[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3 3/3] xsm: properly handle error from XSM init
- To: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Wed, 1 Jun 2022 08:14:28 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=p07NFfR9d7h8GbcIWy0Ibo2cvAr3i2BG7PXENiPZ15c=; b=l3IpPTn0wrpEpvblBhcJjIcMptD95pSv8I2RpzB+CoXWYjYzdSJytLFDAsRN//glriQp0GQ26H3pMf4xgZuHPmKG0jnt+YSxIgF7l/N/ayM2HI6OD6NJkn7Gw+ccQizOGJldS7s6yZ8OmIp+ycX3xav9exYUYNnptNXoM7XnQxcmJsb6WAl2fP7sAgtSqd/1Nv8zuF+++4C3OYGwDgUfq71Gkp+XDKo8WM2lFWjf2xoXOXXGJPMyNrCDAOdfDnnsYRFkjNwZXEl8v6t/vLmumO8m5N3epqthimYTKXVCphc7qgqHf4HXaUebu2DC6iro8RogRYHDBlP/a0t77g6jlQ==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ntKsivT3y5baupIlOE6OontJfJ5IH8M28zRzxuro5kIl5KlwiM63/hJvmS0cbDIepxkhCMw3Lt/aniJKWyG31wyCFMj/B6fGVWnrr9T3By8WQxrXQH3kDxpHO7C46Fzb953izcKITsc8Rn51bkymjCU4irAGvL9XTlK82zKz2aeaDRedCZmJVf71lp/fOaLni2ko5t1M3v+2XIFoSSmlno3TkiftkjKqqCquQRSFBO20HJGBUCobGoTRfOVHOWWqVRCyNm2yQRmwMwoMZQbPCIGM327J2vHSIYS6OXaCPpEHZUUOSq/wkpmG0FHJQkGpInE4gZxfyVAOqPAXevv+Kg==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
- Cc: scott.davis@xxxxxxxxxx, christopher.clark@xxxxxxxxxx, jandryuk@xxxxxxxxx, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Wei Liu <wl@xxxxxxx>
- Delivery-date: Wed, 01 Jun 2022 06:14:43 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 31.05.2022 17:08, Daniel P. Smith wrote:
> @@ -1690,7 +1691,7 @@ void __init noreturn __start_xen(unsigned long mbi_p)
>
> open_softirq(NEW_TLBFLUSH_CLOCK_PERIOD_SOFTIRQ,
> new_tlbflush_clock_period);
>
> - if ( opt_watchdog )
> + if ( opt_watchdog )
> nmi_watchdog = NMI_LOCAL_APIC;
>
> find_smp_config();
Please omit formatting changes to entirely unrelated pieces of code.
> @@ -1700,7 +1701,11 @@ void __init noreturn __start_xen(unsigned long mbi_p)
> mmio_ro_ranges = rangeset_new(NULL, "r/o mmio ranges",
> RANGESETF_prettyprint_hex);
>
> - xsm_multiboot_init(module_map, mbi);
> + if ( xsm_multiboot_init(module_map, mbi) )
> + warning_add("WARNING: XSM failed to initialize.\n"
> + "This has implications on the security of the system,\n"
> + "as uncontrolled communications between trusted and\n"
> + "untrusted domains may occur.\n");
Uncontrolled communication isn't the only thing that could occur, aiui.
So at the very least "e.g." or some such would want adding imo.
Now that return values are checked, I think that in addition to what
you already do the two function declarations may want decorating with
__must_check.
Jan
|