ia64/xen-unstable

changeset 18475:e5766aea2907

xsm: XSM foreigndom usage bug

- This patch corrects an unsafe/incorrect usage of FOREIGNDOM. The
value of FOREIGNDOM is now passed through the XSM interface.
Corresponding updates to the Flask module are included in this patch.

- This patch also includes a minor header update to allow the Flask
module to compile after recent updates to Xen.

Signed-off-by: George Coker <gscoker@alpha.ncsc.mil>
author Keir Fraser <keir.fraser@citrix.com>
date Thu Sep 11 11:56:49 2008 +0100 (2008-09-11)
parents f5e72cbfbb17
children fba8dca321c2
files xen/arch/x86/mm.c xen/include/xsm/xsm.h xen/xsm/dummy.c xen/xsm/flask/hooks.c
line diff
     1.1 --- a/xen/arch/x86/mm.c	Wed Sep 10 11:26:16 2008 +0100
     1.2 +++ b/xen/arch/x86/mm.c	Thu Sep 11 11:56:49 2008 +0100
     1.3 @@ -2804,7 +2804,7 @@ int do_mmu_update(
     1.4               */
     1.5          case MMU_NORMAL_PT_UPDATE:
     1.6          case MMU_PT_UPDATE_PRESERVE_AD:
     1.7 -            rc = xsm_mmu_normal_update(d, req.val);
     1.8 +            rc = xsm_mmu_normal_update(d, FOREIGNDOM, req.val);
     1.9              if ( rc )
    1.10                  break;
    1.11  
    1.12 @@ -3321,7 +3321,7 @@ int do_update_va_mapping(unsigned long v
    1.13      if ( unlikely(!access_ok(va, 1) && !paging_mode_external(d)) )
    1.14          return -EINVAL;
    1.15  
    1.16 -    rc = xsm_update_va_mapping(d, val);
    1.17 +    rc = xsm_update_va_mapping(d, FOREIGNDOM, val);
    1.18      if ( rc )
    1.19          return rc;
    1.20  
     2.1 --- a/xen/include/xsm/xsm.h	Wed Sep 10 11:26:16 2008 +0100
     2.2 +++ b/xen/include/xsm/xsm.h	Thu Sep 11 11:56:49 2008 +0100
     2.3 @@ -137,9 +137,11 @@ struct xsm_operations {
     2.4      int (*getidletime) (void);
     2.5      int (*machine_memory_map) (void);
     2.6      int (*domain_memory_map) (struct domain *d);
     2.7 -    int (*mmu_normal_update) (struct domain *d, intpte_t fpte);
     2.8 +    int (*mmu_normal_update) (struct domain *d, struct domain *f, 
     2.9 +                                                                intpte_t fpte);
    2.10      int (*mmu_machphys_update) (struct domain *d, unsigned long mfn);
    2.11 -    int (*update_va_mapping) (struct domain *d, l1_pgentry_t pte);
    2.12 +    int (*update_va_mapping) (struct domain *d, struct domain *f, 
    2.13 +                                                            l1_pgentry_t pte);
    2.14      int (*add_to_physmap) (struct domain *d1, struct domain *d2);
    2.15      int (*remove_from_physmap) (struct domain *d1, struct domain *d2);
    2.16      int (*sendtrigger) (struct domain *d);
    2.17 @@ -560,9 +562,10 @@ static inline int xsm_domain_memory_map(
    2.18      return xsm_call(domain_memory_map(d));
    2.19  }
    2.20  
    2.21 -static inline int xsm_mmu_normal_update (struct domain *d, intpte_t fpte)
    2.22 +static inline int xsm_mmu_normal_update (struct domain *d, struct domain *f, 
    2.23 +                                                                intpte_t fpte)
    2.24  {
    2.25 -    return xsm_call(mmu_normal_update(d, fpte));
    2.26 +    return xsm_call(mmu_normal_update(d, f, fpte));
    2.27  }
    2.28  
    2.29  static inline int xsm_mmu_machphys_update (struct domain *d, unsigned long mfn)
    2.30 @@ -570,9 +573,10 @@ static inline int xsm_mmu_machphys_updat
    2.31      return xsm_call(mmu_machphys_update(d, mfn));
    2.32  }
    2.33  
    2.34 -static inline int xsm_update_va_mapping(struct domain *d, l1_pgentry_t pte)
    2.35 +static inline int xsm_update_va_mapping(struct domain *d, struct domain *f, 
    2.36 +                                                            l1_pgentry_t pte)
    2.37  {
    2.38 -    return xsm_call(update_va_mapping(d, pte));
    2.39 +    return xsm_call(update_va_mapping(d, f, pte));
    2.40  }
    2.41  
    2.42  static inline int xsm_add_to_physmap(struct domain *d1, struct domain *d2)
     3.1 --- a/xen/xsm/dummy.c	Wed Sep 10 11:26:16 2008 +0100
     3.2 +++ b/xen/xsm/dummy.c	Thu Sep 11 11:56:49 2008 +0100
     3.3 @@ -400,7 +400,8 @@ static int dummy_domain_memory_map (stru
     3.4      return 0;
     3.5  }
     3.6  
     3.7 -static int dummy_mmu_normal_update (struct domain *d, intpte_t fpte)
     3.8 +static int dummy_mmu_normal_update (struct domain *d, struct domain *f, 
     3.9 +                                                                intpte_t fpte)
    3.10  {
    3.11      return 0;
    3.12  }
    3.13 @@ -410,7 +411,8 @@ static int dummy_mmu_machphys_update (st
    3.14      return 0;
    3.15  }
    3.16  
    3.17 -static int dummy_update_va_mapping (struct domain *d, l1_pgentry_t pte)
    3.18 +static int dummy_update_va_mapping (struct domain *d, struct domain *f, 
    3.19 +                                                            l1_pgentry_t pte)
    3.20  {
    3.21      return 0;
    3.22  }
     4.1 --- a/xen/xsm/flask/hooks.c	Wed Sep 10 11:26:16 2008 +0100
     4.2 +++ b/xen/xsm/flask/hooks.c	Thu Sep 11 11:56:49 2008 +0100
     4.3 @@ -11,6 +11,7 @@
     4.4  #include <xen/init.h>
     4.5  #include <xen/lib.h>
     4.6  #include <xen/sched.h>
     4.7 +#include <xen/paging.h>
     4.8  #include <xen/xmalloc.h>
     4.9  #include <xsm/xsm.h>
    4.10  #include <xen/spinlock.h>
    4.11 @@ -354,7 +355,7 @@ static int get_mfn_sid(unsigned long mfn
    4.12      if ( mfn_valid(mfn) )
    4.13      {
    4.14          /*mfn is valid if this is a page that Xen is tracking!*/
    4.15 -        page = mfn_to_page(mfn);        
    4.16 +        page = mfn_to_page(mfn);
    4.17          rc = get_page_sid(page, sid);
    4.18      }
    4.19      else
    4.20 @@ -404,23 +405,6 @@ static int flask_memory_pin_page(struct 
    4.21      return avc_has_perm(dsec->sid, sid, SECCLASS_MMU, MMU__PINPAGE, NULL);
    4.22  }
    4.23  
    4.24 -/* Used to defer flushing of memory structures. */
    4.25 -struct percpu_mm_info {
    4.26 -#define DOP_FLUSH_TLB      (1<<0) /* Flush the local TLB.                    */
    4.27 -#define DOP_FLUSH_ALL_TLBS (1<<1) /* Flush TLBs of all VCPUs of current dom. */
    4.28 -#define DOP_RELOAD_LDT     (1<<2) /* Reload the LDT shadow mapping.          */
    4.29 -    unsigned int   deferred_ops;
    4.30 -    /* If non-NULL, specifies a foreign subject domain for some operations. */
    4.31 -    struct domain *foreign;
    4.32 -};
    4.33 -static DEFINE_PER_CPU(struct percpu_mm_info, percpu_mm_info);
    4.34 -
    4.35 -/*
    4.36 - * Returns the current foreign domain; defaults to the currently-executing
    4.37 - * domain if a foreign override hasn't been specified.
    4.38 - */
    4.39 -#define FOREIGNDOM (this_cpu(percpu_mm_info).foreign ?: current->domain)
    4.40 -
    4.41  static int flask_console_io(struct domain *d, int cmd)
    4.42  {
    4.43      u32 perm;
    4.44 @@ -1023,7 +1007,8 @@ static int flask_domain_memory_map(struc
    4.45      return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__MEMORYMAP);
    4.46  }
    4.47  
    4.48 -static int flask_mmu_normal_update(struct domain *d, intpte_t fpte)
    4.49 +static int flask_mmu_normal_update(struct domain *d, struct domain *f, 
    4.50 +                                                                intpte_t fpte)
    4.51  {
    4.52      int rc = 0;
    4.53      u32 map_perms = MMU__MAP_READ;
    4.54 @@ -1036,7 +1021,7 @@ static int flask_mmu_normal_update(struc
    4.55      if ( l1e_get_flags(l1e_from_intpte(fpte)) & _PAGE_RW )
    4.56          map_perms |= MMU__MAP_WRITE;
    4.57  
    4.58 -    fmfn = gmfn_to_mfn(FOREIGNDOM, l1e_get_pfn(l1e_from_intpte(fpte)));
    4.59 +    fmfn = gmfn_to_mfn(f, l1e_get_pfn(l1e_from_intpte(fpte)));
    4.60  
    4.61      rc = get_mfn_sid(fmfn, &fsid);
    4.62      if ( rc )
    4.63 @@ -1059,7 +1044,8 @@ static int flask_mmu_machphys_update(str
    4.64      return avc_has_perm(dsec->sid, psid, SECCLASS_MMU, MMU__UPDATEMP, NULL);
    4.65  }
    4.66  
    4.67 -static int flask_update_va_mapping(struct domain *d, l1_pgentry_t pte)
    4.68 +static int flask_update_va_mapping(struct domain *d, struct domain *f, 
    4.69 +                                                            l1_pgentry_t pte)
    4.70  {
    4.71      int rc = 0;
    4.72      u32 psid;
    4.73 @@ -1069,7 +1055,7 @@ static int flask_update_va_mapping(struc
    4.74  
    4.75      dsec = d->ssid;
    4.76  
    4.77 -    mfn = gmfn_to_mfn(FOREIGNDOM, l1e_get_pfn(pte));        
    4.78 +    mfn = gmfn_to_mfn(f, l1e_get_pfn(pte));        
    4.79      rc = get_mfn_sid(mfn, &psid);
    4.80      if ( rc )
    4.81          return rc;