|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [XTF PATCH v3] Add a Live Patch privilege check test
On 21/11/16 09:24, Ross Lagerwall wrote:
> Add a test to check that Live Patch operations cannot be called from an
> unprivileged domain.
>
> Signed-off-by: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>
Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> and applied.
I made two very small adjustments.
> diff --git a/common/lib.c b/common/lib.c
> index 9dca3e3..0a2b311 100644
> --- a/common/lib.c
> +++ b/common/lib.c
> @@ -19,6 +19,21 @@ void __noreturn panic(const char *fmt, ...)
> arch_crash_hard();
> }
>
> +int xtf_probe_sysctl_interface_version(void)
> +{
> + int i;
> + xen_sysctl_t op = {0};
This breaks the build on Clang. Using { .cmd = 0 } instead is fine.
> +
> + for ( i = 0; i < 128; i++ )
> + {
> + op.interface_version = i;
> + if ( hypercall_sysctl(&op) != -EACCES )
> + return i;
> + }
> +
> + return -1;
> +}
> +
> /*
> * Local variables:
> * mode: C
> diff --git a/tests/livepatch-priv-check/Makefile
> b/tests/livepatch-priv-check/Makefile
> new file mode 100644
> index 0000000..e27b9da
> --- /dev/null
> +++ b/tests/livepatch-priv-check/Makefile
> @@ -0,0 +1,9 @@
> +include $(ROOT)/build/common.mk
> +
> +NAME := livepatch-priv-check
> +CATEGORY := functional
> +TEST-ENVS := $(ALL_ENVIRONMENTS)
I have dropped this down to pv32pae pv64 hvm32 hvm64
The hvm32pse and hvm32pae environments are an identical ABI to hvm32, so
there is no point testing them all. The multiple paging options for
32bit HVM guests is only useful for testing pagetable related code.
~Andrew
> +
> +obj-perenv += main.o
> +
> +include $(ROOT)/build/gen.mk
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |