|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH v7 00/22] Merge IS_PRIV checks into XSM hooks
Changes from v6:
* Remove patches the have been applied; rebase on xen-unstable
* Reorder patches to fix header autogeneration first
* Add documentation of the current XSM permissions
Changes from v5:
* Add a few comments/docs
* Remove CPP hackery so ctags can find dummy XSM hook implementations
* Clean up XSM hooks that are redundant after the introduction of the
generic domctl, sysctl, and platform_hypercall sub-operation hooks.
* Add a parameter of type enum xsm_default to XSM hook invocations to
document the default action of an XSM hook at the call site.
Changes from v4:
* Removed patches that have been applied
* Rename __do_xsm_op to do_xsm_op
* Rebased on current xen-unstable
* Policy headers moved under hypervisor
Changes from v3:
* Moved x86-specific sysctls inside #ifdef CONFIG_X86
* Removed pt_domain parameter from mmu_update hook when unused
* Renamed xsm___do_xsm_op to xsm_do_xsm_op
* Added struct domain* argument to arch_do_domctl
* Cleaned up mem_event code duplication
Changes from v2:
* Added overall hooks for domctl, sysctl, and platform_hypercall so
that new sub-operations are protected by IS_PRIV checks
* Reorganized the IS_PRIV additions to dummy.h so they are added in the
same patch that removes the IS_PRIV they are replacing
* Reworked hooks in the MM hotpath to increase efficiency
* Dropped some unneeded XSM hook additions due to do_domctl hook
* Dropped the rcu_lock*target_domain_by_id function removal patch
* Restore IS_PRIV check in PHYSDEVOP_alloc_irq_vector
* Use the existing hook function structure for tmem
Patch summary:
Refactor XSM/FLASK compilation:
[PATCH 01/22] xsm: Use the dummy XSM module if XSM is disabled
[PATCH 02/22] flask: move policy headers into hypervisor
Preparatory new XSM hooks:
[PATCH 03/22] arch/x86: add distinct XSM hooks for map/unmap
* the distinction here is required for pushing IS_PRIV into XSM
IS_PRIV removal:
[PATCH 04/22] xen: use XSM instead of IS_PRIV where duplicated
[PATCH 05/22] xen: avoid calling rcu_lock_*target_domain when an XSM
[PATCH 06/22] xen: convert do_domctl to use XSM
[PATCH 07/22] xen: convert do_sysctl to use XSM
[PATCH 08/22] arch/x86: convert platform_hypercall to use XSM
Updates to FLASK allowing full emulation of IS_PRIV:
[PATCH 09/22] xsm/flask: Add checks on the domain performing the
[PATCH 10/22] xsm/flask: add missing hooks
[PATCH 11/22] xsm/flask: add distinct SIDs for self/target access
New or updated XSM hooks:
[PATCH 12/22] arch/x86: Add missing mem_sharing XSM hooks
[PATCH 13/22] arch/x86: use XSM hooks for get_pg_owner access checks
[PATCH 14/22] xen: add XSM hook for XENMEM_exchange
[PATCH 19/22] tmem: add XSM hooks
[PATCH 20/22] xen/xsm: distinguish scheduler get/set operations
Deletion of now-redundant XSM hooks:
[PATCH 15/22] xen: domctl XSM hook removal
[PATCH 16/22] xen: sysctl XSM hook removal
[PATCH 17/22] xen: platform_hypercall XSM hook removal
Documentation/readability improvements:
[PATCH 18/22] xen/xsm: Add xsm_default parameter to XSM hooks
[PATCH 21/22] xsm/flask: document the access vectors
[PATCH 22/22] xsm/flask: remove unused permissions
---
.gitignore | 5 +
.hgignore | 5 +
docs/misc/xsm-flask.txt | 43 +-
tools/flask/policy/Makefile | 2 +-
tools/flask/policy/policy/flask/Makefile | 41 -
tools/flask/policy/policy/flask/access_vectors | 178 ----
tools/flask/policy/policy/modules/xen/xen.if | 72 +-
tools/flask/policy/policy/modules/xen/xen.te | 25 +-
xen/arch/x86/acpi/power.c | 2 +-
xen/arch/x86/cpu/mcheck/mce.c | 5 +-
xen/arch/x86/domctl.c | 94 +-
xen/arch/x86/hvm/hvm.c | 64 +-
xen/arch/x86/irq.c | 5 +-
xen/arch/x86/mm.c | 92 +-
xen/arch/x86/mm/mem_event.c | 41 +-
xen/arch/x86/mm/mem_sharing.c | 25 +-
xen/arch/x86/mm/paging.c | 2 +-
xen/arch/x86/msi.c | 2 +-
xen/arch/x86/physdev.c | 66 +-
xen/arch/x86/platform_hypercall.c | 71 +-
xen/arch/x86/sysctl.c | 17 +-
xen/arch/x86/traps.c | 2 +-
xen/common/domain.c | 17 +-
xen/common/domctl.c | 101 +-
xen/common/event_channel.c | 30 +-
xen/common/grant_table.c | 71 +-
xen/common/kexec.c | 5 +-
xen/common/memory.c | 33 +-
xen/common/schedule.c | 18 +-
xen/common/sysctl.c | 57 +-
xen/common/tmem.c | 3 +
xen/common/xenoprof.c | 2 +-
xen/drivers/char/console.c | 8 +-
xen/drivers/passthrough/iommu.c | 10 +-
xen/drivers/passthrough/pci.c | 4 +-
xen/include/asm-x86/mem_event.h | 1 -
xen/include/xen/sched.h | 6 +
xen/include/xen/tmem_xen.h | 8 +-
xen/include/xsm/dummy.h | 583 +++++++++++
xen/include/xsm/xsm.h | 633 ++++--------
xen/xsm/dummy.c | 673 +-----------
xen/xsm/flask/Makefile | 25 +
xen/xsm/flask/flask_op.c | 9 +
xen/xsm/flask/hooks.c | 1080 +++++++++-----------
xen/xsm/flask/include/av_perm_to_string.h | 135 ---
xen/xsm/flask/include/av_permissions.h | 145 ---
xen/xsm/flask/include/class_to_string.h | 15 -
xen/xsm/flask/include/flask.h | 35 -
xen/xsm/flask/include/initial_sid_to_string.h | 16 -
xen/xsm/flask/include/objsec.h | 2 +
xen/xsm/flask/policy/access_vectors | 436 ++++++++
.../flask => xen/xsm/flask/policy}/initial_sids | 0
.../xsm/flask/policy}/mkaccess_vector.sh | 4 +-
.../flask => xen/xsm/flask/policy}/mkflask.sh | 6 +-
.../xsm/flask/policy}/security_classes | 0
xen/xsm/xsm_core.c | 2 +-
56 files changed, 2212 insertions(+), 2820 deletions(-)
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |