[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] [RFC] xsm: add a default policy to .init.data

  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
  • Date: Mon, 23 May 2016 11:32:01 -0400
  • Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, cardoe@xxxxxxxxxx
  • Delivery-date: Mon, 23 May 2016 15:32:14 +0000
  • Ironport-phdr: 9a23:rd6SBRSO2pXWkw+O4QP7Hx4xAtpsv+yvbD5Q0YIujvd0So/mwa65ZBSN2/xhgRfzUJnB7Loc0qyN4/GmAj1LscjJmUtBWaIPfidNsd8RkQ0kDZzNImzAB9muURYHGt9fXkRu5XCxPBsdMs//Y1rPvi/6tmZKSV3BPAZ4bt74BpTVx5zukbviqtuIMk4Y2nKUWvBbElaflU3prM4YgI9veO4a6yDihT92QdlQ3n5iPlmJnhzxtY+a9Z9n9DlM6bp6r5YTGY2zRakzTKRZATI6KCh1oZSz7ViQcBGLrkc4fi1W10AQQluN0Bavd5H9qCbl/sF63zGXJ4WiRLY4Qzm9qaxsTwflknwvPD8l6mDHzMd3ifQIjgimoklTyojVbYXdGPc2UbnUdN1SEWZOUsteTSVpHpK3b4xJCfEIe+lfsd+u9BM1sRKiCFz0V6vUwThSiyqzhPdi3g==
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 05/23/2016 11:25 AM, Andrew Cooper wrote:
On 23/05/16 15:51, Daniel De Graaf wrote:
diff --git a/xen/xsm/xsm_core.c b/xen/xsm/xsm_core.c
index 634ec98..af1d86f 100644
--- a/xen/xsm/xsm_core.c
+++ b/xen/xsm/xsm_core.c
@@ -47,6 +47,17 @@ static void __init do_xsm_initcalls(void)

+extern char __xsm_init_policy_start[], __xsm_init_policy_end[];
+static void __init xsm_policy_init(void)
+    if ( policy_size == 0 )
+    {
+        policy_buffer = __xsm_init_policy_start;
+        policy_size = __xsm_init_policy_end - __xsm_init_policy_start;
+    }

Logic like this is slightly problematic if there is no policy.

With these changes, we presumably always expect to have an embedded policy.

People who already have the policy specified in the bootloader may want
to omit the built-in policy.  I'm not sure that this should be excluded
completely, although this patch doesn't support it (it would require the
Kconfig option I mentioned).

It would be cleaner to have a linker ASSERT(__xsm_init_policy_start !=
__xsm_init_policy_end) to guarentee that something is present, at which
point policy_buffer can unilaterally point at __xsm_init_policy_start,
and size can be initialised to __xsm_init_policy_end -

No, because this would break the ability to specify a policy module in
GRUB.  If there is no built-in policy present, this code will work
correctly: policy_size will remain set to zero, and that is the
condition checked (in flask_init) when the policy itself is used.

Daniel De Graaf
National Security Agency

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.