[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 00/10] xsm: refactoring xsm hooks


  • To: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Tue, 13 Jul 2021 00:12:41 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IdtvBYwMbV/PM/7BNt6mcTNmrFO7CR4EdLVk/zw+8vw=; b=NZZDjiyVpWUEtLLu2G9b/3JbObykGPngf/3BMwn6Z+jYvLb1n3LGGWhX+UolIg8C5NWM8GG9mOnJ/0sX4M6FeCnzu0RjJevtHQsJe5xyR4YgDdwEkd/QL5OPP/j7qcEGVXPi0pMN2QbxG9NKE9RKlpTU88qZWQyjfbqRX15e3bMwof7rGHbzQqXM0tTFS9Qz90+5QLXKSOipkhPwIHIMNRLrQ2qMwDBbYQ1zFXjX44kg2kVXWfMJSUIP6jNukBdh2TQYh0zPw64ONv+j7OD1S76IGrtWkQbzdNLEw6DgusrL3r/JbaNpD/NnnJGCPY9dbSKlUcPF+DE11gmIs7MP/A==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MctR3fia/gt+fZmrcyCen6be4bmQckTd/MTxRqI/UnMhLinB2OxeF/JQMbgJciuzmntTNOPrgFVPFTVG6VUGEQobRnEo/l+NIh672htx1sv3SaVuwsNtz/Yx26vCYQhQNZgJbPFOgZWcopZHA796UmiyDA1CvkY3uwPO+9ylOvKv7gnFmdeCmGvJf+TaAqXFJ/zEmBUa6q7wmj1CrXoC/NTMt9jylVbSb1MmzIHCb6/eek+W5YCrXIWxtmJWsfILtDkMXEEqO4qrw8bD2oHF5xC9BDtovai+cKjaR2rPyRlcPFm+QJf9NrgwnoxURVJ5EmKwvu/v4jdGYikbM5xcGQ==
  • Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Delivery-date: Mon, 12 Jul 2021 23:12:58 +0000
  • Ironport-hdrordr: A9a23:UyVlT6MhUkVhGsBcTzH155DYdb4zR+YMi2TDiHoedfUFSKOlfp 6V8MjztSWVtN9jYgBepTnmAtj9fZq8z+8J3WB1B9aftWbdyROVxe1ZnOzfKnjbalfDH41mpN ddmspFeaTN5DFB5K6QimTIcKdDsau6GeKT9IPjJh9WPHBXgspbnmFE42igYyhLrUV9dOEE/M 323Ls4m9PsQwVbUu2LQl0+G8TTrdzCk5zrJTYAGh4c8QGLyRel8qTzHRS01goXF2on+8ZszU H11yjCoomzufCyzRHRk0fV8pRtgdPkjv9OHtaFhMQ5IijlziyoeINicbufuy1dmpDi1H8a1P 335zswNcV67H3cOkuvpwH25gXm2DEyr1f/1F6xmxLY0IzEbQN/L/AEqZNScxPf5UZllsp7yr h302WQsIcSJQ/cnR76+8PDW3hR5wuJSEIZ4KwuZkFkIM4jgOc7l/1awKoVKuZPIMvC0vFlLA E0Z/uso8q/GDihHgPkVmoG+q3lYp18JGbBfqE4gL3g79FhpgEx86Ip/r1rop4+zuNLd3Bl3Z WODk06rsAFcicpBZgNctvpB/HHU1DwfQ==
  • Ironport-sdr: zGh6s00ADok86WXpGRQbEwyAEPC4EzDLh/QnGyYd2Aj4lUVVtm8ibvXgodJO9U8hcuaqDREQih m5F0HWXQaXktSQZyaag5s3YP2DmMewIrqNfh6m2RedbIhNY65+NQgxstLseyvNEwu9O63SNWLT QsRDsT4DSKI3gBcGQAi2JNM/6lO+SnmlbCvpAxN4vohnKw2/SmYI/GUR/tHA+m3JjE5F8oe//f jascjsKQakn78cyKRRg2wevpPrs1NuJjISsSaqrQtSqvL5jJAsZV28kdX0a6Sqbz6Ut0rSiq4N kos=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 12/07/2021 21:32, Daniel P. Smith wrote:
> Based on feedback from 2021 Xen Developers Summit the xsm-roles RFC
> patch set is being split into two separate patch sets. This is the first
> patch set and is focused purely on the clean up and refactoring of the
> XSM hooks.
>
> This patch set refactors the xsm_ops wrapper hooks to use the alternative_call
> infrastructure. Then proceeds to move and realign the headers to remove the
> psuedo is/is not enable implementation. The remainder of the changes are 
> clean up
> and removing no longer necessary abstractions.
>
> v2:
>  - restructured the patches, breaking them up as needed
>  - incorporate Andrew Cooper's alternative call common code
>  - change XSM module registration, removing register_xsm
>  - incoporate KConfig recommendations
>  - reworded commit messages
>  - incorporate macro expansion recommendations
>  - misc clean-up fallout from recommendations

CI is heavily broken atm, but there is one issue I've spotted which is
introduced by this series.

https://gitlab.com/xen-project/patchew/xen/-/jobs/1418359368

In file included from xsm_policy.c:21:
/builds/xen-project/patchew/xen/xen/include/xsm/xsm.h: In function
'xsm_security_domaininfo':
/builds/xen-project/patchew/xen/xen/include/xsm/xsm.h:30:5: error:
implicit declaration of function 'alternative_vcall'
[-Werror=implicit-function-declaration]
   30 |     alternative_vcall(xsm_ops.security_domaininfo, d, info);
      |     ^~~~~~~~~~~~~~~~~


You need to drop the XSM guard around including xen/alternative-call.h
in patch 4, especially seeing as as you don't delete it in patch 6 where
CONFIG_XSM formally disappears.  The x86 build only works by chance,
with asm/alternative.h being included implicitly.

~Andrew




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.