From mboxrd@z Thu Jan  1 00:00:00 1970
From: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Subject: Re: [PATCH v12 for-xen-4.5 12/20] x86/VPMU: Initialize
 PMU for PV(H) guests
Date: Fri, 26 Sep 2014 18:23:35 -0400
Message-ID: <5425E767.7010902@oracle.com>
References: <1411673336-32736-1-git-send-email-boris.ostrovsky@oracle.com>
	<1411673336-32736-13-git-send-email-boris.ostrovsky@oracle.com>
	<5425E5A6.4020503@tycho.nsa.gov>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <5425E5A6.4020503@tycho.nsa.gov>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Daniel De Graaf <dgdegra@tycho.nsa.gov>, jbeulich@suse.com, kevin.tian@intel.com, suravee.suthikulpanit@amd.com, Aravind.Gopalakrishnan@amd.com, dietmar.hahn@ts.fujitsu.com
Cc: andrew.cooper3@citrix.com, xen-devel@lists.xen.org, keir@xen.org, jun.nakajima@intel.com, tim@xen.org
List-Id: xen-devel@lists.xenproject.org

On 09/26/2014 06:16 PM, Daniel De Graaf wrote:
> On 09/25/2014 03:28 PM, Boris Ostrovsky wrote:
>> Code for initializing/tearing down PMU for PV guests
>>
>> Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
>> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
>
> With one minor comment tweak (below):
> Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
>
> [...]
>> diff --git a/xen/xsm/flask/policy/access_vectors 
>> b/xen/xsm/flask/policy/access_vectors
>> index 64c7378..36b69c6 100644
>> --- a/xen/xsm/flask/policy/access_vectors
>> +++ b/xen/xsm/flask/policy/access_vectors
>> @@ -83,6 +83,8 @@ class xen2
>>       get_symbol
>>   # PMU control
>>       pmu_ctrl
>> +# PMU use (anyone has access)
>> +    pmu_use
>
> This comment should refer to what the operation does (lets a domain use
> PMU - unprivileged operations only / operation on self only), not what
> the default policy is.  An administrator may decide not to let certain
> guests use PMU (because they are less trusted, or because they are stub
> domains that don't support it anyway), and in that case this comment
> would be misleading.

Right, the comment was meant to describe who will be using this operation.

Thanks.
-boris

>
>>   }
>>
>>   # Classes domain and domain2 consist of operations that a domain 
>> performs on
>>
>
>