xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
* [PATCH v2 1/2] xsm: only define XSM_MAGIC in xsm.h
@ 2016-03-16 19:18 Doug Goldstein
  2016-03-16 19:18 ` [PATCH v2 2/2] xsm: move FLASK_AVC_STATS to Kconfig Doug Goldstein
                   ` (2 more replies)
  0 siblings, 3 replies; 5+ messages in thread
From: Doug Goldstein @ 2016-03-16 19:18 UTC (permalink / raw)
  To: xen-devel; +Cc: Daniel De Graaf, Doug Goldstein

Rather than have XSM_MAGIC set in the global xen/config.h and set in
xsm.h if it's unset, just set it once in xsm.h since its only used in
files that already include xsm.h

Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
---
CC: Daniel De Graaf <dgdegra@tycho.nsa.gov>
---
 xen/include/xen/config.h | 1 -
 xen/include/xsm/xsm.h    | 7 +++++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/xen/include/xen/config.h b/xen/include/xen/config.h
index 96f5539..3f8c53d 100644
--- a/xen/include/xen/config.h
+++ b/xen/include/xen/config.h
@@ -79,7 +79,6 @@
 #define STR(...) __STR(__VA_ARGS__)
 
 #ifdef CONFIG_FLASK
-#define XSM_MAGIC 0xf97cff8c
 /* Maintain statistics on the access vector cache */
 #define FLASK_AVC_STATS 1
 #endif
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 3afed70..37a102a 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -23,8 +23,11 @@ DEFINE_XEN_GUEST_HANDLE(xsm_op_t);
 
 /* policy magic number (defined by XSM_MAGIC) */
 typedef u32 xsm_magic_t;
-#ifndef XSM_MAGIC
-#define XSM_MAGIC 0x00000000
+
+#ifdef CONFIG_FLASK
+#define XSM_MAGIC 0xf97cff8c
+#else
+#define XSM_MAGIC 0x0
 #endif
 
 /* These annotations are used by callers and in dummy.h to document the
-- 
2.7.3


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [PATCH v2 2/2] xsm: move FLASK_AVC_STATS to Kconfig
  2016-03-16 19:18 [PATCH v2 1/2] xsm: only define XSM_MAGIC in xsm.h Doug Goldstein
@ 2016-03-16 19:18 ` Doug Goldstein
  2016-03-22 18:31 ` [PATCH v2 1/2] xsm: only define XSM_MAGIC in xsm.h Doug Goldstein
  2016-03-25 15:07 ` Daniel De Graaf
  2 siblings, 0 replies; 5+ messages in thread
From: Doug Goldstein @ 2016-03-16 19:18 UTC (permalink / raw)
  To: xen-devel; +Cc: Daniel De Graaf, Doug Goldstein

Have Kconfig set CONFIG_FLASK_AVC_STATS and prefix all uses with CONFIG_
to use the Kconfig variable.

Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
---
CC: Daniel De Graaf <dgdegra@tycho.nsa.gov>
---
 xen/common/Kconfig          | 6 ++++++
 xen/include/xen/config.h    | 5 -----
 xen/xsm/flask/avc.c         | 4 ++--
 xen/xsm/flask/flask_op.c    | 4 ++--
 xen/xsm/flask/include/avc.h | 2 +-
 5 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/xen/common/Kconfig b/xen/common/Kconfig
index 3522ecb..ad9f7bf 100644
--- a/xen/common/Kconfig
+++ b/xen/common/Kconfig
@@ -23,6 +23,12 @@ config FLASK
 
 	  If unsure, say N.
 
+config FLASK_AVC_STATS
+	def_bool y
+	depends on FLASK
+	---help---
+	  Maintain statistics on the access vector cache
+
 # Select HAS_DEVICE_TREE if device tree is supported
 config HAS_DEVICE_TREE
 	bool
diff --git a/xen/include/xen/config.h b/xen/include/xen/config.h
index 3f8c53d..ef6e5ee 100644
--- a/xen/include/xen/config.h
+++ b/xen/include/xen/config.h
@@ -78,11 +78,6 @@
 #define __STR(...) #__VA_ARGS__
 #define STR(...) __STR(__VA_ARGS__)
 
-#ifdef CONFIG_FLASK
-/* Maintain statistics on the access vector cache */
-#define FLASK_AVC_STATS 1
-#endif
-
 /* allow existing code to work with Kconfig variable */
 #define NR_CPUS CONFIG_NR_CPUS
 
diff --git a/xen/xsm/flask/avc.c b/xen/xsm/flask/avc.c
index 31bc702..7764379 100644
--- a/xen/xsm/flask/avc.c
+++ b/xen/xsm/flask/avc.c
@@ -56,7 +56,7 @@ const struct selinux_class_perm selinux_class_perm = {
 #define AVC_DEF_CACHE_THRESHOLD        512
 #define AVC_CACHE_RECLAIM        16
 
-#ifdef FLASK_AVC_STATS
+#ifdef CONFIG_FLASK_AVC_STATS
 #define avc_cache_stats_incr(field)                 \
 do {                                \
     __get_cpu_var(avc_cache_stats).field++;        \
@@ -101,7 +101,7 @@ struct avc_callback_node {
 /* Exported via Flask hypercall */
 unsigned int avc_cache_threshold = AVC_DEF_CACHE_THRESHOLD;
 
-#ifdef FLASK_AVC_STATS
+#ifdef CONFIG_FLASK_AVC_STATS
 DEFINE_PER_CPU(struct avc_cache_stats, avc_cache_stats);
 #endif
 
diff --git a/xen/xsm/flask/flask_op.c b/xen/xsm/flask/flask_op.c
index f4f5dd1..3c9c99e 100644
--- a/xen/xsm/flask/flask_op.c
+++ b/xen/xsm/flask/flask_op.c
@@ -469,7 +469,7 @@ static int flask_security_make_bools(void)
     return ret;
 }
 
-#ifdef FLASK_AVC_STATS
+#ifdef CONFIG_FLASK_AVC_STATS
 
 static int flask_security_avc_cachestats(struct xen_flask_cache_stats *arg)
 {
@@ -761,7 +761,7 @@ ret_t do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op)
         rv = avc_get_hash_stats(&op.u.hash_stats);
         break;
 
-#ifdef FLASK_AVC_STATS
+#ifdef CONFIG_FLASK_AVC_STATS
     case FLASK_AVC_CACHESTATS:
         rv = flask_security_avc_cachestats(&op.u.cache_stats);
         break;
diff --git a/xen/xsm/flask/include/avc.h b/xen/xsm/flask/include/avc.h
index 4283562..729856e 100644
--- a/xen/xsm/flask/include/avc.h
+++ b/xen/xsm/flask/include/avc.h
@@ -108,7 +108,7 @@ struct xen_flask_hash_stats;
 int avc_get_hash_stats(struct xen_flask_hash_stats *arg);
 extern unsigned int avc_cache_threshold;
 
-#ifdef FLASK_AVC_STATS
+#ifdef CONFIG_FLASK_AVC_STATS
 DECLARE_PER_CPU(struct avc_cache_stats, avc_cache_stats);
 #endif
 
-- 
2.7.3


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH v2 1/2] xsm: only define XSM_MAGIC in xsm.h
  2016-03-16 19:18 [PATCH v2 1/2] xsm: only define XSM_MAGIC in xsm.h Doug Goldstein
  2016-03-16 19:18 ` [PATCH v2 2/2] xsm: move FLASK_AVC_STATS to Kconfig Doug Goldstein
@ 2016-03-22 18:31 ` Doug Goldstein
  2016-03-25 15:07 ` Daniel De Graaf
  2 siblings, 0 replies; 5+ messages in thread
From: Doug Goldstein @ 2016-03-22 18:31 UTC (permalink / raw)
  To: xen-devel; +Cc: Daniel De Graaf


[-- Attachment #1.1.1: Type: text/plain, Size: 1449 bytes --]

On 3/16/16 2:18 PM, Doug Goldstein wrote:
> Rather than have XSM_MAGIC set in the global xen/config.h and set in
> xsm.h if it's unset, just set it once in xsm.h since its only used in
> files that already include xsm.h
> 
> Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
> ---
> CC: Daniel De Graaf <dgdegra@tycho.nsa.gov>
> ---
>  xen/include/xen/config.h | 1 -
>  xen/include/xsm/xsm.h    | 7 +++++--
>  2 files changed, 5 insertions(+), 3 deletions(-)
> 
> diff --git a/xen/include/xen/config.h b/xen/include/xen/config.h
> index 96f5539..3f8c53d 100644
> --- a/xen/include/xen/config.h
> +++ b/xen/include/xen/config.h
> @@ -79,7 +79,6 @@
>  #define STR(...) __STR(__VA_ARGS__)
>  
>  #ifdef CONFIG_FLASK
> -#define XSM_MAGIC 0xf97cff8c
>  /* Maintain statistics on the access vector cache */
>  #define FLASK_AVC_STATS 1
>  #endif
> diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
> index 3afed70..37a102a 100644
> --- a/xen/include/xsm/xsm.h
> +++ b/xen/include/xsm/xsm.h
> @@ -23,8 +23,11 @@ DEFINE_XEN_GUEST_HANDLE(xsm_op_t);
>  
>  /* policy magic number (defined by XSM_MAGIC) */
>  typedef u32 xsm_magic_t;
> -#ifndef XSM_MAGIC
> -#define XSM_MAGIC 0x00000000
> +
> +#ifdef CONFIG_FLASK
> +#define XSM_MAGIC 0xf97cff8c
> +#else
> +#define XSM_MAGIC 0x0
>  #endif
>  
>  /* These annotations are used by callers and in dummy.h to document the
> 

ping?

-- 
Doug Goldstein


[-- Attachment #1.2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 959 bytes --]

[-- Attachment #2: Type: text/plain, Size: 126 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH v2 1/2] xsm: only define XSM_MAGIC in xsm.h
  2016-03-16 19:18 [PATCH v2 1/2] xsm: only define XSM_MAGIC in xsm.h Doug Goldstein
  2016-03-16 19:18 ` [PATCH v2 2/2] xsm: move FLASK_AVC_STATS to Kconfig Doug Goldstein
  2016-03-22 18:31 ` [PATCH v2 1/2] xsm: only define XSM_MAGIC in xsm.h Doug Goldstein
@ 2016-03-25 15:07 ` Daniel De Graaf
  2016-03-25 15:30   ` Konrad Rzeszutek Wilk
  2 siblings, 1 reply; 5+ messages in thread
From: Daniel De Graaf @ 2016-03-25 15:07 UTC (permalink / raw)
  To: Doug Goldstein, xen-devel

On 03/16/2016 03:18 PM, Doug Goldstein wrote:
> Rather than have XSM_MAGIC set in the global xen/config.h and set in
> xsm.h if it's unset, just set it once in xsm.h since its only used in
> files that already include xsm.h
>
> Signed-off-by: Doug Goldstein <cardoe@cardoe.com>

Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH v2 1/2] xsm: only define XSM_MAGIC in xsm.h
  2016-03-25 15:07 ` Daniel De Graaf
@ 2016-03-25 15:30   ` Konrad Rzeszutek Wilk
  0 siblings, 0 replies; 5+ messages in thread
From: Konrad Rzeszutek Wilk @ 2016-03-25 15:30 UTC (permalink / raw)
  To: Daniel De Graaf; +Cc: Doug Goldstein, xen-devel

On Fri, Mar 25, 2016 at 11:07:19AM -0400, Daniel De Graaf wrote:
> On 03/16/2016 03:18 PM, Doug Goldstein wrote:
> >Rather than have XSM_MAGIC set in the global xen/config.h and set in
> >xsm.h if it's unset, just set it once in xsm.h since its only used in
> >files that already include xsm.h
> >
> >Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
> 
> Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>

Both patches applied.
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2016-03-25 15:30 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-03-16 19:18 [PATCH v2 1/2] xsm: only define XSM_MAGIC in xsm.h Doug Goldstein
2016-03-16 19:18 ` [PATCH v2 2/2] xsm: move FLASK_AVC_STATS to Kconfig Doug Goldstein
2016-03-22 18:31 ` [PATCH v2 1/2] xsm: only define XSM_MAGIC in xsm.h Doug Goldstein
2016-03-25 15:07 ` Daniel De Graaf
2016-03-25 15:30   ` Konrad Rzeszutek Wilk

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).