ia64/xen-unstable
changeset 18475:e5766aea2907
xsm: XSM foreigndom usage bug
- This patch corrects an unsafe/incorrect usage of FOREIGNDOM. The
value of FOREIGNDOM is now passed through the XSM interface.
Corresponding updates to the Flask module are included in this patch.
- This patch also includes a minor header update to allow the Flask
module to compile after recent updates to Xen.
Signed-off-by: George Coker <gscoker@alpha.ncsc.mil>
- This patch corrects an unsafe/incorrect usage of FOREIGNDOM. The
value of FOREIGNDOM is now passed through the XSM interface.
Corresponding updates to the Flask module are included in this patch.
- This patch also includes a minor header update to allow the Flask
module to compile after recent updates to Xen.
Signed-off-by: George Coker <gscoker@alpha.ncsc.mil>
| author | Keir Fraser <keir.fraser@citrix.com> |
|---|---|
| date | Thu Sep 11 11:56:49 2008 +0100 (2008-09-11) |
| parents | f5e72cbfbb17 |
| children | fba8dca321c2 |
| files | xen/arch/x86/mm.c xen/include/xsm/xsm.h xen/xsm/dummy.c xen/xsm/flask/hooks.c |
line diff
1.1 --- a/xen/arch/x86/mm.c Wed Sep 10 11:26:16 2008 +0100 1.2 +++ b/xen/arch/x86/mm.c Thu Sep 11 11:56:49 2008 +0100 1.3 @@ -2804,7 +2804,7 @@ int do_mmu_update( 1.4 */ 1.5 case MMU_NORMAL_PT_UPDATE: 1.6 case MMU_PT_UPDATE_PRESERVE_AD: 1.7 - rc = xsm_mmu_normal_update(d, req.val); 1.8 + rc = xsm_mmu_normal_update(d, FOREIGNDOM, req.val); 1.9 if ( rc ) 1.10 break; 1.11 1.12 @@ -3321,7 +3321,7 @@ int do_update_va_mapping(unsigned long v 1.13 if ( unlikely(!access_ok(va, 1) && !paging_mode_external(d)) ) 1.14 return -EINVAL; 1.15 1.16 - rc = xsm_update_va_mapping(d, val); 1.17 + rc = xsm_update_va_mapping(d, FOREIGNDOM, val); 1.18 if ( rc ) 1.19 return rc; 1.20
2.1 --- a/xen/include/xsm/xsm.h Wed Sep 10 11:26:16 2008 +0100 2.2 +++ b/xen/include/xsm/xsm.h Thu Sep 11 11:56:49 2008 +0100 2.3 @@ -137,9 +137,11 @@ struct xsm_operations { 2.4 int (*getidletime) (void); 2.5 int (*machine_memory_map) (void); 2.6 int (*domain_memory_map) (struct domain *d); 2.7 - int (*mmu_normal_update) (struct domain *d, intpte_t fpte); 2.8 + int (*mmu_normal_update) (struct domain *d, struct domain *f, 2.9 + intpte_t fpte); 2.10 int (*mmu_machphys_update) (struct domain *d, unsigned long mfn); 2.11 - int (*update_va_mapping) (struct domain *d, l1_pgentry_t pte); 2.12 + int (*update_va_mapping) (struct domain *d, struct domain *f, 2.13 + l1_pgentry_t pte); 2.14 int (*add_to_physmap) (struct domain *d1, struct domain *d2); 2.15 int (*remove_from_physmap) (struct domain *d1, struct domain *d2); 2.16 int (*sendtrigger) (struct domain *d); 2.17 @@ -560,9 +562,10 @@ static inline int xsm_domain_memory_map( 2.18 return xsm_call(domain_memory_map(d)); 2.19 } 2.20 2.21 -static inline int xsm_mmu_normal_update (struct domain *d, intpte_t fpte) 2.22 +static inline int xsm_mmu_normal_update (struct domain *d, struct domain *f, 2.23 + intpte_t fpte) 2.24 { 2.25 - return xsm_call(mmu_normal_update(d, fpte)); 2.26 + return xsm_call(mmu_normal_update(d, f, fpte)); 2.27 } 2.28 2.29 static inline int xsm_mmu_machphys_update (struct domain *d, unsigned long mfn) 2.30 @@ -570,9 +573,10 @@ static inline int xsm_mmu_machphys_updat 2.31 return xsm_call(mmu_machphys_update(d, mfn)); 2.32 } 2.33 2.34 -static inline int xsm_update_va_mapping(struct domain *d, l1_pgentry_t pte) 2.35 +static inline int xsm_update_va_mapping(struct domain *d, struct domain *f, 2.36 + l1_pgentry_t pte) 2.37 { 2.38 - return xsm_call(update_va_mapping(d, pte)); 2.39 + return xsm_call(update_va_mapping(d, f, pte)); 2.40 } 2.41 2.42 static inline int xsm_add_to_physmap(struct domain *d1, struct domain *d2)
3.1 --- a/xen/xsm/dummy.c Wed Sep 10 11:26:16 2008 +0100 3.2 +++ b/xen/xsm/dummy.c Thu Sep 11 11:56:49 2008 +0100 3.3 @@ -400,7 +400,8 @@ static int dummy_domain_memory_map (stru 3.4 return 0; 3.5 } 3.6 3.7 -static int dummy_mmu_normal_update (struct domain *d, intpte_t fpte) 3.8 +static int dummy_mmu_normal_update (struct domain *d, struct domain *f, 3.9 + intpte_t fpte) 3.10 { 3.11 return 0; 3.12 } 3.13 @@ -410,7 +411,8 @@ static int dummy_mmu_machphys_update (st 3.14 return 0; 3.15 } 3.16 3.17 -static int dummy_update_va_mapping (struct domain *d, l1_pgentry_t pte) 3.18 +static int dummy_update_va_mapping (struct domain *d, struct domain *f, 3.19 + l1_pgentry_t pte) 3.20 { 3.21 return 0; 3.22 }
4.1 --- a/xen/xsm/flask/hooks.c Wed Sep 10 11:26:16 2008 +0100 4.2 +++ b/xen/xsm/flask/hooks.c Thu Sep 11 11:56:49 2008 +0100 4.3 @@ -11,6 +11,7 @@ 4.4 #include <xen/init.h> 4.5 #include <xen/lib.h> 4.6 #include <xen/sched.h> 4.7 +#include <xen/paging.h> 4.8 #include <xen/xmalloc.h> 4.9 #include <xsm/xsm.h> 4.10 #include <xen/spinlock.h> 4.11 @@ -354,7 +355,7 @@ static int get_mfn_sid(unsigned long mfn 4.12 if ( mfn_valid(mfn) ) 4.13 { 4.14 /*mfn is valid if this is a page that Xen is tracking!*/ 4.15 - page = mfn_to_page(mfn); 4.16 + page = mfn_to_page(mfn); 4.17 rc = get_page_sid(page, sid); 4.18 } 4.19 else 4.20 @@ -404,23 +405,6 @@ static int flask_memory_pin_page(struct 4.21 return avc_has_perm(dsec->sid, sid, SECCLASS_MMU, MMU__PINPAGE, NULL); 4.22 } 4.23 4.24 -/* Used to defer flushing of memory structures. */ 4.25 -struct percpu_mm_info { 4.26 -#define DOP_FLUSH_TLB (1<<0) /* Flush the local TLB. */ 4.27 -#define DOP_FLUSH_ALL_TLBS (1<<1) /* Flush TLBs of all VCPUs of current dom. */ 4.28 -#define DOP_RELOAD_LDT (1<<2) /* Reload the LDT shadow mapping. */ 4.29 - unsigned int deferred_ops; 4.30 - /* If non-NULL, specifies a foreign subject domain for some operations. */ 4.31 - struct domain *foreign; 4.32 -}; 4.33 -static DEFINE_PER_CPU(struct percpu_mm_info, percpu_mm_info); 4.34 - 4.35 -/* 4.36 - * Returns the current foreign domain; defaults to the currently-executing 4.37 - * domain if a foreign override hasn't been specified. 4.38 - */ 4.39 -#define FOREIGNDOM (this_cpu(percpu_mm_info).foreign ?: current->domain) 4.40 - 4.41 static int flask_console_io(struct domain *d, int cmd) 4.42 { 4.43 u32 perm; 4.44 @@ -1023,7 +1007,8 @@ static int flask_domain_memory_map(struc 4.45 return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__MEMORYMAP); 4.46 } 4.47 4.48 -static int flask_mmu_normal_update(struct domain *d, intpte_t fpte) 4.49 +static int flask_mmu_normal_update(struct domain *d, struct domain *f, 4.50 + intpte_t fpte) 4.51 { 4.52 int rc = 0; 4.53 u32 map_perms = MMU__MAP_READ; 4.54 @@ -1036,7 +1021,7 @@ static int flask_mmu_normal_update(struc 4.55 if ( l1e_get_flags(l1e_from_intpte(fpte)) & _PAGE_RW ) 4.56 map_perms |= MMU__MAP_WRITE; 4.57 4.58 - fmfn = gmfn_to_mfn(FOREIGNDOM, l1e_get_pfn(l1e_from_intpte(fpte))); 4.59 + fmfn = gmfn_to_mfn(f, l1e_get_pfn(l1e_from_intpte(fpte))); 4.60 4.61 rc = get_mfn_sid(fmfn, &fsid); 4.62 if ( rc ) 4.63 @@ -1059,7 +1044,8 @@ static int flask_mmu_machphys_update(str 4.64 return avc_has_perm(dsec->sid, psid, SECCLASS_MMU, MMU__UPDATEMP, NULL); 4.65 } 4.66 4.67 -static int flask_update_va_mapping(struct domain *d, l1_pgentry_t pte) 4.68 +static int flask_update_va_mapping(struct domain *d, struct domain *f, 4.69 + l1_pgentry_t pte) 4.70 { 4.71 int rc = 0; 4.72 u32 psid; 4.73 @@ -1069,7 +1055,7 @@ static int flask_update_va_mapping(struc 4.74 4.75 dsec = d->ssid; 4.76 4.77 - mfn = gmfn_to_mfn(FOREIGNDOM, l1e_get_pfn(pte)); 4.78 + mfn = gmfn_to_mfn(f, l1e_get_pfn(pte)); 4.79 rc = get_mfn_sid(mfn, &psid); 4.80 if ( rc ) 4.81 return rc;