[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v8 1/8] public / x86: Introduce __HYPERCALL_dm_op...

> -----Original Message-----
> From: Boris Ostrovsky [mailto:boris.ostrovsky@xxxxxxxxxx]
> Sent: 26 January 2017 13:26
> To: Paul Durrant <Paul.Durrant@xxxxxxxxxx>; xen-devel@xxxxxxxxxxxxxxxxxxxx
> Cc: Ian Jackson <Ian.Jackson@xxxxxxxxxx>; Jennifer Herbert
> <jennifer.herbert@xxxxxxxxxx>; Jan Beulich <jbeulich@xxxxxxxx>
> Subject: Re: [Xen-devel] [PATCH v8 1/8] public / x86: Introduce
> __HYPERCALL_dm_op...
> 
> On 01/24/2017 10:27 AM, Paul Durrant wrote:
> > ...as a set of hypercalls to be used by a device model.
> >
> > As stated in the new docs/designs/dm_op.markdown:
> >
> > "The aim of DMOP is to prevent a compromised device model from
> > compromising domains other then the one it is associated with. (And is
> > therefore likely already compromised)."
> >
> > See that file for further information.
> >
> > This patch simply adds the boilerplate for the hypercall.
> >
> > Signed-off-by: Paul Durrant <paul.durrant@xxxxxxxxxx>
> > Suggested-by: Ian Jackson <ian.jackson@xxxxxxxxxx>
> > Suggested-by: Jennifer Herbert <jennifer.herbert@xxxxxxxxxx>
> > Acked-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
> > Acked-by: Wei Liu <wei.liu2@xxxxxxxxxx>
> > Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> 
> This patch (and possibly others in the series) break FLASK-enabled build.

Boris,

  See the thread starting at 
https://lists.xenproject.org/archives/html/xen-devel/2017-01/msg02721.html

  I believe Wei still awaiting an ack.

    Paul

> 
> First, this
> 
> > diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
> > index 95460af..b206f5a 100644
> > --- a/xen/include/xsm/dummy.h
> > +++ b/xen/include/xsm/dummy.h
> > @@ -727,6 +727,12 @@ static XSM_INLINE int xsm_pmu_op
> (XSM_DEFAULT_ARG struct domain *d, unsigned int
> >      }
> >  }
> >
> > +static XSM_INLINE int xsm_dm_op(XSM_DEFAULT_ARG struct domain
> *d)
> > +{
> > +    XSM_ASSERT_ACTION(XSM_DM_PRIV);
> > +    return xsm_default_action(action, current->domain, d);
> > +}
> > +
> >
> 
> generates
> 
> /home/build/xtt-x86_64/bootstrap/xen.git/xen/include/xsm/dummy.h:700:
> error: ‘xsm_dm_op’ defined but not used
> 
> and I think needs
> 
> diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
> index 1f659c7..3cb5492 100644
> --- a/xen/xsm/dummy.c
> +++ b/xen/xsm/dummy.c
> @@ -156,6 +156,7 @@ void __init xsm_fixup_ops (struct xsm_operations
> *ops)
>      set_to_dummy_if_null(ops, ioport_permission);
>      set_to_dummy_if_null(ops, ioport_mapping);
>      set_to_dummy_if_null(ops, pmu_op);
> +    set_to_dummy_if_null(ops, dm_op);
>  #endif
>      set_to_dummy_if_null(ops, xen_version);
>  }
> 
> 
> And then
> 
> make[4]: Entering directory
> `/home/build/xtt-x86_64/bootstrap/xen.git/xen/xsm/flask'
> gcc -m64 -DBUILD_ID -fno-strict-aliasing -std=gnu99 -Wall
> -Wstrict-prototypes -Wdeclaration-after-statement
> -Wno-unused-but-set-variable   -O1 -nostdinc -fno-builtin -fno-common
> -Werror -Wredundant-decls -Wno-pointer-arith -pipe -g -D__XEN__ -include
> /home/build/xtt-x86_64/bootstrap/xen.git/xen/include/xen/config.h
> '-D__OBJECT_FILE__="hooks.o"' -Wa,--strip-local-absolute
> -fno-omit-frame-pointer -MMD -MF ./.hooks.o.d
> -I/home/build/xtt-x86_64/bootstrap/xen.git/xen/include
> -I/home/build/xtt-x86_64/bootstrap/xen.git/xen/include/asm-x86/mach-
> generic
> -I/home/build/xtt-x86_64/bootstrap/xen.git/xen/include/asm-x86/mach-
> default
> '-D__OBJECT_LABEL__=xsm$flask$hooks.o' -msoft-float -fno-stack-protector
> -fno-exceptions -Wnested-externs -DHAVE_GAS_VMX -
> DHAVE_GAS_SSE4_2
> -DHAVE_GAS_EPT -mno-red-zone -mno-sse -fpic
> -fno-asynchronous-unwind-tables -DGCC_HAS_VISIBILITY_ATTRIBUTE
> -I./include -c hooks.c -o hooks.o
> hooks.c: In function ‘flask_dm_op’:
> hooks.c:1613: error: ‘HVM__DM’ undeclared (first use in this function)
> hooks.c:1613: error: (Each undeclared identifier is reported only once
> hooks.c:1613: error: for each function it appears in.)
> hooks.c: At top level:
> hooks.c:1779: error: unknown field ‘hvm_set_pci_intx_level’ specified in
> initializer
> hooks.c:1779: error: ‘flask_hvm_set_pci_intx_level’ undeclared here (not
> in a function)
> hooks.c:1780: error: unknown field ‘hvm_set_isa_irq_level’ specified in
> initializer
> hooks.c:1780: error: ‘flask_hvm_set_isa_irq_level’ undeclared here (not
> in a function)
> hooks.c:1781: error: unknown field ‘hvm_set_pci_link_route’ specified in
> initializer
> hooks.c:1781: error: ‘flask_hvm_set_pci_link_route’ undeclared here (not
> in a function)
> make[4]: *** [hooks.o] Error 1
> 
> 
> -boris
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.