[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH v6] Merge IS_PRIV checks into XSM hooks

  • To: xen-devel@xxxxxxxxxxxxx
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
  • Date: Fri, 30 Nov 2012 10:36:47 -0500
  • Delivery-date: Fri, 30 Nov 2012 15:37:50 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>
Changes from v5:
 * Add a few comments/docs
 * Remove CPP hackery so ctags can find dummy XSM hook implementations
 * Clean up XSM hooks that are redundant after the introduction of the
   generic domctl, sysctl, and platform_hypercall sub-operation hooks.
 * Add a parameter of type enum xsm_default to XSM hook invocations to
   document the default action of an XSM hook at the call site.

Changes from v4:
 * Removed patches that have been applied
 * Rename __do_xsm_op to do_xsm_op
 * Rebased on current xen-unstable
 * Policy headers moved under hypervisor

Changes from v3:
 * Moved x86-specific sysctls inside #ifdef CONFIG_X86
 * Removed pt_domain parameter from mmu_update hook when unused
 * Renamed xsm___do_xsm_op to xsm_do_xsm_op
 * Added struct domain* argument to arch_do_domctl
 * Cleaned up mem_event code duplication

Changes from v2:
 * Added overall hooks for domctl, sysctl, and platform_hypercall so
   that new sub-operations are protected by IS_PRIV checks
 * Reorganized the IS_PRIV additions to dummy.h so they are added in the
   same patch that removes the IS_PRIV they are replacing
 * Reworked hooks in the MM hotpath to increase efficiency
 * Dropped some unneeded XSM hook additions due to do_domctl hook
 * Dropped the rcu_lock*target_domain_by_id function removal patch
 * Restore IS_PRIV check in PHYSDEVOP_alloc_irq_vector
 * Use the existing hook function structure for tmem


Toolstack updates:
    [PATCH 01/23] libxl: introduce XSM relabel on build

Miscellaneous updates to FLASK:
    [PATCH 02/23] flask/policy: Add domain relabel example
    [PATCH 04/23] xsm/flask: Add checks on the domain performing the
    [PATCH 13/23] xsm/flask: add distinct SIDs for self/target access
    [PATCH 19/23] flask: move policy headers into hypervisor
    [PATCH 23/23] xen/xsm: Add xsm_default parameter to XSM hooks

IS_PRIV removal:
    [PATCH 05/23] xsm: Use the dummy XSM module if XSM is disabled
    [PATCH 06/23] xen: use XSM instead of IS_PRIV where duplicated
    [PATCH 07/23] xen: avoid calling rcu_lock_*target_domain when an XSM
    [PATCH 08/23] arch/x86: convert platform_hypercall to use XSM
    [PATCH 10/23] xen: convert do_domctl to use XSM
    [PATCH 11/23] xen: convert do_sysctl to use XSM

Refactoring not directly related to IS_PRIV:
    [PATCH 09/23] xen: lock target domain in do_domctl common code
    [PATCH 18/23] xen/arch/*: add struct domain parameter to arch_do_domctl

New or updated XSM hooks:
    [PATCH 03/23] arch/x86: add distinct XSM hooks for map/unmap
    [PATCH 12/23] xsm/flask: add missing hooks
    [PATCH 14/23] arch/x86: Add missing mem_sharing XSM hooks
    [PATCH 15/23] arch/x86: use XSM hooks for get_pg_owner access checks
    [PATCH 16/23] xen: Add XSM hook for XENMEM_exchange
    [PATCH 17/23] tmem: add XSM hooks

Deletion of now-redundant XSM hooks:
    [PATCH 20/23] xen: domctl XSM hook removal
    [PATCH 21/23] xen: sysctl XSM hook removal
    [PATCH 22/23] xen: platform_hypercall XSM hook removal

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.