[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [PATCH v9 3/3] xsm: refactor flask sid alloc and domain check
- To: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Henry Wang <Henry.Wang@xxxxxxx>
- Date: Thu, 30 Jun 2022 08:40:55 +0000
- Accept-language: zh-CN, en-US
- Arc-authentication-results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com])
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
- Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ezCmuNKMIB3MTY9SF7b2uXP+7DTkfHwrHZflJsoVeYI=; b=IZz72PQKV8BiVU4cQlBeHbZdLjrIhif2D4IE6tv/KDgk5FqLRUrs1WfHHnbKw2q4SwF+T3U//a6wbCxjPnIf1z3ZElG+n3Ijp6lpYV9S+0U9Kk3iGjycuf0ZcAfMFXE0wVVz6r3prqmpJpmb/gYrgnoZ/TxNkPxPukxRgjSeRsquUoA0N+qcTkJei2opR2KE12/bmkDSGySY5IyXAS7Nctc74KzBPa0CQlb6sux4JAj49YVpRpZ3+MoWYKKzV1xZjD/RzW7chR+LYeHOsZOuMZVsnO4U0e3cNYPa404Zbg6NTSFTAR81lSUtOR215zoWIqxhsQOcNil62Ja2GRITCA==
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ezCmuNKMIB3MTY9SF7b2uXP+7DTkfHwrHZflJsoVeYI=; b=lACmGeF549uPm+leoTMLAr8oFzZkT0dLaYAxGoXY0W+lF64yslIj3jbymfakn1xrZJs8Uz1qTGvnSchUHGQG0A91jdO+YU9yZFFAgUal0XOYTzTJ+IQxr8Eb0SDCT4/bVmv/LjpfGefFvjjefmPfych+/3VZzYie/gFnfMN9pa6rg+Y/Plnm38IFQHmH1xRIndAFLxW6LhosWE7in0cRGgtX4+zjegYGgKdvo/8eVKay0qAnARzaCDKlWkZ7pcRP549/KOQjVHpV1P9F3J1Gf3loVqCKW84729V9C7XNUvU4yAuyKewcNGpfpY4blWyzwgC3g4VCEu7Hh5Pv2neskQ==
- Arc-seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=GpQarhKfY1OzrZ3cXaKd7JxmKEfMQkD7CTby4oYN/HD5UlK32Fp4ilhvBA/2XgfxVd5LG6s+b18VanOh9wL7aqsSIWeMVyHoBln5dxC+4VMhsthQyq9IS/dfPF57XBWrmmfkxApVevxWwmzIzPtm2EK9ntBgeIM3RDLp7YAdGsAX6JXuG/QBBo8hWoxBE4IOWktYiG4zSVjQOWPHx6Ni6js6SmHo/lm3bQzmkHrjYwiQ6WCYQoqOCLv9BSGB4GBF1oyH7Gc8F8euJb/3C8S4kYOMwtDD5fOWsIySJ62B+pp/2H0bIoFQ7cp/FM8iQ5e5T8mrVGYzbBrHtVjMkDdAng==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XG7h+y5VnsSryCdIw0dnwdjKDFcXQcyWn2y7QUdHknUfB4rvAVFScW+FX+avcH+H/MVcERmI38sKFcSsbJ4WU/fYsdnTdZ8ykclCH5CNBasFjrw+OWpN+WZPWPUHSI2HxnMPJrWRh167QjCUuaP9GnIZddRboRfrCmRKH4mcUM0BsQ1GZB765OiQkX+SsWIg/iUK7sb5Qe4dMOQm98WCYVaN6y9Jqm/FGyp6CEy4IUde5NhooIhC+6LX7v7Cjc1CfrZ+pPb5cyJiW0OyKQAH8EoaNACgFdfKljYRVlD4Fc9Ys02icEIMQSXZx578JuoFaai57aAjtgTO8X6/wQDYmA==
- Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
- Cc: "scott.davis@xxxxxxxxxx" <scott.davis@xxxxxxxxxx>, "jandryuk@xxxxxxxxx" <jandryuk@xxxxxxxxx>, "christopher.clark@xxxxxxxxxx" <christopher.clark@xxxxxxxxxx>, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>
- Delivery-date: Thu, 30 Jun 2022 08:41:29 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
- Nodisclaimer: true
- Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
- Thread-index: AQHYjChOQ8kNa3hXJ0OsgkVBHq90Ka1nneog
- Thread-topic: [PATCH v9 3/3] xsm: refactor flask sid alloc and domain check
Hi Daniel,
> -----Original Message-----
> Subject: [PATCH v9 3/3] xsm: refactor flask sid alloc and domain check
>
> The function flask_domain_alloc_security() is where a default sid should be
> assigned to a domain under construction. For reasons unknown, the initial
> domain would be assigned unlabeled_t and then fixed up under
> flask_domain_create(). With the introduction of xenboot_t it is now possible
> to distinguish when the hypervisor is in the boot state.
>
> This commit looks to correct this by using a check to see if the hypervisor is
> under the xenboot_t context in flask_domain_alloc_security(). If it is, then
> it
> will inspect the domain's is_privileged field, and select the appropriate
> default label, dom0_t or domU_t, for the domain. The logic for
> flask_domain_create() was changed to allow the incoming sid to override the
> default label.
>
> The base policy was adjusted to allow the idle domain under the xenboot_t
> context to be able to construct domains of both types, dom0 and domU.
>
> Signed-off-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>
Same as what Jan has said, I don't think I am qualified to properly review
the series, but I did run a compile and runtime test on Arm64 platform with
the xsm and flask enabled and it looks like everything is fine.
Hence (also for the whole series):
Tested-by: Henry Wang <Henry.Wang@xxxxxxx>
> ---
> tools/flask/policy/modules/dom0.te | 3 +++
> tools/flask/policy/modules/domU.te | 3 +++
> xen/xsm/flask/hooks.c | 34 ++++++++++++++++++------------
> 3 files changed, 26 insertions(+), 14 deletions(-)
|