From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Ross Lagerwall <ross.lagerwall@citrix.com>, xen-devel@lists.xen.org
Subject: Re: [XTF PATCH v3] Add a Live Patch privilege check test
Date: Mon, 21 Nov 2016 11:53:10 +0000 [thread overview]
Message-ID: <93e63c3e-92bb-e8ba-efb7-a24df30a090f@citrix.com> (raw)
In-Reply-To: <1479720262-29441-1-git-send-email-ross.lagerwall@citrix.com>
On 21/11/16 09:24, Ross Lagerwall wrote:
> Add a test to check that Live Patch operations cannot be called from an
> unprivileged domain.
>
> Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> and applied.
I made two very small adjustments.
> diff --git a/common/lib.c b/common/lib.c
> index 9dca3e3..0a2b311 100644
> --- a/common/lib.c
> +++ b/common/lib.c
> @@ -19,6 +19,21 @@ void __noreturn panic(const char *fmt, ...)
> arch_crash_hard();
> }
>
> +int xtf_probe_sysctl_interface_version(void)
> +{
> + int i;
> + xen_sysctl_t op = {0};
This breaks the build on Clang. Using { .cmd = 0 } instead is fine.
> +
> + for ( i = 0; i < 128; i++ )
> + {
> + op.interface_version = i;
> + if ( hypercall_sysctl(&op) != -EACCES )
> + return i;
> + }
> +
> + return -1;
> +}
> +
> /*
> * Local variables:
> * mode: C
> diff --git a/tests/livepatch-priv-check/Makefile b/tests/livepatch-priv-check/Makefile
> new file mode 100644
> index 0000000..e27b9da
> --- /dev/null
> +++ b/tests/livepatch-priv-check/Makefile
> @@ -0,0 +1,9 @@
> +include $(ROOT)/build/common.mk
> +
> +NAME := livepatch-priv-check
> +CATEGORY := functional
> +TEST-ENVS := $(ALL_ENVIRONMENTS)
I have dropped this down to pv32pae pv64 hvm32 hvm64
The hvm32pse and hvm32pae environments are an identical ABI to hvm32, so
there is no point testing them all. The multiple paging options for
32bit HVM guests is only useful for testing pagetable related code.
~Andrew
> +
> +obj-perenv += main.o
> +
> +include $(ROOT)/build/gen.mk
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
prev parent reply other threads:[~2016-11-21 11:53 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-21 9:24 [XTF PATCH v3] Add a Live Patch privilege check test Ross Lagerwall
2016-11-21 11:53 ` Andrew Cooper [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=93e63c3e-92bb-e8ba-efb7-a24df30a090f@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=ross.lagerwall@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).