[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v8 1/8] xen: xsm: flask: introduce XENMAPSPACE_gmfn_share for memory sharing



>>> On 09.10.18 at 01:37, <sstabellini@xxxxxxxxxx> wrote:
> --- a/xen/include/xsm/dummy.h
> +++ b/xen/include/xsm/dummy.h
> @@ -535,6 +535,20 @@ static XSM_INLINE int 
> xsm_map_gmfn_foreign(XSM_DEFAULT_ARG struct domain *d, str
>      return xsm_default_action(action, d, t);
>  }
>  
> +/*
> + * Be aware that this is not an exact default equivalence of its flask
> + * variant which also checks if @d and @t "are allowed to share memory
> + * pages", for now, we don't have a proper default equivalence of such a
> + * check.
> + */
> +static XSM_INLINE int xsm_map_gmfn_share(XSM_DEFAULT_ARG struct domain *d,
> +                                         struct domain *t)
> +{
> +    XSM_ASSERT_ACTION(XSM_TARGET);
> +    return xsm_default_action(XSM_TARGET, current->domain, d) ?:
> +           xsm_default_action(action, current->domain, t);
> +}

Does this (specifically xsm/dummy.c)) build with XSM enabled?
Afaict "action" is going to be an undefined symbol in that case.

> --- a/xen/xsm/flask/hooks.c
> +++ b/xen/xsm/flask/hooks.c
> @@ -1192,6 +1192,14 @@ static int flask_map_gmfn_foreign(struct domain *d, 
> struct domain *t)
>      return domain_has_perm(d, t, SECCLASS_MMU, MMU__MAP_READ | 
> MMU__MAP_WRITE);
>  }
>  
> +static int flask_map_gmfn_share(struct domain *d, struct domain *t)
> +{
> +    if ( current_has_perm(d, SECCLASS_MMU, MMU__MAP_READ | MMU__MAP_WRITE) )
> +        return rc;
> +    return current_has_perm(t, SECCLASS_MMU, MMU__MAP_READ | MMU__MAP_WRITE) 
> ?:
> +           domain_has_perm(d, t, SECCLASS_MMU, MMU__SHARE_MEM);
> +}
> +

Same here, for "rc". It looks to me as if the first two lines of the function
body were wrongly left in place anyway. But please could you at least
build-test with XSM enabled when you make changes to XSM code?

Jan



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.