[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v4 25/33] xen/xsm: Add helpers to check permission for device tree passthrough



Hi Daniel,

On 31/03/15 18:12, Daniel De Graaf wrote:
> On 03/19/2015 03:29 PM, Julien Grall wrote:
>> This is a follow-up of commit 525ee49 "xsm: add device tree labeling
>> support" which add support for device tree labelling in flask.
>>
>> Those helpers will be use latter when non-pci passthrough (i.e device
>> tree) will be added.
>>
>> Signed-off-by: Julien Grall <julien.grall@xxxxxxxxxx>
> 
> Looks good to me with one assumption below.
> 
> Acked-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
> 
> [...]
>> diff --git a/xen/xsm/flask/avc.c b/xen/xsm/flask/avc.c
>> index b1a4f8a..31bc702 100644
>> --- a/xen/xsm/flask/avc.c
>> +++ b/xen/xsm/flask/avc.c
>> @@ -600,6 +600,9 @@ void avc_audit(u32 ssid, u32 tsid, u16 tclass, u32
>> requested,
>>       case AVC_AUDIT_DATA_MEMORY:
>>           avc_printk(&buf, "pte=%#lx mfn=%#lx ", a->memory.pte,
>> a->memory.mfn);
>>           break;
>> +    case AVC_AUDIT_DATA_DTDEV:
>> +        avc_printk(&buf, "dtdevice=%s ", a->dtdev);
>> +        break;
>>       }
>>
>>       avc_dump_query(&buf, ssid, tsid, tclass);
> 
> This output could be end up being ambiguous if a device tree path can
> contain
> spaces.  Am I correct in assuming that they are invalid in device tree
> paths?

Correct.

Thanks,

-- 
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.