Re: [Xen-devel] Missing XSM permission for livepatch sysctl

[Wei Liu <wei.liu2@xxxxxxxxxx>]

On Mon, Feb 06, 2017 at 09:50:32AM -0500, Konrad Rzeszutek Wilk wrote:
> On Mon, Feb 06, 2017 at 12:53:56PM +0000, Wei Liu wrote:
> > On Mon, Feb 06, 2017 at 12:51:45PM +0000, Wei Liu wrote:
> > > When running XTF with a XSM-enabled Xen (generated by one of my osstest
> > > flight for testing something else).
> > > 
> > > Executing 'xl create -F
> > > tests/livepatch-priv-check/test-hvm32-livepatch-priv-check.cfg'
> > > --- Xen Test Framework ---
> > > Environment: HVM 32bit (No paging)
> > > Live Patch Privilege Check
> > > Fail: test_upload: Unexpected return code -13
> > > Fail: test_list: Unexpected return code -13
> > > Fail: test_get: Unexpected return code -13
> > > Fail: test_action: Unexpected return code -13
> > > Fail: test_action: Unexpected return code -13
> > > Fail: test_action: Unexpected return code -13
> > > Fail: test_action: Unexpected return code -13
> > > Test result: FAILURE
> > > 
> > > -13 is EACCESS.
> > > 
> > > Should be easy to fix.
> > 
> > But but but there is already livepatch_op in dom0.te, so I'm baffled.
> 
>  43     if ( op->interface_version != XEN_SYSCTL_INTERFACE_VERSION )          
>       
>  44         return -EACCES;                 
> 
> in do_sysctl
> 

They are supposed to be the same version. I didn't modify Xen source
code at all and the test box was freshly installed. The non-XSM build
passed.

Wei.


> 
> > 
> > Wei.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel