From: Tim Deegan <tim@xen.org>
To: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Cc: keir@xen.org, ian.campbell@citrix.com, JBeulich@suse.com,
xen-devel@lists.xen.org
Subject: Re: [PATCH RFC 5/5] xen/xsm: include default hook action in name
Date: Tue, 27 Nov 2012 14:49:34 +0000 [thread overview]
Message-ID: <20121127144934.GD51942@ocelot.phlegethon.org> (raw)
In-Reply-To: <50AFA778.80008@tycho.nsa.gov>
At 11:42 -0500 on 23 Nov (1353670952), Daniel De Graaf wrote:
> This would not work for all the hooks, although it would work for most:
> domctl and mmu_update are both too complex for this type of hack, and
> console_io would need its #define moved back up to the source. For the
> other hooks, you would have to code in the domain arguments manually
> (sometimes current->domain is available, sometimes it's not) so it's not
> automatically an improvement in readability since you still have to look
> inside dummy.h to see what domain arguments are being checked.
Hrmn. Yes, I see.
> I think a solution similar to yours could work, although it's not as
> nice looking - use the constants in the source files but have them
> compiled out of the XSM hooks, and have the dummy ops include a
> compile-time assertion in the XSM-disabled case to verify that the
> constant passed in matches their implementation; something like:
>
> #define BUILD_ASSERT(x) if (!(x)) cause_linker_error_if_not_inlined_out()
> #ifdef XSM_ENABLE
> /* XSM_INLINE == empty; compiled in to dummy.c */
> #define XSM_DEFAULT_VOID void
> #define XSM_DEFAULT_ARG
> #define XSM_ASSERT_ACTION(action) xsm_default_t default = action
> #else
> /* XSM_INLINE == inline; compiled as a header */
> #define XSM_DEFAULT_VOID xsm_default_t default
> #define XSM_DEFAULT_ARG xsm_default_t default,
> #define XSM_ASSERT_ACTION(action) BUILD_ASSERT(default == action)
> #endif
>
> static XSM_INLINE int xsm_do_mca(XSM_DEFAULT_VOID)
> {
> XSM_ASSERT_ACTION(XSM_PRIV);
> return xsm_default_action(default, current->domain, NULL);
> }
So on an xsm-disabled build this checks that the action is the right one.
And if it's changed the author has to touch this file so will be more
likely to see that there is some other code to be changed. Nice.
The CPP gore is a bit unfortunate, but I think it's worth it (as long as
it gets a great big comment explaining how it should be used, of course!).
> static XSM_INLINE int xsm_unbind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind)
> {
> XSM_ASSERT_ACTION(XSM_HOOK);
> return xsm_default_action(default, current->domain, d);
> }
>
> Does this seem reasonable? It would force some level of compiler
> optimization to be used at all times, but I think that's already
> required due to GCC otherwise wasting lots of stack space.
Yes, even debug builds get -O1.
Tim.
prev parent reply other threads:[~2012-11-27 14:49 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-16 18:28 [PATCH v5] Merge IS_PRIV checks into XSM hooks Daniel De Graaf
2012-11-16 18:28 ` [PATCH 01/19] libxl: introduce XSM relabel on build Daniel De Graaf
2012-11-19 10:42 ` Ian Campbell
2012-11-20 16:38 ` Daniel De Graaf
2012-11-16 18:28 ` [PATCH 02/19] flask/policy: Add domain relabel example Daniel De Graaf
2012-11-19 10:46 ` Ian Campbell
2012-11-20 17:26 ` Daniel De Graaf
2012-11-16 18:28 ` [PATCH 03/19] arch/x86: add distinct XSM hooks for map/unmap Daniel De Graaf
2012-11-19 8:59 ` Jan Beulich
2012-11-19 14:53 ` Daniel De Graaf
2012-11-20 16:39 ` Jan Beulich
2012-11-16 18:28 ` [PATCH 04/19] xsm/flask: Add checks on the domain performing the set_target operation Daniel De Graaf
2012-11-16 18:28 ` [PATCH 05/19] xsm: Use the dummy XSM module if XSM is disabled Daniel De Graaf
2012-11-16 18:28 ` [PATCH 06/19] xen: use XSM instead of IS_PRIV where duplicated Daniel De Graaf
2012-11-19 9:08 ` Jan Beulich
2012-11-19 14:59 ` Daniel De Graaf
2012-11-19 15:43 ` Jan Beulich
2012-11-19 11:00 ` Ian Campbell
2012-11-19 15:16 ` Daniel De Graaf
2012-11-16 18:28 ` [PATCH 07/19] xen: avoid calling rcu_lock_*target_domain when an XSM hook exists Daniel De Graaf
2012-11-16 18:28 ` [PATCH 08/19] arch/x86: convert platform_hypercall to use XSM Daniel De Graaf
2012-11-16 18:28 ` [PATCH 09/19] xen: lock target domain in do_domctl common code Daniel De Graaf
2012-11-19 9:24 ` Jan Beulich
2012-11-19 15:20 ` Daniel De Graaf
2012-11-20 16:40 ` Jan Beulich
2012-11-20 16:44 ` Daniel De Graaf
2012-11-20 16:53 ` Jan Beulich
2012-11-16 18:28 ` [PATCH 10/19] xen: convert do_domctl to use XSM Daniel De Graaf
2012-11-16 18:28 ` [PATCH 11/19] xen: convert do_sysctl " Daniel De Graaf
2012-11-16 18:28 ` [PATCH 12/19] xsm/flask: add missing hooks Daniel De Graaf
2012-11-16 18:28 ` [PATCH 13/19] xsm/flask: add distinct SIDs for self/target access Daniel De Graaf
2012-11-16 18:28 ` [PATCH 14/19] arch/x86: Add missing mem_sharing XSM hooks Daniel De Graaf
2012-11-16 18:28 ` [PATCH 15/19] arch/x86: use XSM hooks for get_pg_owner access checks Daniel De Graaf
2012-11-16 18:28 ` [PATCH 16/19] xen: Add XSM hook for XENMEM_exchange Daniel De Graaf
2012-11-16 18:28 ` [PATCH 17/19] tmem: add XSM hooks Daniel De Graaf
2012-11-16 18:28 ` [PATCH 18/19] xen/arch/*: add struct domain parameter to arch_do_domctl Daniel De Graaf
2012-11-16 18:28 ` [PATCH 19/19] flask: move policy headers into hypervisor Daniel De Graaf
2012-11-19 9:45 ` [PATCH v5] Merge IS_PRIV checks into XSM hooks Jan Beulich
2012-11-19 10:26 ` Tim Deegan
2012-11-19 15:49 ` Daniel De Graaf
2012-11-19 21:28 ` [PATCH RFC 0/5] XSM hook renames and cleanup Daniel De Graaf
2012-11-19 21:28 ` [PATCH 1/5] Remove XSM_DEFAULT macro Daniel De Graaf
2012-11-19 21:28 ` [PATCH 2/5] xen: domctl XSM hook removal Daniel De Graaf
2012-11-19 21:28 ` [PATCH 3/5] xen: sysctl " Daniel De Graaf
2012-11-19 21:28 ` [PATCH 4/5] xen: platform_hypercall " Daniel De Graaf
2012-11-19 21:28 ` [PATCH RFC 5/5] xen/xsm: include default hook action in name Daniel De Graaf
2012-11-20 8:07 ` [PATCH RFC 0/5] XSM hook renames and cleanup Jan Beulich
2012-11-20 14:51 ` Daniel De Graaf
2012-11-20 14:51 ` [PATCH 1/5] Remove XSM_DEFAULT macro Daniel De Graaf
2012-11-20 14:51 ` [PATCH 2/5] xen: domctl XSM hook removal Daniel De Graaf
2012-11-20 15:15 ` Jan Beulich
2012-11-20 14:51 ` [PATCH 3/5] xen: sysctl " Daniel De Graaf
2012-11-20 15:25 ` Jan Beulich
2012-11-20 15:34 ` Daniel De Graaf
2012-11-20 14:51 ` [PATCH 4/5] xen: platform_hypercall " Daniel De Graaf
2012-11-20 14:51 ` [PATCH RFC 5/5] xen/xsm: include default hook action in name Daniel De Graaf
2012-11-22 16:57 ` Tim Deegan
2012-11-23 16:42 ` Daniel De Graaf
2012-11-27 14:49 ` Tim Deegan [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121127144934.GD51942@ocelot.phlegethon.org \
--to=tim@xen.org \
--cc=JBeulich@suse.com \
--cc=dgdegra@tycho.nsa.gov \
--cc=ian.campbell@citrix.com \
--cc=keir@xen.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).