|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH v3 2/5] xen: make evtchn_alloc_unbound public
On 1/28/22 16:33, Stefano Stabellini wrote:
> From: Luca Miccio <lucmiccio@xxxxxxxxx>
>
> The xenstore event channel will be allocated for dom0less domains. It is
> necessary to have access to the evtchn_alloc_unbound function to do
> that, so make evtchn_alloc_unbound public.
>
> Add a skip_xsm parameter to allow disabling the XSM check in
> evtchn_alloc_unbound (xsm_evtchn_unbound wouldn't work for a call
> originated from Xen before running any domains.)
>
> Signed-off-by: Luca Miccio <lucmiccio@xxxxxxxxx>
> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>
> CC: Julien Grall <julien@xxxxxxx>
> CC: Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
> CC: Bertrand Marquis <bertrand.marquis@xxxxxxx>
> CC: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> CC: George Dunlap <george.dunlap@xxxxxxxxxx>
> CC: Jan Beulich <jbeulich@xxxxxxxx>
> CC: Wei Liu <wl@xxxxxxx>
> ---
> Changes v3:
> - expose evtchn_alloc_unbound, assing a skip_xsm parameter
> ---
> xen/common/event_channel.c | 13 ++++++++-----
> xen/include/xen/event.h | 3 +++
> 2 files changed, 11 insertions(+), 5 deletions(-)
>
> diff --git a/xen/common/event_channel.c b/xen/common/event_channel.c
> index da88ad141a..be57d00a15 100644
> --- a/xen/common/event_channel.c
> +++ b/xen/common/event_channel.c
> @@ -284,7 +284,7 @@ void evtchn_free(struct domain *d, struct evtchn *chn)
> xsm_evtchn_close_post(chn);
> }
>
> -static int evtchn_alloc_unbound(evtchn_alloc_unbound_t *alloc)
> +int evtchn_alloc_unbound(evtchn_alloc_unbound_t *alloc, bool skip_xsm)
> {
> struct evtchn *chn;
> struct domain *d;
> @@ -301,9 +301,12 @@ static int evtchn_alloc_unbound(evtchn_alloc_unbound_t
> *alloc)
> ERROR_EXIT_DOM(port, d);
> chn = evtchn_from_port(d, port);
>
> - rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, alloc->remote_dom);
> - if ( rc )
> - goto out;
> + if ( !skip_xsm )
> + {
> + rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, alloc->remote_dom);
> + if ( rc )
> + goto out;
> + }
Please do not subvert the security framework because it causes an
inconvenience. As Jan recommended, work within the XSM check to allow
your access so that we may ensure it is done safely. If you need any
help making modifications to XSM, please do not hesitate to reach out as
I will gladly help.
> evtchn_write_lock(chn);
>
> @@ -1195,7 +1198,7 @@ long do_event_channel_op(int cmd,
> XEN_GUEST_HANDLE_PARAM(void) arg)
> struct evtchn_alloc_unbound alloc_unbound;
> if ( copy_from_guest(&alloc_unbound, arg, 1) != 0 )
> return -EFAULT;
> - rc = evtchn_alloc_unbound(&alloc_unbound);
> + rc = evtchn_alloc_unbound(&alloc_unbound, false);
> if ( !rc && __copy_to_guest(arg, &alloc_unbound, 1) )
> rc = -EFAULT; /* Cleaning up here would be a mess! */
> break;
> diff --git a/xen/include/xen/event.h b/xen/include/xen/event.h
> index 21c95e14fd..0a2cdedf7d 100644
> --- a/xen/include/xen/event.h
> +++ b/xen/include/xen/event.h
> @@ -68,6 +68,9 @@ int evtchn_close(struct domain *d1, int port1, bool guest);
> /* Free an event channel. */
> void evtchn_free(struct domain *d, struct evtchn *chn);
>
> +/* Create a new event channel port */
> +int evtchn_alloc_unbound(evtchn_alloc_unbound_t *alloc, bool skip_xsm);
> +
> /* Allocate a specific event channel port. */
> int evtchn_allocate_port(struct domain *d, unsigned int port);
>
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |