diff options
-rw-r--r-- | xen/common/event_channel.c | 19 | ||||
-rw-r--r-- | xen/include/xsm/xsm.h | 6 | ||||
-rw-r--r-- | xen/xsm/dummy.c | 6 | ||||
-rw-r--r-- | xen/xsm/flask/hooks.c | 30 |
4 files changed, 57 insertions, 4 deletions
diff --git a/xen/common/event_channel.c b/xen/common/event_channel.c index f784254daf..989ebae133 100644 --- a/xen/common/event_channel.c +++ b/xen/common/event_channel.c @@ -1256,6 +1256,7 @@ void evtchn_move_pirqs(struct vcpu *v) static void domain_dump_evtchn_info(struct domain *d) { unsigned int port; + int irq; bitmap_scnlistprintf(keyhandler_scratch, sizeof(keyhandler_scratch), d->poll_mask, d->max_vcpus); @@ -1268,6 +1269,7 @@ static void domain_dump_evtchn_info(struct domain *d) for ( port = 1; port < MAX_EVTCHNS(d); ++port ) { const struct evtchn *chn; + char *ssid; if ( !port_is_valid(d, port) ) continue; @@ -1275,11 +1277,12 @@ static void domain_dump_evtchn_info(struct domain *d) if ( chn->state == ECS_FREE ) continue; - printk(" %4u [%d/%d]: s=%d n=%d", + printk(" %4u [%d/%d]: s=%d n=%d x=%d", port, !!test_bit(port, &shared_info(d, evtchn_pending)), !!test_bit(port, &shared_info(d, evtchn_mask)), - chn->state, chn->notify_vcpu_id); + chn->state, chn->notify_vcpu_id, chn->xen_consumer); + switch ( chn->state ) { case ECS_UNBOUND: @@ -1291,13 +1294,21 @@ static void domain_dump_evtchn_info(struct domain *d) chn->u.interdomain.remote_port); break; case ECS_PIRQ: - printk(" p=%d", chn->u.pirq.irq); + irq = domain_pirq_to_irq(d, chn->u.pirq.irq); + printk(" p=%d i=%d", chn->u.pirq.irq, irq); break; case ECS_VIRQ: printk(" v=%d", chn->u.virq); break; } - printk(" x=%d\n", chn->xen_consumer); + + ssid = xsm_show_security_evtchn(d, chn); + if (ssid) { + printk(" Z=%s\n", ssid); + xfree(ssid); + } else { + printk("\n"); + } } spin_unlock(&d->event_lock); diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index e3cae602c9..92204b3288 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -99,6 +99,7 @@ struct xsm_operations { void (*free_security_domain) (struct domain *d); int (*alloc_security_evtchn) (struct evtchn *chn); void (*free_security_evtchn) (struct evtchn *chn); + char *(*show_security_evtchn) (struct domain *d, const struct evtchn *chn); int (*get_pod_target) (struct domain *d); int (*set_pod_target) (struct domain *d); @@ -424,6 +425,11 @@ static inline void xsm_free_security_evtchn (struct evtchn *chn) (void)xsm_call(free_security_evtchn(chn)); } +static inline char *xsm_show_security_evtchn (struct domain *d, const struct evtchn *chn) +{ + return xsm_call(show_security_evtchn(d, chn)); +} + static inline int xsm_get_pod_target (struct domain *d) { return xsm_call(get_pod_target(d)); diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c index d99f8860d1..fca9d7b582 100644 --- a/xen/xsm/dummy.c +++ b/xen/xsm/dummy.c @@ -290,6 +290,11 @@ static void dummy_free_security_evtchn (struct evtchn *chn) return; } +static char *dummy_show_security_evtchn (struct domain *d, const struct evtchn *chn) +{ + return NULL; +} + static int dummy_test_assign_device (uint32_t machine_bdf) { return 0; @@ -637,6 +642,7 @@ void xsm_fixup_ops (struct xsm_operations *ops) set_to_dummy_if_null(ops, free_security_domain); set_to_dummy_if_null(ops, alloc_security_evtchn); set_to_dummy_if_null(ops, free_security_evtchn); + set_to_dummy_if_null(ops, show_security_evtchn); set_to_dummy_if_null(ops, memory_adjust_reservation); set_to_dummy_if_null(ops, memory_stat_reservation); diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index 543dc77f1a..d207b1d1be 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -274,6 +274,35 @@ static void flask_free_security_evtchn(struct evtchn *chn) xfree(esec); } +static char *flask_show_security_evtchn(struct domain *d, const struct evtchn *chn) +{ + struct evtchn_security_struct *esec; + int irq; + u32 sid = 0; + char *ctx; + u32 ctx_len; + + switch ( chn->state ) + { + case ECS_UNBOUND: + case ECS_INTERDOMAIN: + esec = chn->ssid; + if ( esec ) + sid = esec->sid; + break; + case ECS_PIRQ: + irq = domain_pirq_to_irq(d, chn->u.pirq.irq); + if (irq) + security_irq_sid(irq, &sid); + break; + } + if ( !sid ) + return NULL; + if (security_sid_to_context(sid, &ctx, &ctx_len)) + return NULL; + return ctx; +} + static int flask_grant_mapref(struct domain *d1, struct domain *d2, uint32_t flags) { @@ -1499,6 +1528,7 @@ static struct xsm_operations flask_ops = { .free_security_domain = flask_domain_free_security, .alloc_security_evtchn = flask_alloc_security_evtchn, .free_security_evtchn = flask_free_security_evtchn, + .show_security_evtchn = flask_show_security_evtchn, .get_pod_target = flask_get_pod_target, .set_pod_target = flask_set_pod_target, |