From mboxrd@z Thu Jan 1 00:00:00 1970 From: Daniel De Graaf Subject: Re: [PATCH v2 12/12] x86/altp2m: XSM hooks for altp2m HVM ops Date: Fri, 26 Jun 2015 15:24:00 -0400 Message-ID: <558DA6D0.9050702@tycho.nsa.gov> References: <1434999372-3688-1-git-send-email-edmund.h.white@intel.com> <1434999372-3688-13-git-send-email-edmund.h.white@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; Format="flowed" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1434999372-3688-13-git-send-email-edmund.h.white@intel.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Ed White , xen-devel@lists.xen.org Cc: Ravi Sahita , Wei Liu , Ian Jackson , Tim Deegan , Jan Beulich , Andrew Cooper , tlengyel@novetta.com List-Id: xen-devel@lists.xenproject.org On 06/22/2015 02:56 PM, Ed White wrote: > From: Ravi Sahita > > Signed-off-by: Ravi Sahita One comment, below. [...] > diff --git a/tools/flask/policy/policy/modules/xen/xen.if b/tools/flask/policy/policy/modules/xen/xen.if > index f4cde11..c95109f 100644 > --- a/tools/flask/policy/policy/modules/xen/xen.if > +++ b/tools/flask/policy/policy/modules/xen/xen.if > @@ -8,7 +8,7 @@ > define(`declare_domain_common', ` > allow $1 $2:grant { query setup }; > allow $1 $2:mmu { adjust physmap map_read map_write stat pinpage updatemp mmuext_op }; > - allow $1 $2:hvm { getparam setparam }; > + allow $1 $2:hvm { getparam setparam altp2mhvm altp2mhvm_op }; > allow $1 $2:domain2 get_vnumainfo; > ') This allows any domain to enable altp2m on itself; I think you meant to only allow altp2mhvm_op here, requiring a privileged domain to first enable the feature on a domain before anyone can use it. Otherwise, this looks good, although if patch #10 is changed to expose a single subop, the altp2mhvm_op XSM checks will need to be relocated. -- Daniel De Graaf National Security Agency