From mboxrd@z Thu Jan 1 00:00:00 1970 From: Daniel De Graaf Subject: Re: [RFC 09/14] xen/xsm: flask: MSI is PCI specific Date: Thu, 13 Mar 2014 10:34:00 -0400 Message-ID: <5321C1D8.6080306@tycho.nsa.gov> References: <1394640969-25583-1-git-send-email-julien.grall@linaro.org> <1394640969-25583-10-git-send-email-julien.grall@linaro.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; Format="flowed" Content-Transfer-Encoding: 7bit Return-path: Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WO6ia-00069v-Tg for xen-devel@lists.xenproject.org; Thu, 13 Mar 2014 14:34:45 +0000 In-Reply-To: <1394640969-25583-10-git-send-email-julien.grall@linaro.org> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Julien Grall , xen-devel@lists.xenproject.org Cc: stefano.stabellini@citrix.com, tim@xen.org, ian.campbell@citrix.com List-Id: xen-devel@lists.xenproject.org On 03/12/2014 12:16 PM, Julien Grall wrote: > MSI is not yet support on ARM and will break the compilation when XSM_ENABLE=y. > > Signed-off-by: Julien Grall > Cc: Daniel De Graaf I am assuming that IRQs on ARM are generally allocated in a static manner for a given board, so that a security policy based on their numeric values would be effective. If IRQs above nr_static_irqs are dynamic as on x86, it may be necessary to resolve them in some way. Since this resolution would naturally be split into a separate patch, in either case this patch is Acked-by: Daniel De Graaf > --- > xen/xsm/flask/hooks.c | 72 +++++++++++++++++++++++++++++++++++-------------- > 1 file changed, 52 insertions(+), 20 deletions(-) > > diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c > index 65343f3..56c7645 100644 > --- a/xen/xsm/flask/hooks.c > +++ b/xen/xsm/flask/hooks.c > @@ -19,7 +19,9 @@ > #include > #include > #include > +#ifdef HAS_PCI > #include > +#endif > #include > #include > #include > @@ -100,7 +102,6 @@ static int domain_has_xen(struct domain *d, u32 perms) > > static int get_irq_sid(int irq, u32 *sid, struct avc_audit_data *ad) > { > - struct irq_desc *desc = irq_to_desc(irq); > if ( irq >= nr_irqs || irq < 0 ) > return -EINVAL; > if ( irq < nr_static_irqs ) { > @@ -110,15 +111,21 @@ static int get_irq_sid(int irq, u32 *sid, struct avc_audit_data *ad) > } > return security_irq_sid(irq, sid); > } > - if ( desc->msi_desc && desc->msi_desc->dev ) { > - struct pci_dev *dev = desc->msi_desc->dev; > - u32 sbdf = (dev->seg << 16) | (dev->bus << 8) | dev->devfn; > - if (ad) { > - AVC_AUDIT_DATA_INIT(ad, DEV); > - ad->device = sbdf; > +#ifdef HAS_PCI > + { > + struct irq_desc *desc = irq_to_desc(irq); > + if ( desc->msi_desc && desc->msi_desc->dev ) { > + struct pci_dev *dev = desc->msi_desc->dev; > + u32 sbdf = (dev->seg << 16) | (dev->bus << 8) | dev->devfn; > + if (ad) { > + AVC_AUDIT_DATA_INIT(ad, DEV); > + ad->device = sbdf; > + } > + return security_device_sid(sbdf, sid); > } > - return security_device_sid(sbdf, sid); > } > +#endif > + > if (ad) { > AVC_AUDIT_DATA_INIT(ad, IRQ); > ad->irq = irq; > @@ -825,21 +832,34 @@ static int flask_map_domain_pirq (struct domain *d) > return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); > } > > +static int flask_map_domain_msi (struct domain *d, int irq, void *data, > + u32 *sid, struct avc_audit_data *ad) > +{ > +#ifdef HAS_PCI > + struct msi_info *msi = data; > + > + u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn; > + AVC_AUDIT_DATA_INIT(ad, DEV); > + ad->device = machine_bdf; > + > + return security_device_sid(machine_bdf, sid); > +#else > + return -EINVAL; > +#endif > +} > + > static int flask_map_domain_irq (struct domain *d, int irq, void *data) > { > u32 sid, dsid; > int rc = -EPERM; > - struct msi_info *msi = data; > struct avc_audit_data ad; > > - if ( irq >= nr_static_irqs && msi ) { > - u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn; > - AVC_AUDIT_DATA_INIT(&ad, DEV); > - ad.device = machine_bdf; > - rc = security_device_sid(machine_bdf, &sid); > + if ( irq >= nr_static_irqs && data ) { > + rc = flask_map_domain_msi(d, irq, data, &sid, &ad); > } else { > rc = get_irq_sid(irq, &sid, &ad); > } > + > if ( rc ) > return rc; > > @@ -858,18 +878,30 @@ static int flask_unmap_domain_pirq (struct domain *d) > return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); > } > > +static int flask_unmap_domain_msi (struct domain *d, int irq, void *data, > + u32 *sid, struct avc_audit_data *ad) > +{ > +#ifdef HAS_PCI > + struct msi_info *msi = data; > + u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn; > + > + AVC_AUDIT_DATA_INIT(ad, DEV); > + ad->device = machine_bdf; > + > + return security_device_sid(machine_bdf, sid); > +#else > + return -EINVAL; > +#endif > +} > + > static int flask_unmap_domain_irq (struct domain *d, int irq, void *data) > { > u32 sid; > int rc = -EPERM; > - struct msi_info *msi = data; > struct avc_audit_data ad; > > - if ( irq >= nr_static_irqs && msi ) { > - u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn; > - AVC_AUDIT_DATA_INIT(&ad, DEV); > - ad.device = machine_bdf; > - rc = security_device_sid(machine_bdf, &sid); > + if ( irq >= nr_static_irqs && data ) { > + rc = flask_unmap_domain_msi(d, irq, data, &sid, &ad); > } else { > rc = get_irq_sid(irq, &sid, &ad); > } > -- Daniel De Graaf National Security Agency