From mboxrd@z Thu Jan  1 00:00:00 1970
From: Julien Grall <julien.grall@linaro.org>
Subject: Re: [PATCH v4 25/33] xen/xsm: Add helpers to check
 permission for device tree passthrough
Date: Tue, 31 Mar 2015 18:14:58 +0100
Message-ID: <551AD612.6070304@linaro.org>
References: <1426793399-6283-1-git-send-email-julien.grall@linaro.org>
	<1426793399-6283-26-git-send-email-julien.grall@linaro.org>
	<551AD586.1080203@tycho.nsa.gov>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
Received: from mail6.bemta5.messagelabs.com ([195.245.231.135])
	by lists.xen.org with esmtp (Exim 4.72)
	(envelope-from <julien.grall@linaro.org>) id 1YczlA-0008F3-4k
	for xen-devel@lists.xenproject.org; Tue, 31 Mar 2015 17:15:28 +0000
Received: by wgoe14 with SMTP id e14so26570049wgo.0
	for <xen-devel@lists.xenproject.org>;
	Tue, 31 Mar 2015 10:15:25 -0700 (PDT)
In-Reply-To: <551AD586.1080203@tycho.nsa.gov>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Daniel De Graaf <dgdegra@tycho.nsa.gov>, xen-devel@lists.xenproject.org
Cc: stefano.stabellini@citrix.com, tim@xen.org, ian.campbell@citrix.com
List-Id: xen-devel@lists.xenproject.org

Hi Daniel,

On 31/03/15 18:12, Daniel De Graaf wrote:
> On 03/19/2015 03:29 PM, Julien Grall wrote:
>> This is a follow-up of commit 525ee49 "xsm: add device tree labeling
>> support" which add support for device tree labelling in flask.
>>
>> Those helpers will be use latter when non-pci passthrough (i.e device
>> tree) will be added.
>>
>> Signed-off-by: Julien Grall <julien.grall@linaro.org>
> 
> Looks good to me with one assumption below.
> 
> Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
> 
> [...]
>> diff --git a/xen/xsm/flask/avc.c b/xen/xsm/flask/avc.c
>> index b1a4f8a..31bc702 100644
>> --- a/xen/xsm/flask/avc.c
>> +++ b/xen/xsm/flask/avc.c
>> @@ -600,6 +600,9 @@ void avc_audit(u32 ssid, u32 tsid, u16 tclass, u32
>> requested,
>>       case AVC_AUDIT_DATA_MEMORY:
>>           avc_printk(&buf, "pte=%#lx mfn=%#lx ", a->memory.pte,
>> a->memory.mfn);
>>           break;
>> +    case AVC_AUDIT_DATA_DTDEV:
>> +        avc_printk(&buf, "dtdevice=%s ", a->dtdev);
>> +        break;
>>       }
>>
>>       avc_dump_query(&buf, ssid, tsid, tclass);
> 
> This output could be end up being ambiguous if a device tree path can
> contain
> spaces.  Am I correct in assuming that they are invalid in device tree
> paths?

Correct.

Thanks,

-- 
Julien Grall