From mboxrd@z Thu Jan 1 00:00:00 1970 From: Alex Williamson Subject: Re: [Xense-devel][PATCH][XSM][1/4] Xen Security Modules Patch Date: Thu, 08 Mar 2007 09:43:30 -0700 Message-ID: <1173372210.5941.215.camel@bling> References: <1173367723.11144.29.camel@moss-walleye.epoch.ncsc.mil> <1173369547.5941.212.camel@bling> <1173370608.11144.42.camel@moss-walleye.epoch.ncsc.mil> Mime-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1173370608.11144.42.camel@moss-walleye.epoch.ncsc.mil> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: "George S. Coker, II" Cc: xen-devel@lists.xensource.com, xense-devel@lists.xensource.com List-Id: xen-devel@lists.xenproject.org On Thu, 2007-03-08 at 11:16 -0500, George S. Coker, II wrote: > On Thu, 2007-03-08 at 08:59 -0700, Alex Williamson wrote: > > On Thu, 2007-03-08 at 10:28 -0500, George S. Coker, II wrote: > > > + /* > > > + * Try all modules and see whichever could be the binary policy. > > > + * Adjust the initrdidx if module[1] is the binary policy. > > > + */ > > > + for (i = mbi->mods_count-1; i >= 1; i--) { > > > +#if defined(__i386__) > > > + _policy_start = (u32 *)(initial_images_start + (mod[i].mod_start-mod[0].mod_start)); > > > +#elif defined(__x86_64__) > > > + _policy_start = __va(initial_images_start + (mod[i].mod_start-mod[0].mod_start)); > > > +#else > > > +#error Architecture unsupported by XSM > > > +#endif > > > > This is unacceptable, please make it fail gracefully on non-x86. > > Indeed, it looks like this logic is outdated. This was based on some > older code from ACM. The attached patch addresses this issue. Thanks! Alex -- Alex Williamson HP Open Source & Linux Org.