[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v5 20/44] x86/boot: convert xsm policy loading to struct boot_module


  • To: Jason Andryuk <jason.andryuk@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • From: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Date: Wed, 9 Oct 2024 13:21:54 -0400
  • Arc-authentication-results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@xxxxxxxxxxxxxxxxxxxx; dmarc=pass header.from=<dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1728494518; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To; bh=6fJttl4TSb5yyrc0zoAyEdtAOjb4Zz96lIEuIWf8X6c=; b=ZdZKD6cWsbW6yxIRHEUvbaiYYdvTbCoNejxz40tQKOGi+lXL3+zZGBC8BF1Cm08abi/mR3ph84DuMjU9zuf1JjUOBRK6GKwpptSE7LgmE/PD8T6SDXiclFEPNAQELGg+AJRiCHmqLcWOvJbaqOQbpbAh/EkYg7gxSJ42K5qHbM8=
  • Arc-seal: i=1; a=rsa-sha256; t=1728494518; cv=none; d=zohomail.com; s=zohoarc; b=O97JbJ5UTgsyOIh8rN5JRHwRmRxJu97OAKict95HKnirmL9gwojhfOL33M6WxaKKlDamjylwRVmlk2CFyCXGTrHPZ+hJSVUqnA7QM+jXvseUgRSw6oKOnH5hxe2LK+X2mbUmYKyrtzmJUg/iQdiodIliknFHPBTYG9/1cJH9frA=
  • Cc: christopher.w.clark@xxxxxxxxx, stefano.stabellini@xxxxxxx, Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Wed, 09 Oct 2024 17:22:13 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 10/8/24 12:13, Jason Andryuk wrote:
On 2024-10-06 17:49, Daniel P. Smith wrote:
Iterate through the unclaimed struct boot_module to see if any are an XSM FLASK
policy. If one is located, mark it as an xsm policy.

Signed-off-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>

@@ -161,6 +162,14 @@ int __init xsm_multiboot_init(
      }
      ret = xsm_core_init(policy_buffer, policy_size);
+    if ( ret == 0 )
+    {
+        int idx = first_boot_module_index(bi, BOOTMOD_XSM_POLICY);
+
+        /* If the policy was loaded from a boot module, mark it consumed */
+        if ( idx >= 0 )
+            bi->mods[idx].flags |= BOOTMOD_FLAG_X86_CONSUMED;

Maybe xsm_multiboot_policy_init() should return the idx used instead of having a second search?  (Also, xsm_multiboot_policy_init() can't fail?)

I was debating on whether to make similar changes because the existing logic just seems sub-optimal. Currently I am looking to just write an independent XSM patch that looks at both this function and the device tree version of the function. Specifically, looking to use the IS_ENABLED() macro instead of #ifdef to reduce code, provide better code coverage, and to refine the logic.

+    }
      bootstrap_map(NULL);
      return 0;

The other changes look okay.

R-b then?

v/r,
dps



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.