|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen-unstable] xen/xsm: distinguish scheduler get/set operations
# HG changeset patch
# User Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
# Date 1357901350 0
# Node ID 6de4ea938c443b72fa5de426f94e7c842318acd5
# Parent 21f0e200f6b02bd02c4eb4aeae8ff6e84cd5b1d8
xen/xsm: distinguish scheduler get/set operations
Add getscheduler and setscheduler permissions to replace the
monolithic scheduler permission in the scheduler_op domctl and sysctl.
Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Committed-by: Keir Fraser <keir@xxxxxxx>
---
diff -r 21f0e200f6b0 -r 6de4ea938c44
tools/flask/policy/policy/modules/xen/xen.if
--- a/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:46:43
2013 +0000
+++ b/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:49:10
2013 +0000
@@ -47,9 +47,9 @@ define(`declare_build_label', `
define(`create_domain_common', `
allow $1 $2:domain { create max_vcpus setdomainmaxmem setaddrsize
getdomaininfo hypercall setvcpucontext setextvcpucontext
- scheduler getvcpuinfo getvcpuextstate getaddrsize
+ getscheduler getvcpuinfo getvcpuextstate getaddrsize
getvcpuaffinity setvcpuaffinity };
- allow $1 $2:domain2 { set_cpuid settsc };
+ allow $1 $2:domain2 { set_cpuid settsc setscheduler };
allow $1 $2:security check_context;
allow $1 $2:shadow enable;
allow $1 $2:mmu { map_read map_write adjust memorymap physmap pinpage
mmuext_op };
@@ -79,7 +79,7 @@ define(`create_domain_build_label', `
define(`manage_domain', `
allow $1 $2:domain { getdomaininfo getvcpuinfo getvcpuaffinity
getaddrsize pause unpause trigger shutdown destroy
- setvcpuaffinity setdomainmaxmem };
+ setvcpuaffinity setdomainmaxmem getscheduler };
')
# migrate_domain_out(priv, target)
diff -r 21f0e200f6b0 -r 6de4ea938c44
tools/flask/policy/policy/modules/xen/xen.te
--- a/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:46:43
2013 +0000
+++ b/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:49:10
2013 +0000
@@ -55,8 +55,8 @@ type device_t, resource_type;
#
################################################################################
allow dom0_t xen_t:xen { kexec readapic writeapic mtrr_read mtrr_add mtrr_del
- scheduler physinfo heap quirk readconsole writeconsole settime
getcpuinfo
- microcode cpupool_op sched_op pm_op tmem_control };
+ physinfo heap quirk readconsole writeconsole settime getcpuinfo
+ microcode cpupool_op pm_op tmem_control getscheduler setscheduler };
allow dom0_t xen_t:mmu { memorymap };
allow dom0_t security_t:security { check_context compute_av compute_create
compute_member load_policy compute_relabel compute_user setenforce
diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/common/schedule.c
--- a/xen/common/schedule.c Fri Jan 11 10:46:43 2013 +0000
+++ b/xen/common/schedule.c Fri Jan 11 10:49:10 2013 +0000
@@ -1006,7 +1006,11 @@ int sched_id(void)
long sched_adjust(struct domain *d, struct xen_domctl_scheduler_op *op)
{
long ret;
-
+
+ ret = xsm_domctl_scheduler_op(XSM_HOOK, d, op->cmd);
+ if ( ret )
+ return ret;
+
if ( (op->sched_id != DOM2OP(d)->sched_id) ||
((op->cmd != XEN_DOMCTL_SCHEDOP_putinfo) &&
(op->cmd != XEN_DOMCTL_SCHEDOP_getinfo)) )
@@ -1025,6 +1029,10 @@ long sched_adjust_global(struct xen_sysc
struct cpupool *pool;
int rc;
+ rc = xsm_sysctl_scheduler_op(XSM_HOOK, op->cmd);
+ if ( rc )
+ return rc;
+
if ( (op->cmd != XEN_DOMCTL_SCHEDOP_putinfo) &&
(op->cmd != XEN_DOMCTL_SCHEDOP_getinfo) )
return -EINVAL;
diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/include/xsm/dummy.h
--- a/xen/include/xsm/dummy.h Fri Jan 11 10:46:43 2013 +0000
+++ b/xen/include/xsm/dummy.h Fri Jan 11 10:49:10 2013 +0000
@@ -95,6 +95,18 @@ static XSM_INLINE int xsm_getdomaininfo(
return xsm_default_action(action, current->domain, d);
}
+static XSM_INLINE int xsm_domctl_scheduler_op(XSM_DEFAULT_ARG struct domain
*d, int cmd)
+{
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
+}
+
+static XSM_INLINE int xsm_sysctl_scheduler_op(XSM_DEFAULT_ARG int cmd)
+{
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, NULL);
+}
+
static XSM_INLINE int xsm_set_target(XSM_DEFAULT_ARG struct domain *d, struct
domain *e)
{
XSM_ASSERT_ACTION(XSM_HOOK);
diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/include/xsm/xsm.h
--- a/xen/include/xsm/xsm.h Fri Jan 11 10:46:43 2013 +0000
+++ b/xen/include/xsm/xsm.h Fri Jan 11 10:49:10 2013 +0000
@@ -55,6 +55,8 @@ struct xsm_operations {
struct xen_domctl_getdomaininfo *info);
int (*domain_create) (struct domain *d, u32 ssidref);
int (*getdomaininfo) (struct domain *d);
+ int (*domctl_scheduler_op) (struct domain *d, int op);
+ int (*sysctl_scheduler_op) (int op);
int (*set_target) (struct domain *d, struct domain *e);
int (*domctl) (struct domain *d, int cmd);
int (*sysctl) (int cmd);
@@ -177,6 +179,16 @@ static inline int xsm_getdomaininfo (xsm
return xsm_ops->getdomaininfo(d);
}
+static inline int xsm_domctl_scheduler_op (xsm_default_t def, struct domain
*d, int cmd)
+{
+ return xsm_ops->domctl_scheduler_op(d, cmd);
+}
+
+static inline int xsm_sysctl_scheduler_op (xsm_default_t def, int cmd)
+{
+ return xsm_ops->sysctl_scheduler_op(cmd);
+}
+
static inline int xsm_set_target (xsm_default_t def, struct domain *d, struct
domain *e)
{
return xsm_ops->set_target(d, e);
diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/xsm/dummy.c
--- a/xen/xsm/dummy.c Fri Jan 11 10:46:43 2013 +0000
+++ b/xen/xsm/dummy.c Fri Jan 11 10:49:10 2013 +0000
@@ -32,6 +32,8 @@ void xsm_fixup_ops (struct xsm_operation
set_to_dummy_if_null(ops, security_domaininfo);
set_to_dummy_if_null(ops, domain_create);
set_to_dummy_if_null(ops, getdomaininfo);
+ set_to_dummy_if_null(ops, domctl_scheduler_op);
+ set_to_dummy_if_null(ops, sysctl_scheduler_op);
set_to_dummy_if_null(ops, set_target);
set_to_dummy_if_null(ops, domctl);
set_to_dummy_if_null(ops, sysctl);
diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/xsm/flask/hooks.c
--- a/xen/xsm/flask/hooks.c Fri Jan 11 10:46:43 2013 +0000
+++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:49:10 2013 +0000
@@ -517,6 +517,38 @@ static int flask_getdomaininfo(struct do
return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETDOMAININFO);
}
+static int flask_domctl_scheduler_op(struct domain *d, int op)
+{
+ switch ( op )
+ {
+ case XEN_DOMCTL_SCHEDOP_putinfo:
+ return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SETSCHEDULER);
+
+ case XEN_DOMCTL_SCHEDOP_getinfo:
+ return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETSCHEDULER);
+
+ default:
+ printk("flask_domctl_scheduler_op: Unknown op %d\n", op);
+ return -EPERM;
+ }
+}
+
+static int flask_sysctl_scheduler_op(int op)
+{
+ switch ( op )
+ {
+ case XEN_DOMCTL_SCHEDOP_putinfo:
+ return domain_has_xen(current->domain, XEN__SETSCHEDULER);
+
+ case XEN_DOMCTL_SCHEDOP_getinfo:
+ return domain_has_xen(current->domain, XEN__GETSCHEDULER);
+
+ default:
+ printk("flask_domctl_scheduler_op: Unknown op %d\n", op);
+ return -EPERM;
+ }
+}
+
static int flask_set_target(struct domain *d, struct domain *t)
{
int rc;
@@ -548,6 +580,7 @@ static int flask_domctl(struct domain *d
/* These have individual XSM hooks (common/domctl.c) */
case XEN_DOMCTL_createdomain:
case XEN_DOMCTL_getdomaininfo:
+ case XEN_DOMCTL_scheduler_op:
case XEN_DOMCTL_irq_permission:
case XEN_DOMCTL_iomem_permission:
case XEN_DOMCTL_set_target:
@@ -586,9 +619,6 @@ static int flask_domctl(struct domain *d
case XEN_DOMCTL_resumedomain:
return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__RESUME);
- case XEN_DOMCTL_scheduler_op:
- return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SCHEDULER);
-
case XEN_DOMCTL_max_vcpus:
return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__MAX_VCPUS);
@@ -704,6 +734,7 @@ static int flask_sysctl(int cmd)
case XEN_SYSCTL_readconsole:
case XEN_SYSCTL_getdomaininfolist:
case XEN_SYSCTL_page_offline_op:
+ case XEN_SYSCTL_scheduler_op:
#ifdef CONFIG_X86
case XEN_SYSCTL_cpu_hotplug:
#endif
@@ -713,7 +744,7 @@ static int flask_sysctl(int cmd)
return domain_has_xen(current->domain, XEN__TBUFCONTROL);
case XEN_SYSCTL_sched_id:
- return domain_has_xen(current->domain, XEN__SCHEDULER);
+ return domain_has_xen(current->domain, XEN__GETSCHEDULER);
case XEN_SYSCTL_perfc_op:
return domain_has_xen(current->domain, XEN__PERFCONTROL);
@@ -739,9 +770,6 @@ static int flask_sysctl(int cmd)
case XEN_SYSCTL_cpupool_op:
return domain_has_xen(current->domain, XEN__CPUPOOL_OP);
- case XEN_SYSCTL_scheduler_op:
- return domain_has_xen(current->domain, XEN__SCHED_OP);
-
case XEN_SYSCTL_physinfo:
case XEN_SYSCTL_topologyinfo:
case XEN_SYSCTL_numainfo:
@@ -1408,6 +1436,8 @@ static struct xsm_operations flask_ops =
.security_domaininfo = flask_security_domaininfo,
.domain_create = flask_domain_create,
.getdomaininfo = flask_getdomaininfo,
+ .domctl_scheduler_op = flask_domctl_scheduler_op,
+ .sysctl_scheduler_op = flask_sysctl_scheduler_op,
.set_target = flask_set_target,
.domctl = flask_domctl,
.sysctl = flask_sysctl,
diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/xsm/flask/policy/access_vectors
--- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:46:43 2013 +0000
+++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:49:10 2013 +0000
@@ -5,7 +5,6 @@
class xen
{
- scheduler
settime
tbufcontrol
readconsole
@@ -34,9 +33,10 @@ class xen
mca_op
lockprof
cpupool_op
- sched_op
tmem_op
tmem_control
+ getscheduler
+ setscheduler
}
class domain
@@ -51,7 +51,7 @@ class domain
destroy
setvcpuaffinity
getvcpuaffinity
- scheduler
+ getscheduler
getdomaininfo
getvcpuinfo
getvcpucontext
@@ -85,6 +85,7 @@ class domain2
set_cpuid
gettsc
settsc
+ setscheduler
}
class hvm
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |