA-84 follow-ups Jan Beulich
2014-02-25 10:44 ` [PATCH 1/4] flask: add compat mode guest support Jan Beulich
@ 2014-02-25 10:44 ` Jan Beulich
2014-02-25 10:45 ` [PATCH 3/4] xsm: use # printk format modifier Jan Beulich
` (2 subsequent siblings)
4 siblings, 0 replies; 7+ messages in thread
From: Jan Beulich @ 2014-02-25 10:44 UTC (permalink / raw)
To: xen-devel; +Cc: dgdegra
[-- Attachment #1: Type: text/plain, Size: 14544 bytes --]
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/xsm/flask/avc.c
+++ b/xen/xsm/flask/avc.c
@@ -360,11 +360,10 @@ static struct avc_node *avc_alloc_node(v
{
struct avc_node *node;
- node = xmalloc(struct avc_node);
+ node = xzalloc(struct avc_node);
if (!node)
goto out;
- memset(node, 0, sizeof(*node));
INIT_RCU_HEAD(&node->rhead);
INIT_HLIST_NODE(&node->list);
avc_cache_stats_incr(allocations);
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -132,13 +132,10 @@ static int flask_domain_alloc_security(s
{
struct domain_security_struct *dsec;
- dsec = xmalloc(struct domain_security_struct);
-
+ dsec = xzalloc(struct domain_security_struct);
if ( !dsec )
return -ENOMEM;
- memset(dsec, 0, sizeof(struct domain_security_struct));
-
switch ( d->domain_id )
{
case DOMID_IDLE:
@@ -294,13 +291,10 @@ static int flask_alloc_security_evtchn(s
{
struct evtchn_security_struct *esec;
- esec = xmalloc(struct evtchn_security_struct);
-
+ esec = xzalloc(struct evtchn_security_struct);
if ( !esec )
return -ENOMEM;
- memset(esec, 0, sizeof(struct evtchn_security_struct));
-
esec->sid = SECINITSID_UNLABELED;
chn->ssid = esec;
--- a/xen/xsm/flask/ss/avtab.c
+++ b/xen/xsm/flask/ss/avtab.c
@@ -38,11 +38,10 @@ static struct avtab_node* avtab_insert_n
struct avtab_node * prev, struct avtab_node * cur, struct avtab_key *key,
struct avtab_datum *datum)
{
- struct avtab_node * newnode;
- newnode = xmalloc(struct avtab_node);
+ struct avtab_node *newnode = xzalloc(struct avtab_node);
+
if ( newnode == NULL )
return NULL;
- memset(newnode, 0, sizeof(struct avtab_node));
newnode->key = *key;
newnode->datum = *datum;
if ( prev )
--- a/xen/xsm/flask/ss/conditional.c
+++ b/xen/xsm/flask/ss/conditional.c
@@ -228,10 +228,9 @@ int cond_read_bool(struct policydb *p, s
u32 len;
int rc;
- booldatum = xmalloc(struct cond_bool_datum);
+ booldatum = xzalloc(struct cond_bool_datum);
if ( !booldatum )
return -1;
- memset(booldatum, 0, sizeof(struct cond_bool_datum));
rc = next_entry(buf, fp, sizeof buf);
if ( rc < 0 )
@@ -343,10 +342,9 @@ static int cond_insertf(struct avtab *a,
goto err;
}
- list = xmalloc(struct cond_av_list);
+ list = xzalloc(struct cond_av_list);
if ( !list )
goto err;
- memset(list, 0, sizeof(*list));
list->node = node_ptr;
if ( !data->head )
@@ -441,12 +439,9 @@ static int cond_read_node(struct policyd
if ( rc < 0 )
goto err;
- expr = xmalloc(struct cond_expr);
+ expr = xzalloc(struct cond_expr);
if ( !expr )
- {
goto err;
- }
- memset(expr, 0, sizeof(struct cond_expr));
expr->expr_type = le32_to_cpu(buf[0]);
expr->bool = le32_to_cpu(buf[1]);
@@ -494,10 +489,9 @@ int cond_read_list(struct policydb *p, v
for ( i = 0; i < len; i++ )
{
- node = xmalloc(struct cond_node);
+ node = xzalloc(struct cond_node);
if ( !node )
goto err;
- memset(node, 0, sizeof(struct cond_node));
if ( cond_read_node(p, node, fp) != 0 )
goto err;
--- a/xen/xsm/flask/ss/ebitmap.c
+++ b/xen/xsm/flask/ss/ebitmap.c
@@ -50,13 +50,12 @@ int ebitmap_cpy(struct ebitmap *dst, str
prev = NULL;
while ( n )
{
- new = xmalloc(struct ebitmap_node);
+ new = xzalloc(struct ebitmap_node);
if ( !new )
{
ebitmap_destroy(dst);
return -ENOMEM;
}
- memset(new, 0, sizeof(*new));
new->startbit = n->startbit;
memcpy(new->maps, n->maps, EBITMAP_SIZE / 8);
new->next = NULL;
@@ -176,10 +175,9 @@ int ebitmap_set_bit(struct ebitmap *e, u
if ( !value )
return 0;
- new = xmalloc(struct ebitmap_node);
+ new = xzalloc(struct ebitmap_node);
if ( !new )
return -ENOMEM;
- memset(new, 0, sizeof(*new));
new->startbit = bit - (bit % EBITMAP_SIZE);
ebitmap_node_set_bit(new, bit);
@@ -284,8 +282,8 @@ int ebitmap_read(struct ebitmap *e, void
if ( !n || startbit >= n->startbit + EBITMAP_SIZE )
{
- struct ebitmap_node *tmp;
- tmp = xmalloc(struct ebitmap_node);
+ struct ebitmap_node *tmp = xzalloc(struct ebitmap_node);
+
if ( !tmp )
{
printk(KERN_ERR
@@ -293,7 +291,6 @@ int ebitmap_read(struct ebitmap *e, void
rc = -ENOMEM;
goto bad;
}
- memset(tmp, 0, sizeof(*tmp));
/* round down */
tmp->startbit = startbit - (startbit % EBITMAP_SIZE);
if ( n )
--- a/xen/xsm/flask/ss/hashtab.c
+++ b/xen/xsm/flask/ss/hashtab.c
@@ -16,28 +16,21 @@ struct hashtab *hashtab_create(u32 (*has
int (*keycmp)(struct hashtab *h, const void *key1,
const void *key2), u32 size)
{
- struct hashtab *p;
- u32 i;
+ struct hashtab *p = xzalloc(struct hashtab);
- p = xmalloc(struct hashtab);
if ( p == NULL )
return p;
- memset(p, 0, sizeof(*p));
p->size = size;
- p->nel = 0;
p->hash_value = hash_value;
p->keycmp = keycmp;
- p->htable = xmalloc_array(struct hashtab_node *, size);
+ p->htable = xzalloc_array(struct hashtab_node *, size);
if ( p->htable == NULL )
{
xfree(p);
return NULL;
}
- for ( i = 0; i < size; i++ )
- p->htable[i] = NULL;
-
return p;
}
@@ -61,10 +54,9 @@ int hashtab_insert(struct hashtab *h, vo
if ( cur && (h->keycmp(h, key, cur->key) == 0) )
return -EEXIST;
- newnode = xmalloc(struct hashtab_node);
+ newnode = xzalloc(struct hashtab_node);
if ( newnode == NULL )
return -ENOMEM;
- memset(newnode, 0, sizeof(*newnode));
newnode->key = key;
newnode->datum = datum;
if ( prev )
--- a/xen/xsm/flask/ss/policydb.c
+++ b/xen/xsm/flask/ss/policydb.c
@@ -166,13 +166,12 @@ static int roles_init(struct policydb *p
int rc;
struct role_datum *role;
- role = xmalloc(struct role_datum);
+ role = xzalloc(struct role_datum);
if ( !role )
{
rc = -ENOMEM;
goto out;
}
- memset(role, 0, sizeof(*role));
role->value = ++p->p_roles.nprim;
if ( role->value != OBJECT_R_VAL )
{
@@ -950,13 +949,12 @@ static int perm_read(struct policydb *p,
__le32 buf[2];
u32 len;
- perdatum = xmalloc(struct perm_datum);
+ perdatum = xzalloc(struct perm_datum);
if ( !perdatum )
{
rc = -ENOMEM;
goto out;
}
- memset(perdatum, 0, sizeof(*perdatum));
rc = next_entry(buf, fp, sizeof buf);
if ( rc < 0 )
@@ -994,13 +992,12 @@ static int common_read(struct policydb *
u32 len, nel;
int i, rc;
- comdatum = xmalloc(struct common_datum);
+ comdatum = xzalloc(struct common_datum);
if ( !comdatum )
{
rc = -ENOMEM;
goto out;
}
- memset(comdatum, 0, sizeof(*comdatum));
rc = next_entry(buf, fp, sizeof buf);
if ( rc < 0 )
@@ -1055,10 +1052,9 @@ static int read_cons_helper(struct const
lc = NULL;
for ( i = 0; i < ncons; i++ )
{
- c = xmalloc(struct constraint_node);
+ c = xzalloc(struct constraint_node);
if ( !c )
return -ENOMEM;
- memset(c, 0, sizeof(*c));
if ( lc )
{
@@ -1078,10 +1074,9 @@ static int read_cons_helper(struct const
depth = -1;
for ( j = 0; j < nexpr; j++ )
{
- e = xmalloc(struct constraint_expr);
+ e = xzalloc(struct constraint_expr);
if ( !e )
return -ENOMEM;
- memset(e, 0, sizeof(*e));
if ( le )
le->next = e;
@@ -1142,13 +1137,12 @@ static int class_read(struct policydb *p
u32 len, len2, ncons, nel;
int i, rc;
- cladatum = xmalloc(struct class_datum);
+ cladatum = xzalloc(struct class_datum);
if ( !cladatum )
{
rc = -ENOMEM;
goto out;
}
- memset(cladatum, 0, sizeof(*cladatum));
rc = next_entry(buf, fp, sizeof(u32)*6);
if ( rc < 0 )
@@ -1226,13 +1220,12 @@ static int role_read(struct policydb *p,
__le32 buf[3];
u32 len;
- role = xmalloc(struct role_datum);
+ role = xzalloc(struct role_datum);
if ( !role )
{
rc = -ENOMEM;
goto out;
}
- memset(role, 0, sizeof(*role));
if ( p->policyvers >= POLICYDB_VERSION_BOUNDARY )
rc = next_entry(buf, fp, sizeof(buf[0]) * 3);
@@ -1297,13 +1290,12 @@ static int type_read(struct policydb *p,
__le32 buf[4];
u32 len;
- typdatum = xmalloc(struct type_datum);
+ typdatum = xzalloc(struct type_datum);
if ( !typdatum )
{
rc = -ENOMEM;
return rc;
}
- memset(typdatum, 0, sizeof(*typdatum));
if ( p->policyvers >= POLICYDB_VERSION_BOUNDARY )
rc = next_entry(buf, fp, sizeof(buf[0]) * 4);
@@ -1391,13 +1383,12 @@ static int user_read(struct policydb *p,
__le32 buf[3];
u32 len;
- usrdatum = xmalloc(struct user_datum);
+ usrdatum = xzalloc(struct user_datum);
if ( !usrdatum )
{
rc = -ENOMEM;
goto out;
}
- memset(usrdatum, 0, sizeof(*usrdatum));
if ( p->policyvers >= POLICYDB_VERSION_BOUNDARY )
rc = next_entry(buf, fp, sizeof(buf[0]) * 3);
@@ -1455,13 +1446,12 @@ static int sens_read(struct policydb *p,
__le32 buf[2];
u32 len;
- levdatum = xmalloc(struct level_datum);
+ levdatum = xzalloc(struct level_datum);
if ( !levdatum )
{
rc = -ENOMEM;
goto out;
}
- memset(levdatum, 0, sizeof(*levdatum));
rc = next_entry(buf, fp, sizeof buf);
if ( rc < 0 )
@@ -1511,13 +1501,12 @@ static int cat_read(struct policydb *p,
__le32 buf[3];
u32 len;
- catdatum = xmalloc(struct cat_datum);
+ catdatum = xzalloc(struct cat_datum);
if ( !catdatum )
{
rc = -ENOMEM;
goto out;
}
- memset(catdatum, 0, sizeof(*catdatum));
rc = next_entry(buf, fp, sizeof buf);
if ( rc < 0 )
@@ -1875,13 +1864,12 @@ int policydb_read(struct policydb *p, vo
ltr = NULL;
for ( i = 0; i < nel; i++ )
{
- tr = xmalloc(struct role_trans);
+ tr = xzalloc(struct role_trans);
if ( !tr )
{
rc = -ENOMEM;
goto bad;
}
- memset(tr, 0, sizeof(*tr));
if ( ltr )
ltr->next = tr;
else
@@ -1909,13 +1897,12 @@ int policydb_read(struct policydb *p, vo
lra = NULL;
for ( i = 0; i < nel; i++ )
{
- ra = xmalloc(struct role_allow);
+ ra = xzalloc(struct role_allow);
if ( !ra )
{
rc = -ENOMEM;
goto bad;
}
- memset(ra, 0, sizeof(*ra));
if ( lra )
lra->next = ra;
else
@@ -1951,13 +1938,12 @@ int policydb_read(struct policydb *p, vo
l = NULL;
for ( j = 0; j < nel; j++ )
{
- c = xmalloc(struct ocontext);
+ c = xzalloc(struct ocontext);
if ( !c )
{
rc = -ENOMEM;
goto bad;
}
- memset(c, 0, sizeof(*c));
if ( l )
l->next = c;
else
@@ -2067,13 +2053,12 @@ int policydb_read(struct policydb *p, vo
lrt = NULL;
for ( i = 0; i < nel; i++ )
{
- rt = xmalloc(struct range_trans);
+ rt = xzalloc(struct range_trans);
if ( !rt )
{
rc = -ENOMEM;
goto bad;
}
- memset(rt, 0, sizeof(*rt));
if ( lrt )
lrt->next = rt;
else
--- a/xen/xsm/flask/ss/services.c
+++ b/xen/xsm/flask/ss/services.c
@@ -1771,13 +1771,12 @@ int security_get_user_sids(u32 fromsid,
}
usercon.user = user->value;
- mysids = xmalloc_array(u32, maxnel);
+ mysids = xzalloc_array(u32, maxnel);
if ( !mysids )
{
rc = -ENOMEM;
goto out_unlock;
}
- memset(mysids, 0, maxnel*sizeof(*mysids));
ebitmap_for_each_positive_bit(&user->roles, rnode, i)
{
@@ -1808,14 +1807,13 @@ int security_get_user_sids(u32 fromsid,
else
{
maxnel += SIDS_NEL;
- mysids2 = xmalloc_array(u32, maxnel);
+ mysids2 = xzalloc_array(u32, maxnel);
if ( !mysids2 )
{
rc = -ENOMEM;
xfree(mysids);
goto out_unlock;
}
- memset(mysids2, 0, maxnel*sizeof(*mysids2));
memcpy(mysids2, mysids, mynel * sizeof(*mysids2));
xfree(mysids);
mysids = mysids2;
@@ -1868,14 +1866,14 @@ int security_get_bools(int *len, char **
goto out;
}
- if ( names ) {
- *names = (char**)xmalloc_array(char*, *len);
+ if ( names )
+ {
+ *names = xzalloc_array(char *, *len);
if ( !*names )
goto err;
- memset(*names, 0, sizeof(char*) * *len);
}
- *values = (int*)xmalloc_array(int, *len);
+ *values = xmalloc_array(int, *len);
if ( !*values )
goto err;
@@ -2059,9 +2057,8 @@ int security_ocontext_add( u32 ocon, uns
struct ocontext *prev;
struct ocontext *add;
- if ( (add = xmalloc(struct ocontext)) == NULL )
+ if ( (add = xzalloc(struct ocontext)) == NULL )
return -ENOMEM;
- memset(add, 0, sizeof(struct ocontext));
add->sid[0] = sid;
POLICY_WRLOCK;
[-- Attachment #2: flask-xzalloc.patch --]
[-- Type: text/plain, Size: 14564 bytes --]
flask: use xzalloc()
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/xsm/flask/avc.c
+++ b/xen/xsm/flask/avc.c
@@ -360,11 +360,10 @@ static struct avc_node *avc_alloc_node(v
{
struct avc_node *node;
- node = xmalloc(struct avc_node);
+ node = xzalloc(struct avc_node);
if (!node)
goto out;
- memset(node, 0, sizeof(*node));
INIT_RCU_HEAD(&node->rhead);
INIT_HLIST_NODE(&node->list);
avc_cache_stats_incr(allocations);
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -132,13 +132,10 @@ static int flask_domain_alloc_security(s
{
struct domain_security_struct *dsec;
- dsec = xmalloc(struct domain_security_struct);
-
+ dsec = xzalloc(struct domain_security_struct);
if ( !dsec )
return -ENOMEM;
- memset(dsec, 0, sizeof(struct domain_security_struct));
-
switch ( d->domain_id )
{
case DOMID_IDLE:
@@ -294,13 +291,10 @@ static int flask_alloc_security_evtchn(s
{
struct evtchn_security_struct *esec;
- esec = xmalloc(struct evtchn_security_struct);
-
+ esec = xzalloc(struct evtchn_security_struct);
if ( !esec )
return -ENOMEM;
- memset(esec, 0, sizeof(struct evtchn_security_struct));
-
esec->sid = SECINITSID_UNLABELED;
chn->ssid = esec;
--- a/xen/xsm/flask/ss/avtab.c
+++ b/xen/xsm/flask/ss/avtab.c
@@ -38,11 +38,10 @@ static struct avtab_node* avtab_insert_n
struct avtab_node * prev, struct avtab_node * cur, struct avtab_key *key,
struct avtab_datum *datum)
{
- struct avtab_node * newnode;
- newnode = xmalloc(struct avtab_node);
+ struct avtab_node *newnode = xzalloc(struct avtab_node);
+
if ( newnode == NULL )
return NULL;
- memset(newnode, 0, sizeof(struct avtab_node));
newnode->key = *key;
newnode->datum = *datum;
if ( prev )
--- a/xen/xsm/flask/ss/conditional.c
+++ b/xen/xsm/flask/ss/conditional.c
@@ -228,10 +228,9 @@ int cond_read_bool(struct policydb *p, s
u32 len;
int rc;
- booldatum = xmalloc(struct cond_bool_datum);
+ booldatum = xzalloc(struct cond_bool_datum);
if ( !booldatum )
return -1;
- memset(booldatum, 0, sizeof(struct cond_bool_datum));
rc = next_entry(buf, fp, sizeof buf);
if ( rc < 0 )
@@ -343,10 +342,9 @@ static int cond_insertf(struct avtab *a,
goto err;
}
- list = xmalloc(struct cond_av_list);
+ list = xzalloc(struct cond_av_list);
if ( !list )
goto err;
- memset(list, 0, sizeof(*list));
list->node = node_ptr;
if ( !data->head )
@@ -441,12 +439,9 @@ static int cond_read_node(struct policyd
if ( rc < 0 )
goto err;
- expr = xmalloc(struct cond_expr);
+ expr = xzalloc(struct cond_expr);
if ( !expr )
- {
goto err;
- }
- memset(expr, 0, sizeof(struct cond_expr));
expr->expr_type = le32_to_cpu(buf[0]);
expr->bool = le32_to_cpu(buf[1]);
@@ -494,10 +489,9 @@ int cond_read_list(struct policydb *p, v
for ( i = 0; i < len; i++ )
{
- node = xmalloc(struct cond_node);
+ node = xzalloc(struct cond_node);
if ( !node )
goto err;
- memset(node, 0, sizeof(struct cond_node));
if ( cond_read_node(p, node, fp) != 0 )
goto err;
--- a/xen/xsm/flask/ss/ebitmap.c
+++ b/xen/xsm/flask/ss/ebitmap.c
@@ -50,13 +50,12 @@ int ebitmap_cpy(struct ebitmap *dst, str
prev = NULL;
while ( n )
{
- new = xmalloc(struct ebitmap_node);
+ new = xzalloc(struct ebitmap_node);
if ( !new )
{
ebitmap_destroy(dst);
return -ENOMEM;
}
- memset(new, 0, sizeof(*new));
new->startbit = n->startbit;
memcpy(new->maps, n->maps, EBITMAP_SIZE / 8);
new->next = NULL;
@@ -176,10 +175,9 @@ int ebitmap_set_bit(struct ebitmap *e, u
if ( !value )
return 0;
- new = xmalloc(struct ebitmap_node);
+ new = xzalloc(struct ebitmap_node);
if ( !new )
return -ENOMEM;
- memset(new, 0, sizeof(*new));
new->startbit = bit - (bit % EBITMAP_SIZE);
ebitmap_node_set_bit(new, bit);
@@ -284,8 +282,8 @@ int ebitmap_read(struct ebitmap *e, void
if ( !n || startbit >= n->startbit + EBITMAP_SIZE )
{
- struct ebitmap_node *tmp;
- tmp = xmalloc(struct ebitmap_node);
+ struct ebitmap_node *tmp = xzalloc(struct ebitmap_node);
+
if ( !tmp )
{
printk(KERN_ERR
@@ -293,7 +291,6 @@ int ebitmap_read(struct ebitmap *e, void
rc = -ENOMEM;
goto bad;
}
- memset(tmp, 0, sizeof(*tmp));
/* round down */
tmp->startbit = startbit - (startbit % EBITMAP_SIZE);
if ( n )
--- a/xen/xsm/flask/ss/hashtab.c
+++ b/xen/xsm/flask/ss/hashtab.c
@@ -16,28 +16,21 @@ struct hashtab *hashtab_create(u32 (*has
int (*keycmp)(struct hashtab *h, const void *key1,
const void *key2), u32 size)
{
- struct hashtab *p;
- u32 i;
+ struct hashtab *p = xzalloc(struct hashtab);
- p = xmalloc(struct hashtab);
if ( p == NULL )
return p;
- memset(p, 0, sizeof(*p));
p->size = size;
- p->nel = 0;
p->hash_value = hash_value;
p->keycmp = keycmp;
- p->htable = xmalloc_array(struct hashtab_node *, size);
+ p->htable = xzalloc_array(struct hashtab_node *, size);
if ( p->htable == NULL )
{
xfree(p);
return NULL;
}
- for ( i = 0; i < size; i++ )
- p->htable[i] = NULL;
-
return p;
}
@@ -61,10 +54,9 @@ int hashtab_insert(struct hashtab *h, vo
if ( cur && (h->keycmp(h, key, cur->key) == 0) )
return -EEXIST;
- newnode = xmalloc(struct hashtab_node);
+ newnode = xzalloc(struct hashtab_node);
if ( newnode == NULL )
return -ENOMEM;
- memset(newnode, 0, sizeof(*newnode));
newnode->key = key;
newnode->datum = datum;
if ( prev )
--- a/xen/xsm/flask/ss/policydb.c
+++ b/xen/xsm/flask/ss/policydb.c
@@ -166,13 +166,12 @@ static int roles_init(struct policydb *p
int rc;
struct role_datum *role;
- role = xmalloc(struct role_datum);
+ role = xzalloc(struct role_datum);
if ( !role )
{
rc = -ENOMEM;
goto out;
}
- memset(role, 0, sizeof(*role));
role->value = ++p->p_roles.nprim;
if ( role->value != OBJECT_R_VAL )
{
@@ -950,13 +949,12 @@ static int perm_read(struct policydb *p,
__le32 buf[2];
u32 len;
- perdatum = xmalloc(struct perm_datum);
+ perdatum = xzalloc(struct perm_datum);
if ( !perdatum )
{
rc = -ENOMEM;
goto out;
}
- memset(perdatum, 0, sizeof(*perdatum));
rc = next_entry(buf, fp, sizeof buf);
if ( rc < 0 )
@@ -994,13 +992,12 @@ static int common_read(struct policydb *
u32 len, nel;
int i, rc;
- comdatum = xmalloc(struct common_datum);
+ comdatum = xzalloc(struct common_datum);
if ( !comdatum )
{
rc = -ENOMEM;
goto out;
}
- memset(comdatum, 0, sizeof(*comdatum));
rc = next_entry(buf, fp, sizeof buf);
if ( rc < 0 )
@@ -1055,10 +1052,9 @@ static int read_cons_helper(struct const
lc = NULL;
for ( i = 0; i < ncons; i++ )
{
- c = xmalloc(struct constraint_node);
+ c = xzalloc(struct constraint_node);
if ( !c )
return -ENOMEM;
- memset(c, 0, sizeof(*c));
if ( lc )
{
@@ -1078,10 +1074,9 @@ static int read_cons_helper(struct const
depth = -1;
for ( j = 0; j < nexpr; j++ )
{
- e = xmalloc(struct constraint_expr);
+ e = xzalloc(struct constraint_expr);
if ( !e )
return -ENOMEM;
- memset(e, 0, sizeof(*e));
if ( le )
le->next = e;
@@ -1142,13 +1137,12 @@ static int class_read(struct policydb *p
u32 len, len2, ncons, nel;
int i, rc;
- cladatum = xmalloc(struct class_datum);
+ cladatum = xzalloc(struct class_datum);
if ( !cladatum )
{
rc = -ENOMEM;
goto out;
}
- memset(cladatum, 0, sizeof(*cladatum));
rc = next_entry(buf, fp, sizeof(u32)*6);
if ( rc < 0 )
@@ -1226,13 +1220,12 @@ static int role_read(struct policydb *p,
__le32 buf[3];
u32 len;
- role = xmalloc(struct role_datum);
+ role = xzalloc(struct role_datum);
if ( !role )
{
rc = -ENOMEM;
goto out;
}
- memset(role, 0, sizeof(*role));
if ( p->policyvers >= POLICYDB_VERSION_BOUNDARY )
rc = next_entry(buf, fp, sizeof(buf[0]) * 3);
@@ -1297,13 +1290,12 @@ static int type_read(struct policydb *p,
__le32 buf[4];
u32 len;
- typdatum = xmalloc(struct type_datum);
+ typdatum = xzalloc(struct type_datum);
if ( !typdatum )
{
rc = -ENOMEM;
return rc;
}
- memset(typdatum, 0, sizeof(*typdatum));
if ( p->policyvers >= POLICYDB_VERSION_BOUNDARY )
rc = next_entry(buf, fp, sizeof(buf[0]) * 4);
@@ -1391,13 +1383,12 @@ static int user_read(struct policydb *p,
__le32 buf[3];
u32 len;
- usrdatum = xmalloc(struct user_datum);
+ usrdatum = xzalloc(struct user_datum);
if ( !usrdatum )
{
rc = -ENOMEM;
goto out;
}
- memset(usrdatum, 0, sizeof(*usrdatum));
if ( p->policyvers >= POLICYDB_VERSION_BOUNDARY )
rc = next_entry(buf, fp, sizeof(buf[0]) * 3);
@@ -1455,13 +1446,12 @@ static int sens_read(struct policydb *p,
__le32 buf[2];
u32 len;
- levdatum = xmalloc(struct level_datum);
+ levdatum = xzalloc(struct level_datum);
if ( !levdatum )
{
rc = -ENOMEM;
goto out;
}
- memset(levdatum, 0, sizeof(*levdatum));
rc = next_entry(buf, fp, sizeof buf);
if ( rc < 0 )
@@ -1511,13 +1501,12 @@ static int cat_read(struct policydb *p,
__le32 buf[3];
u32 len;
- catdatum = xmalloc(struct cat_datum);
+ catdatum = xzalloc(struct cat_datum);
if ( !catdatum )
{
rc = -ENOMEM;
goto out;
}
- memset(catdatum, 0, sizeof(*catdatum));
rc = next_entry(buf, fp, sizeof buf);
if ( rc < 0 )
@@ -1875,13 +1864,12 @@ int policydb_read(struct policydb *p, vo
ltr = NULL;
for ( i = 0; i < nel; i++ )
{
- tr = xmalloc(struct role_trans);
+ tr = xzalloc(struct role_trans);
if ( !tr )
{
rc = -ENOMEM;
goto bad;
}
- memset(tr, 0, sizeof(*tr));
if ( ltr )
ltr->next = tr;
else
@@ -1909,13 +1897,12 @@ int policydb_read(struct policydb *p, vo
lra = NULL;
for ( i = 0; i < nel; i++ )
{
- ra = xmalloc(struct role_allow);
+ ra = xzalloc(struct role_allow);
if ( !ra )
{
rc = -ENOMEM;
goto bad;
}
- memset(ra, 0, sizeof(*ra));
if ( lra )
lra->next = ra;
else
@@ -1951,13 +1938,12 @@ int policydb_read(struct policydb *p, vo
l = NULL;
for ( j = 0; j < nel; j++ )
{
- c = xmalloc(struct ocontext);
+ c = xzalloc(struct ocontext);
if ( !c )
{
rc = -ENOMEM;
goto bad;
}
- memset(c, 0, sizeof(*c));
if ( l )
l->next = c;
else
@@ -2067,13 +2053,12 @@ int policydb_read(struct policydb *p, vo
lrt = NULL;
for ( i = 0; i < nel; i++ )
{
- rt = xmalloc(struct range_trans);
+ rt = xzalloc(struct range_trans);
if ( !rt )
{
rc = -ENOMEM;
goto bad;
}
- memset(rt, 0, sizeof(*rt));
if ( lrt )
lrt->next = rt;
else
--- a/xen/xsm/flask/ss/services.c
+++ b/xen/xsm/flask/ss/services.c
@@ -1771,13 +1771,12 @@ int security_get_user_sids(u32 fromsid,
}
usercon.user = user->value;
- mysids = xmalloc_array(u32, maxnel);
+ mysids = xzalloc_array(u32, maxnel);
if ( !mysids )
{
rc = -ENOMEM;
goto out_unlock;
}
- memset(mysids, 0, maxnel*sizeof(*mysids));
ebitmap_for_each_positive_bit(&user->roles, rnode, i)
{
@@ -1808,14 +1807,13 @@ int security_get_user_sids(u32 fromsid,
else
{
maxnel += SIDS_NEL;
- mysids2 = xmalloc_array(u32, maxnel);
+ mysids2 = xzalloc_array(u32, maxnel);
if ( !mysids2 )
{
rc = -ENOMEM;
xfree(mysids);
goto out_unlock;
}
- memset(mysids2, 0, maxnel*sizeof(*mysids2));
memcpy(mysids2, mysids, mynel * sizeof(*mysids2));
xfree(mysids);
mysids = mysids2;
@@ -1868,14 +1866,14 @@ int security_get_bools(int *len, char **
goto out;
}
- if ( names ) {
- *names = (char**)xmalloc_array(char*, *len);
+ if ( names )
+ {
+ *names = xzalloc_array(char *, *len);
if ( !*names )
goto err;
- memset(*names, 0, sizeof(char*) * *len);
}
- *values = (int*)xmalloc_array(int, *len);
+ *values = xmalloc_array(int, *len);
if ( !*values )
goto err;
@@ -2059,9 +2057,8 @@ int security_ocontext_add( u32 ocon, uns
struct ocontext *prev;
struct ocontext *add;
- if ( (add = xmalloc(struct ocontext)) == NULL )
+ if ( (add = xzalloc(struct ocontext)) == NULL )
return -ENOMEM;
- memset(add, 0, sizeof(struct ocontext));
add->sid[0] = sid;
POLICY_WRLOCK;
[-- Attachment #3: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH 3/4] xsm: use # printk format modifier
2014-02-25 10:42 [PATCH 0/4] xsm/flask: more XSA-84 follow-ups Jan Beulich
2014-02-25 10:44 ` [PATCH 1/4] flask: add compat mode guest support Jan Beulich
2014-02-25 10:44 ` [PATCH 2/4] flask: use xzalloc() Jan Beulich
@ 2014-02-25 10:45 ` Jan Beulich
2014-02-25 10:46 ` [PATCH 4/4] xsm: streamline xsm_default_action() Jan Beulich
2014-02-26 0:40 ` [PATCH 0/4] xsm/flask: more XSA-84 follow-ups Daniel De Graaf
4 siblings, 0 replies; 7+ messages in thread
From: Jan Beulich @ 2014-02-25 10:45 UTC (permalink / raw)
To: xen-devel; +Cc: dgdegra
[-- Attachment #1: Type: text/plain, Size: 4375 bytes --]
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/xsm/flask/avc.c
+++ b/xen/xsm/flask/avc.c
@@ -197,7 +197,7 @@ static void avc_dump_av(struct avc_dump_
}
if ( av )
- avc_printk(buf, " 0x%x", av);
+ avc_printk(buf, " %#x", av);
avc_printk(buf, " }");
}
@@ -591,16 +591,16 @@ void avc_audit(u32 ssid, u32 tsid, u16 t
avc_printk(&buf, "domid=%d ", cdom->domain_id);
switch ( a ? a->type : 0 ) {
case AVC_AUDIT_DATA_DEV:
- avc_printk(&buf, "device=0x%lx ", a->device);
+ avc_printk(&buf, "device=%#lx ", a->device);
break;
case AVC_AUDIT_DATA_IRQ:
avc_printk(&buf, "irq=%d ", a->irq);
break;
case AVC_AUDIT_DATA_RANGE:
- avc_printk(&buf, "range=0x%lx-0x%lx ", a->range.start, a->range.end);
+ avc_printk(&buf, "range=%#lx-%#lx ", a->range.start, a->range.end);
break;
case AVC_AUDIT_DATA_MEMORY:
- avc_printk(&buf, "pte=0x%lx mfn=0x%lx ", a->memory.pte, a->memory.mfn);
+ avc_printk(&buf, "pte=%#lx mfn=%#lx ", a->memory.pte, a->memory.mfn);
break;
}
--- a/xen/xsm/flask/ss/policydb.c
+++ b/xen/xsm/flask/ss/policydb.c
@@ -1716,8 +1716,8 @@ int policydb_read(struct policydb *p, vo
if ( le32_to_cpu(buf[0]) != POLICYDB_MAGIC )
{
- printk(KERN_ERR "Flask: policydb magic number 0x%x does "
- "not match expected magic number 0x%x\n",
+ printk(KERN_ERR "Flask: policydb magic number %#x does "
+ "not match expected magic number %#x\n",
le32_to_cpu(buf[0]), POLICYDB_MAGIC);
goto bad;
}
--- a/xen/xsm/flask/ss/services.c
+++ b/xen/xsm/flask/ss/services.c
@@ -2111,7 +2111,7 @@ int security_ocontext_add( u32 ocon, uns
c->u.ioport.high_ioport == high && c->sid[0] == sid)
break;
- printk("%s: IO Port overlap with entry 0x%x - 0x%x\n",
+ printk("%s: IO Port overlap with entry %#x - %#x\n",
__FUNCTION__, c->u.ioport.low_ioport,
c->u.ioport.high_ioport);
ret = -EEXIST;
@@ -2145,7 +2145,7 @@ int security_ocontext_add( u32 ocon, uns
c->u.iomem.high_iomem == high && c->sid[0] == sid)
break;
- printk("%s: IO Memory overlap with entry 0x%x - 0x%x\n",
+ printk("%s: IO Memory overlap with entry %#x - %#x\n",
__FUNCTION__, c->u.iomem.low_iomem,
c->u.iomem.high_iomem);
ret = -EEXIST;
@@ -2177,7 +2177,7 @@ int security_ocontext_add( u32 ocon, uns
if ( c->sid[0] == sid )
break;
- printk("%s: Duplicate PCI Device 0x%x\n", __FUNCTION__,
+ printk("%s: Duplicate PCI Device %#x\n", __FUNCTION__,
add->u.device);
ret = -EEXIST;
break;
@@ -2257,7 +2257,7 @@ int security_ocontext_del( u32 ocon, uns
}
}
- printk("%s: ocontext not found: ioport 0x%x - 0x%x\n", __FUNCTION__,
+ printk("%s: ocontext not found: ioport %#x - %#x\n", __FUNCTION__,
low, high);
ret = -ENOENT;
break;
@@ -2284,7 +2284,7 @@ int security_ocontext_del( u32 ocon, uns
}
}
- printk("%s: ocontext not found: iomem 0x%x - 0x%x\n", __FUNCTION__,
+ printk("%s: ocontext not found: iomem %#x - %#x\n", __FUNCTION__,
low, high);
ret = -ENOENT;
break;
@@ -2310,7 +2310,7 @@ int security_ocontext_del( u32 ocon, uns
}
}
- printk("%s: ocontext not found: pcidevice 0x%x\n", __FUNCTION__, low);
+ printk("%s: ocontext not found: pcidevice %#x\n", __FUNCTION__, low);
ret = -ENOENT;
break;
--- a/xen/xsm/xsm_policy.c
+++ b/xen/xsm/xsm_policy.c
@@ -52,7 +52,7 @@ int __init xsm_policy_init(unsigned long
policy_buffer = (char *)_policy_start;
policy_size = _policy_len;
- printk("Policy len 0x%lx, start at %p.\n",
+ printk("Policy len %#lx, start at %p.\n",
_policy_len,_policy_start);
__clear_bit(i, module_map);
[-- Attachment #2: xsm-printk-hash.patch --]
[-- Type: text/plain, Size: 4408 bytes --]
xsm: use # printk format modifier
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/xsm/flask/avc.c
+++ b/xen/xsm/flask/avc.c
@@ -197,7 +197,7 @@ static void avc_dump_av(struct avc_dump_
}
if ( av )
- avc_printk(buf, " 0x%x", av);
+ avc_printk(buf, " %#x", av);
avc_printk(buf, " }");
}
@@ -591,16 +591,16 @@ void avc_audit(u32 ssid, u32 tsid, u16 t
avc_printk(&buf, "domid=%d ", cdom->domain_id);
switch ( a ? a->type : 0 ) {
case AVC_AUDIT_DATA_DEV:
- avc_printk(&buf, "device=0x%lx ", a->device);
+ avc_printk(&buf, "device=%#lx ", a->device);
break;
case AVC_AUDIT_DATA_IRQ:
avc_printk(&buf, "irq=%d ", a->irq);
break;
case AVC_AUDIT_DATA_RANGE:
- avc_printk(&buf, "range=0x%lx-0x%lx ", a->range.start, a->range.end);
+ avc_printk(&buf, "range=%#lx-%#lx ", a->range.start, a->range.end);
break;
case AVC_AUDIT_DATA_MEMORY:
- avc_printk(&buf, "pte=0x%lx mfn=0x%lx ", a->memory.pte, a->memory.mfn);
+ avc_printk(&buf, "pte=%#lx mfn=%#lx ", a->memory.pte, a->memory.mfn);
break;
}
--- a/xen/xsm/flask/ss/policydb.c
+++ b/xen/xsm/flask/ss/policydb.c
@@ -1716,8 +1716,8 @@ int policydb_read(struct policydb *p, vo
if ( le32_to_cpu(buf[0]) != POLICYDB_MAGIC )
{
- printk(KERN_ERR "Flask: policydb magic number 0x%x does "
- "not match expected magic number 0x%x\n",
+ printk(KERN_ERR "Flask: policydb magic number %#x does "
+ "not match expected magic number %#x\n",
le32_to_cpu(buf[0]), POLICYDB_MAGIC);
goto bad;
}
--- a/xen/xsm/flask/ss/services.c
+++ b/xen/xsm/flask/ss/services.c
@@ -2111,7 +2111,7 @@ int security_ocontext_add( u32 ocon, uns
c->u.ioport.high_ioport == high && c->sid[0] == sid)
break;
- printk("%s: IO Port overlap with entry 0x%x - 0x%x\n",
+ printk("%s: IO Port overlap with entry %#x - %#x\n",
__FUNCTION__, c->u.ioport.low_ioport,
c->u.ioport.high_ioport);
ret = -EEXIST;
@@ -2145,7 +2145,7 @@ int security_ocontext_add( u32 ocon, uns
c->u.iomem.high_iomem == high && c->sid[0] == sid)
break;
- printk("%s: IO Memory overlap with entry 0x%x - 0x%x\n",
+ printk("%s: IO Memory overlap with entry %#x - %#x\n",
__FUNCTION__, c->u.iomem.low_iomem,
c->u.iomem.high_iomem);
ret = -EEXIST;
@@ -2177,7 +2177,7 @@ int security_ocontext_add( u32 ocon, uns
if ( c->sid[0] == sid )
break;
- printk("%s: Duplicate PCI Device 0x%x\n", __FUNCTION__,
+ printk("%s: Duplicate PCI Device %#x\n", __FUNCTION__,
add->u.device);
ret = -EEXIST;
break;
@@ -2257,7 +2257,7 @@ int security_ocontext_del( u32 ocon, uns
}
}
- printk("%s: ocontext not found: ioport 0x%x - 0x%x\n", __FUNCTION__,
+ printk("%s: ocontext not found: ioport %#x - %#x\n", __FUNCTION__,
low, high);
ret = -ENOENT;
break;
@@ -2284,7 +2284,7 @@ int security_ocontext_del( u32 ocon, uns
}
}
- printk("%s: ocontext not found: iomem 0x%x - 0x%x\n", __FUNCTION__,
+ printk("%s: ocontext not found: iomem %#x - %#x\n", __FUNCTION__,
low, high);
ret = -ENOENT;
break;
@@ -2310,7 +2310,7 @@ int security_ocontext_del( u32 ocon, uns
}
}
- printk("%s: ocontext not found: pcidevice 0x%x\n", __FUNCTION__, low);
+ printk("%s: ocontext not found: pcidevice %#x\n", __FUNCTION__, low);
ret = -ENOENT;
break;
--- a/xen/xsm/xsm_policy.c
+++ b/xen/xsm/xsm_policy.c
@@ -52,7 +52,7 @@ int __init xsm_policy_init(unsigned long
policy_buffer = (char *)_policy_start;
policy_size = _policy_len;
- printk("Policy len 0x%lx, start at %p.\n",
+ printk("Policy len %#lx, start at %p.\n",
_policy_len,_policy_start);
__clear_bit(i, module_map);
[-- Attachment #3: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH 4/4] xsm: streamline xsm_default_action()
2014-02-25 10:42 [PATCH 0/4] xsm/flask: more XSA-84 follow-ups Jan Beulich
` (2 preceding siblings ...)
2014-02-25 10:45 ` [PATCH 3/4] xsm: use # printk format modifier Jan Beulich
@ 2014-02-25 10:46 ` Jan Beulich
2014-02-26 0:40 ` [PATCH 0/4] xsm/flask: more XSA-84 follow-ups Daniel De Graaf
4 siblings, 0 replies; 7+ messages in thread
From: Jan Beulich @ 2014-02-25 10:46 UTC (permalink / raw)
To: xen-devel; +Cc: dgdegra
[-- Attachment #1: Type: text/plain, Size: 952 bytes --]
The privileges being strongly ordered is better reflected by using fall
through within the respective switch statement.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -59,20 +59,14 @@ static always_inline int xsm_default_act
switch ( action ) {
case XSM_HOOK:
return 0;
- case XSM_DM_PRIV:
- if ( src->is_privileged )
- return 0;
- if ( target && src->target == target )
- return 0;
- return -EPERM;
case XSM_TARGET:
if ( src == target )
return 0;
- if ( src->is_privileged )
- return 0;
+ /* fall through */
+ case XSM_DM_PRIV:
if ( target && src->target == target )
return 0;
- return -EPERM;
+ /* fall through */
case XSM_PRIV:
if ( src->is_privileged )
return 0;
[-- Attachment #2: xsm-default-action-fallthrough.patch --]
[-- Type: text/plain, Size: 986 bytes --]
xsm: streamline xsm_default_action()
The privileges being strongly ordered is better reflected by using fall
through within the respective switch statement.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -59,20 +59,14 @@ static always_inline int xsm_default_act
switch ( action ) {
case XSM_HOOK:
return 0;
- case XSM_DM_PRIV:
- if ( src->is_privileged )
- return 0;
- if ( target && src->target == target )
- return 0;
- return -EPERM;
case XSM_TARGET:
if ( src == target )
return 0;
- if ( src->is_privileged )
- return 0;
+ /* fall through */
+ case XSM_DM_PRIV:
if ( target && src->target == target )
return 0;
- return -EPERM;
+ /* fall through */
case XSM_PRIV:
if ( src->is_privileged )
return 0;
[-- Attachment #3: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 0/4] xsm/flask: more XSA-84 follow-ups
2014-02-25 10:42 [PATCH 0/4] xsm/flask: more XSA-84 follow-ups Jan Beulich
` (3 preceding siblings ...)
2014-02-25 10:46 ` [PATCH 4/4] xsm: streamline xsm_default_action() Jan Beulich
@ 2014-02-26 0:40 ` Daniel De Graaf
4 siblings, 0 replies; 7+ messages in thread
From: Daniel De Graaf @ 2014-02-26 0:40 UTC (permalink / raw)
To: Jan Beulich, xen-devel
On 02/25/2014 05:42 AM, Jan Beulich wrote:
> 1: flask: add compat mode guest support
> 2: flask: use xzalloc()
> 3: xsm: use # printk format modifier
> 4: xsm: streamline xsm_default_action()
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
For all four patches:
Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
--
Daniel De Graaf
National Security Agency
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 1/4] flask: add compat mode guest support
2014-02-25 10:44 ` [PATCH 1/4] flask: add compat mode guest support Jan Beulich
@ 2014-02-28 15:13 ` Keir Fraser
0 siblings, 0 replies; 7+ messages in thread
From: Keir Fraser @ 2014-02-28 15:13 UTC (permalink / raw)
To: Jan Beulich; +Cc: xen-devel, dgdegra
[-- Attachment #1.1: Type: text/plain, Size: 11624 bytes --]
On Tue, Feb 25, 2014 at 10:44 AM, Jan Beulich <JBeulich@suse.com> wrote:
> ... which has been missing since the introduction of the new interface
> in the 4.2 development cycle.
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
>
Acked-by: Keir Fraser <keir@xen.org>
>
> --- a/xen/arch/x86/x86_64/compat/entry.S
> +++ b/xen/arch/x86/x86_64/compat/entry.S
> @@ -404,7 +404,7 @@ ENTRY(compat_hypercall_table)
> .quad compat_vcpu_op
> .quad compat_ni_hypercall /* 25 */
> .quad compat_mmuext_op
> - .quad do_xsm_op
> + .quad compat_xsm_op
> .quad compat_nmi_op
> .quad compat_sched_op
> .quad compat_callback_op /* 30 */
> --- a/xen/include/Makefile
> +++ b/xen/include/Makefile
> @@ -27,6 +27,7 @@ headers-$(CONFIG_X86) += compat/arch
> headers-$(CONFIG_X86) += compat/arch-x86/xen.h
> headers-$(CONFIG_X86) += compat/arch-x86/xen-$(compat-arch-y).h
> headers-y += compat/arch-$(compat-arch-y).h compat/xlat.h
> +headers-$(FLASK_ENABLE) += compat/xsm/flask_op.h
>
> cppflags-y := -include public/xen-compat.h
> cppflags-$(CONFIG_X86) += -m32
> @@ -69,7 +70,9 @@ compat/xlat.h: xlat.lst $(filter-out com
> export PYTHON=$(PYTHON); \
> grep -v '^[ ]*#' xlat.lst | \
> while read what name hdr; do \
> - $(SHELL) $(BASEDIR)/tools/get-fields.sh "$$what"
> compat_$$name $$(echo compat/$$hdr | sed 's,@arch@,$(compat-arch-y),g')
> || exit $$?; \
> + hdr="compat/$$(echo $$hdr | sed 's,@arch@,$(compat-arch-y),g')";
> \
> + echo '$(headers-y)' | grep -q "$$hdr" || continue; \
> + $(SHELL) $(BASEDIR)/tools/get-fields.sh "$$what"
> compat_$$name $$hdr || exit $$?; \
> done >$@.new
> mv -f $@.new $@
>
> --- a/xen/include/xlat.lst
> +++ b/xen/include/xlat.lst
> @@ -99,3 +99,16 @@
> ! vcpu_set_singleshot_timer vcpu.h
> ? xenoprof_init xenoprof.h
> ? xenoprof_passive xenoprof.h
> +? flask_access xsm/flask_op.h
> +! flask_boolean xsm/flask_op.h
> +? flask_cache_stats xsm/flask_op.h
> +? flask_hash_stats xsm/flask_op.h
> +! flask_load xsm/flask_op.h
> +? flask_ocontext xsm/flask_op.h
> +? flask_peersid xsm/flask_op.h
> +? flask_relabel xsm/flask_op.h
> +? flask_setavc_threshold xsm/flask_op.h
> +? flask_setenforce xsm/flask_op.h
> +! flask_sid_context xsm/flask_op.h
> +? flask_transition xsm/flask_op.h
> +! flask_userlist xsm/flask_op.h
> --- a/xen/include/xsm/dummy.h
> +++ b/xen/include/xsm/dummy.h
> @@ -412,6 +412,13 @@ static XSM_INLINE long xsm_do_xsm_op(XEN
> return -ENOSYS;
> }
>
> +#ifdef CONFIG_COMPAT
> +static XSM_INLINE int xsm_do_compat_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t)
> op)
> +{
> + return -ENOSYS;
> +}
> +#endif
> +
> static XSM_INLINE char *xsm_show_irq_sid(int irq)
> {
> return NULL;
> --- a/xen/include/xsm/xsm.h
> +++ b/xen/include/xsm/xsm.h
> @@ -129,6 +129,9 @@ struct xsm_operations {
> int (*tmem_control)(void);
>
> long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op);
> +#ifdef CONFIG_COMPAT
> + int (*do_compat_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op);
> +#endif
>
> int (*hvm_param) (struct domain *d, unsigned long op);
> int (*hvm_param_nested) (struct domain *d);
> @@ -499,6 +502,13 @@ static inline long xsm_do_xsm_op (XEN_GU
> return xsm_ops->do_xsm_op(op);
> }
>
> +#ifdef CONFIG_COMPAT
> +static inline int xsm_do_compat_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
> +{
> + return xsm_ops->do_compat_op(op);
> +}
> +#endif
> +
> static inline int xsm_hvm_param (xsm_default_t def, struct domain *d,
> unsigned long op)
> {
> return xsm_ops->hvm_param(d, op);
> --- a/xen/xsm/dummy.c
> +++ b/xen/xsm/dummy.c
> @@ -105,6 +105,9 @@ void xsm_fixup_ops (struct xsm_operation
> set_to_dummy_if_null(ops, hvm_param_nested);
>
> set_to_dummy_if_null(ops, do_xsm_op);
> +#ifdef CONFIG_COMPAT
> + set_to_dummy_if_null(ops, do_compat_op);
> +#endif
>
> set_to_dummy_if_null(ops, add_to_physmap);
> set_to_dummy_if_null(ops, remove_from_physmap);
> --- a/xen/xsm/flask/flask_op.c
> +++ b/xen/xsm/flask/flask_op.c
> @@ -7,7 +7,7 @@
> * it under the terms of the GNU General Public License version 2,
> * as published by the Free Software Foundation.
> */
> -
> +#ifndef COMPAT
> #include <xen/errno.h>
> #include <xen/event.h>
> #include <xsm/xsm.h>
> @@ -20,6 +20,10 @@
> #include <objsec.h>
> #include <conditional.h>
>
> +#define ret_t long
> +#define _copy_to_guest copy_to_guest
> +#define _copy_from_guest copy_from_guest
> +
> #ifdef FLASK_DEVELOP
> int flask_enforcing = 0;
> integer_param("flask_enforcing", flask_enforcing);
> @@ -95,6 +99,8 @@ static int flask_copyin_string(XEN_GUEST
> return 0;
> }
>
> +#endif /* COMPAT */
> +
> static int flask_security_user(struct xen_flask_userlist *arg)
> {
> char *user;
> @@ -119,7 +125,7 @@ static int flask_security_user(struct xe
>
> arg->size = nsids;
>
> - if ( copy_to_guest(arg->u.sids, sids, nsids) )
> + if ( _copy_to_guest(arg->u.sids, sids, nsids) )
> rv = -EFAULT;
>
> xfree(sids);
> @@ -128,6 +134,8 @@ static int flask_security_user(struct xe
> return rv;
> }
>
> +#ifndef COMPAT
> +
> static int flask_security_relabel(struct xen_flask_transition *arg)
> {
> int rv;
> @@ -208,6 +216,8 @@ static int flask_security_setenforce(str
> return 0;
> }
>
> +#endif /* COMPAT */
> +
> static int flask_security_context(struct xen_flask_sid_context *arg)
> {
> int rv;
> @@ -252,7 +262,7 @@ static int flask_security_sid(struct xen
>
> arg->size = len;
>
> - if ( !rv && copy_to_guest(arg->context, context, len) )
> + if ( !rv && _copy_to_guest(arg->context, context, len) )
> rv = -EFAULT;
>
> xfree(context);
> @@ -260,6 +270,8 @@ static int flask_security_sid(struct xen
> return rv;
> }
>
> +#ifndef COMPAT
> +
> int flask_disable(void)
> {
> static int flask_disabled = 0;
> @@ -302,6 +314,8 @@ static int flask_security_setavc_thresho
> return rv;
> }
>
> +#endif /* COMPAT */
> +
> static int flask_security_resolve_bool(struct xen_flask_boolean *arg)
> {
> char *name;
> @@ -382,24 +396,6 @@ static int flask_security_set_bool(struc
> return rv;
> }
>
> -static int flask_security_commit_bools(void)
> -{
> - int rv;
> -
> - spin_lock(&sel_sem);
> -
> - rv = domain_has_security(current->domain, SECURITY__SETBOOL);
> - if ( rv )
> - goto out;
> -
> - if ( bool_pending_values )
> - rv = security_set_bools(bool_num, bool_pending_values);
> -
> - out:
> - spin_unlock(&sel_sem);
> - return rv;
> -}
> -
> static int flask_security_get_bool(struct xen_flask_boolean *arg)
> {
> int rv;
> @@ -431,7 +427,7 @@ static int flask_security_get_bool(struc
> rv = -ERANGE;
> arg->size = nameout_len;
>
> - if ( !rv && copy_to_guest(arg->name, nameout, nameout_len) )
> + if ( !rv && _copy_to_guest(arg->name, nameout, nameout_len) )
> rv = -EFAULT;
> xfree(nameout);
> }
> @@ -441,6 +437,26 @@ static int flask_security_get_bool(struc
> return rv;
> }
>
> +#ifndef COMPAT
> +
> +static int flask_security_commit_bools(void)
> +{
> + int rv;
> +
> + spin_lock(&sel_sem);
> +
> + rv = domain_has_security(current->domain, SECURITY__SETBOOL);
> + if ( rv )
> + goto out;
> +
> + if ( bool_pending_values )
> + rv = security_set_bools(bool_num, bool_pending_values);
> +
> + out:
> + spin_unlock(&sel_sem);
> + return rv;
> +}
> +
> static int flask_security_make_bools(void)
> {
> int ret = 0;
> @@ -484,6 +500,7 @@ static int flask_security_avc_cachestats
> }
>
> #endif
> +#endif /* COMPAT */
>
> static int flask_security_load(struct xen_flask_load *load)
> {
> @@ -501,7 +518,7 @@ static int flask_security_load(struct xe
> if ( !buf )
> return -ENOMEM;
>
> - if ( copy_from_guest(buf, load->buffer, load->size) )
> + if ( _copy_from_guest(buf, load->buffer, load->size) )
> {
> ret = -EFAULT;
> goto out_free;
> @@ -524,6 +541,8 @@ static int flask_security_load(struct xe
> return ret;
> }
>
> +#ifndef COMPAT
> +
> static int flask_ocontext_del(struct xen_flask_ocontext *arg)
> {
> int rv;
> @@ -636,7 +655,9 @@ static int flask_relabel_domain(struct x
> return rc;
> }
>
> -long do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op)
> +#endif /* !COMPAT */
> +
> +ret_t do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op)
> {
> xen_flask_op_t op;
> int rv;
> @@ -763,3 +784,52 @@ long do_flask_op(XEN_GUEST_HANDLE_PARAM(
> out:
> return rv;
> }
> +
> +#ifndef COMPAT
> +#undef _copy_to_guest
> +#define _copy_to_guest copy_to_compat
> +#undef _copy_from_guest
> +#define _copy_from_guest copy_from_compat
> +
> +#include <compat/event_channel.h>
> +#include <compat/xsm/flask_op.h>
> +
> +CHECK_flask_access;
> +CHECK_flask_cache_stats;
> +CHECK_flask_hash_stats;
> +CHECK_flask_ocontext;
> +CHECK_flask_peersid;
> +CHECK_flask_relabel;
> +CHECK_flask_setavc_threshold;
> +CHECK_flask_setenforce;
> +CHECK_flask_transition;
> +
> +#define COMPAT
> +#define flask_copyin_string(ch, pb, sz, mx) ({ \
> + XEN_GUEST_HANDLE_PARAM(char) gh; \
> + guest_from_compat_handle(gh, ch); \
> + flask_copyin_string(gh, pb, sz, mx); \
> +})
> +
> +#define xen_flask_load compat_flask_load
> +#define flask_security_load compat_security_load
> +
> +#define xen_flask_userlist compat_flask_userlist
> +#define flask_security_user compat_security_user
> +
> +#define xen_flask_sid_context compat_flask_sid_context
> +#define flask_security_context compat_security_context
> +#define flask_security_sid compat_security_sid
> +
> +#define xen_flask_boolean compat_flask_boolean
> +#define flask_security_resolve_bool compat_security_resolve_bool
> +#define flask_security_get_bool compat_security_get_bool
> +#define flask_security_set_bool compat_security_set_bool
> +
> +#define xen_flask_op_t compat_flask_op_t
> +#undef ret_t
> +#define ret_t int
> +#define do_flask_op compat_flask_op
> +
> +#include "flask_op.c"
> +#endif
> --- a/xen/xsm/flask/hooks.c
> +++ b/xen/xsm/flask/hooks.c
> @@ -1464,6 +1464,7 @@ static int flask_map_gmfn_foreign(struct
> #endif
>
> long do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op);
> +int compat_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op);
>
> static struct xsm_operations flask_ops = {
> .security_domaininfo = flask_security_domaininfo,
> @@ -1538,6 +1539,9 @@ static struct xsm_operations flask_ops =
> .hvm_param_nested = flask_hvm_param_nested,
>
> .do_xsm_op = do_flask_op,
> +#ifdef CONFIG_COMPAT
> + .do_compat_op = compat_flask_op,
> +#endif
>
> .add_to_physmap = flask_add_to_physmap,
> .remove_from_physmap = flask_remove_from_physmap,
> --- a/xen/xsm/xsm_core.c
> +++ b/xen/xsm/xsm_core.c
> @@ -116,4 +116,9 @@ long do_xsm_op (XEN_GUEST_HANDLE_PARAM(x
> return xsm_do_xsm_op(op);
> }
>
> -
> +#ifdef CONFIG_COMPAT
> +int compat_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
> +{
> + return xsm_do_compat_op(op);
> +}
> +#endif
>
>
>
[-- Attachment #1.2: Type: text/html, Size: 13607 bytes --]
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2014-02-28 15:13 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-02-25 10:42 [PATCH 0/4] xsm/flask: more XSA-84 follow-ups Jan Beulich
2014-02-25 10:44 ` [PATCH 1/4] flask: add compat mode guest support Jan Beulich
2014-02-28 15:13 ` Keir Fraser
2014-02-25 10:44 ` [PATCH 2/4] flask: use xzalloc() Jan Beulich
2014-02-25 10:45 ` [PATCH 3/4] xsm: use # printk format modifier Jan Beulich
2014-02-25 10:46 ` [PATCH 4/4] xsm: streamline xsm_default_action() Jan Beulich
2014-02-26 0:40 ` [PATCH 0/4] xsm/flask: more XSA-84 follow-ups Daniel De Graaf
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.