|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen-unstable] ACM: Test sharing as part of the authorization check.
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1195571609 0
# Node ID 2022cbc842af902007b5379acac2ea9fc83aa061
# Parent bc6aaa44e296c0d905daf57ebe268b32faa58376
ACM: Test sharing as part of the authorization check.
Protected the policy from being changed while the hooks are being
called.
Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx>
---
xen/include/xsm/acm/acm_hooks.h | 2 +-
xen/xsm/acm/acm_policy.c | 5 +++++
2 files changed, 6 insertions(+), 1 deletion(-)
diff -r bc6aaa44e296 -r 2022cbc842af xen/include/xsm/acm/acm_hooks.h
--- a/xen/include/xsm/acm/acm_hooks.h Tue Nov 20 15:05:36 2007 +0000
+++ b/xen/include/xsm/acm/acm_hooks.h Tue Nov 20 15:13:29 2007 +0000
@@ -325,7 +325,7 @@ static inline int acm_authorization(ssid
acm_secondary_ops->authorization(ssidref1, ssidref2)) {
return ACM_ACCESS_DENIED;
} else
- return ACM_ACCESS_PERMITTED;
+ return acm_sharing(ssidref1, ssidref2);
}
diff -r bc6aaa44e296 -r 2022cbc842af xen/xsm/acm/acm_policy.c
--- a/xen/xsm/acm/acm_policy.c Tue Nov 20 15:05:36 2007 +0000
+++ b/xen/xsm/acm/acm_policy.c Tue Nov 20 15:13:29 2007 +0000
@@ -430,6 +430,9 @@ acm_get_decision(ssidref_t ssidref1, ssi
acm_get_decision(ssidref_t ssidref1, ssidref_t ssidref2, u32 hook)
{
int ret = ACM_ACCESS_DENIED;
+
+ read_lock(&acm_bin_pol_rwlock);
+
switch ( hook )
{
@@ -446,6 +449,8 @@ acm_get_decision(ssidref_t ssidref1, ssi
/* deny */
break;
}
+
+ read_unlock(&acm_bin_pol_rwlock);
printkd("%s: ssid1=%x, ssid2=%x, decision=%s.\n",
__func__, ssidref1, ssidref2,
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |