|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v6 02/24] xen/xsplice: Hypervisor implementation of XEN_XSPLICE_op
On 07/04/16 04:49, Konrad Rzeszutek Wilk wrote:
> +static int xsplice_upload(xen_sysctl_xsplice_upload_t *upload)
> +{
> + struct payload *data = NULL, *found;
> + char n[XEN_XSPLICE_NAME_SIZE];
> + int rc;
> +
> + rc = verify_payload(upload, n);
> + if ( rc )
> + return rc;
> +
> + spin_lock(&payload_lock);
> +
> + found = find_payload(n);
> + if ( found && !IS_ERR(found) /* Found. */ )
> + {
> + rc = -EEXIST;
> + goto out;
> + }
> +
> + if ( IS_ERR(found) )
> + {
> + rc = PTR_ERR(found);
> + goto out;
> + }
This logic chain can be simplified to
if ( IS_ERR(found) )
{
rc = PTR_ERR(found);
goto out;
}
else if ( found )
{
rc = -EEXISTS;
goto out;
}
> +static void xsplice_printall(unsigned char key)
> +{
> + struct payload *data;
printk("'%u' pressed - Dumping all xsplice patches\n", key);
to match other keyhandlers, and give some context to a bunch of lines
starting " name=...".
> +
> + if ( !spin_trylock(&payload_lock) )
> + {
> + printk("Lock held. Try again.\n");
> + return;
> + }
> +
> + list_for_each_entry ( data, &payload_list, list )
> + printk(" name=%s state=%s(%d)\n", data->name,
> + state2str(data->state), data->state);
> +
> + spin_unlock(&payload_lock);
> +}
> +
<snip>
> diff --git a/xen/include/xen/xsplice.h b/xen/include/xen/xsplice.h
> new file mode 100644
> index 0000000..5c84851
> --- /dev/null
> +++ b/xen/include/xen/xsplice.h
> @@ -0,0 +1,35 @@
> +/*
> + * Copyright (c) 2016 Oracle and/or its affiliates. All rights reserved.
> + *
> + */
> +
> +#ifndef __XEN_XSPLICE_H__
> +#define __XEN_XSPLICE_H__
> +
> +struct xen_sysctl_xsplice_op;
> +
> +#ifdef CONFIG_XSPLICE
> +
> +int xsplice_op(struct xen_sysctl_xsplice_op *);
> +
> +#else
> +
> +#include <xen/errno.h> /* For -EOPNOTSUPP */
> +static inline int xsplice_op(struct xen_sysctl_xsplice_op *op)
> +{
> + return -EOPNOTSUPP;
-ENOSYS, as this disables all xsplice functionality, and matches the
existing behaviour for missing SYSCTL_ ops.
> +}
> +
> +#endif /* CONFIG_XSPLICE */
> +
> +#endif /* __XEN_XSPLICE_H__ */
> +
> +/*
> + * Local variables:
> + * mode: C
> + * c-file-style: "BSD"
> + * c-basic-offset: 4
> + * tab-width: 4
> + * indent-tabs-mode: nil
> + * End:
> + */
> diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
> index 1eaec58..3ef0441 100644
> --- a/xen/xsm/flask/hooks.c
> +++ b/xen/xsm/flask/hooks.c
> @@ -808,6 +808,12 @@ static int flask_sysctl(int cmd)
> case XEN_SYSCTL_tmem_op:
> return domain_has_xen(current->domain, XEN__TMEM_CONTROL);
>
> +#ifdef CONFIG_XSPLICE
> + case XEN_SYSCTL_xsplice_op:
> + return avc_current_has_perm(SECINITSID_XEN, SECCLASS_XEN2,
> + XEN2__XSPLICE_OP, NULL);
> +#endif
The case statement should not be conditional. Otherwise, a toolstack
issuing an xsplice_op against a hypervisor with xsplice compiled out
will hit the "Unknown op" below.
Given that XEN2__XSPLICE_OP unconditionally exists, I would just drop
the #ifdef's completely, and accept that if this permissions check ends
up passing, the actual xsplice_op handler will fail.
No major problems, so with these fixed, Reviewed-by: Andrew Cooper
<andrew.cooper3@xxxxxxxxxx>
> +
> default:
> printk("flask_sysctl: Unknown op %d\n", cmd);
> return -EPERM;
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |