diff options
author | Stephen Smalley <sds@tycho.nsa.gov> | 2011-04-12 14:55:25 +0100 |
---|---|---|
committer | Stephen Smalley <sds@tycho.nsa.gov> | 2011-04-12 14:55:25 +0100 |
commit | ad17ef1932d8c2be57ba3af4f6dc95607c6a629a (patch) | |
tree | faac7a078edbd4d3851e3ea2e889d320d311e42a /xen/xsm | |
parent | 1e7545fd7cf40876121ab3ce185c90e555a81dc2 (diff) | |
download | xen-ad17ef1932d8c2be57ba3af4f6dc95607c6a629a.tar.gz xen-ad17ef1932d8c2be57ba3af4f6dc95607c6a629a.tar.bz2 xen-ad17ef1932d8c2be57ba3af4f6dc95607c6a629a.zip |
xsm: Fix xsm_mmu_* and xsm_update_va_mapping hooks
This is an attempt to properly fix the hypervisor crash previously
described in
http://marc.info/?l=xen-devel&m=128396289707362&w=2
In looking into this issue, I think the proper fix is to move the
xsm_mmu_* and xsm_update_va_mapping hook calls later in the callers,
after more validation has been performed and the page_info struct is
readily available, and pass the page_info to the hooks. This patch
moves the xsm_mmu_normal_update, xsm_mmu_machphys_update and
xsm_update_va_mapping hook calls accordingly, and updates their
interfaces and hook function implementations. This appears to resolve
the crashes for me.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Diffstat (limited to 'xen/xsm')
-rw-r--r-- | xen/xsm/dummy.c | 11 | ||||
-rw-r--r-- | xen/xsm/flask/hooks.c | 41 |
2 files changed, 14 insertions, 38 deletions
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c index 9716f941cf..bf07540ca5 100644 --- a/xen/xsm/dummy.c +++ b/xen/xsm/dummy.c @@ -405,19 +405,20 @@ static int dummy_domain_memory_map (struct domain *d) return 0; } -static int dummy_mmu_normal_update (struct domain *d, struct domain *f, - intpte_t fpte) +static int dummy_mmu_normal_update (struct domain *d, + intpte_t fpte, struct page_info *page) { return 0; } -static int dummy_mmu_machphys_update (struct domain *d, unsigned long mfn) +static int dummy_mmu_machphys_update (struct domain *d, struct page_info *page) { return 0; } -static int dummy_update_va_mapping (struct domain *d, struct domain *f, - l1_pgentry_t pte) +static int dummy_update_va_mapping (struct domain *d, + l1_pgentry_t pte, + struct page_info *page) { return 0; } diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index cb83b361ed..933873efd2 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -347,26 +347,6 @@ static int get_page_sid(struct page_info *page, u32 *sid) return rc; } -static int get_mfn_sid(unsigned long mfn, u32 *sid) -{ - int rc = 0; - struct page_info *page; - - if ( mfn_valid(mfn) ) - { - /*mfn is valid if this is a page that Xen is tracking!*/ - page = mfn_to_page(mfn); - rc = get_page_sid(page, sid); - } - else - { - /*Possibly an untracked IO page?*/ - rc = security_iomem_sid(mfn, sid); - } - - return rc; -} - static int flask_memory_adjust_reservation(struct domain *d1, struct domain *d2) { return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__ADJUST); @@ -1006,12 +986,11 @@ static int flask_domain_memory_map(struct domain *d) return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__MEMORYMAP); } -static int flask_mmu_normal_update(struct domain *d, struct domain *f, - intpte_t fpte) +static int flask_mmu_normal_update(struct domain *d, + intpte_t fpte, struct page_info *page) { int rc = 0; u32 map_perms = MMU__MAP_READ; - unsigned long fmfn; struct domain_security_struct *dsec; u32 fsid; @@ -1020,42 +999,38 @@ static int flask_mmu_normal_update(struct domain *d, struct domain *f, if ( l1e_get_flags(l1e_from_intpte(fpte)) & _PAGE_RW ) map_perms |= MMU__MAP_WRITE; - fmfn = gmfn_to_mfn(f, l1e_get_pfn(l1e_from_intpte(fpte))); - - rc = get_mfn_sid(fmfn, &fsid); + rc = get_page_sid(page, &fsid); if ( rc ) return rc; return avc_has_perm(dsec->sid, fsid, SECCLASS_MMU, map_perms, NULL); } -static int flask_mmu_machphys_update(struct domain *d, unsigned long mfn) +static int flask_mmu_machphys_update(struct domain *d, struct page_info *page) { int rc = 0; u32 psid; struct domain_security_struct *dsec; dsec = d->ssid; - rc = get_mfn_sid(mfn, &psid); + rc = get_page_sid(page, &psid); if ( rc ) return rc; return avc_has_perm(dsec->sid, psid, SECCLASS_MMU, MMU__UPDATEMP, NULL); } -static int flask_update_va_mapping(struct domain *d, struct domain *f, - l1_pgentry_t pte) +static int flask_update_va_mapping(struct domain *d, + l1_pgentry_t pte, struct page_info *page) { int rc = 0; u32 psid; u32 map_perms = MMU__MAP_READ; - unsigned long mfn; struct domain_security_struct *dsec; dsec = d->ssid; - mfn = gmfn_to_mfn(f, l1e_get_pfn(pte)); - rc = get_mfn_sid(mfn, &psid); + rc = get_page_sid(page, &psid); if ( rc ) return rc; |