Re: [PATCH v8 1/8] public / x86: Introduce __HYPERCALL_dm_op...

[Boris Ostrovsky <boris.ostrovsky@oracle.com>]

On 01/24/2017 10:27 AM, Paul Durrant wrote:
> ...as a set of hypercalls to be used by a device model.
>
> As stated in the new docs/designs/dm_op.markdown:
>
> "The aim of DMOP is to prevent a compromised device model from
> compromising domains other then the one it is associated with. (And is
> therefore likely already compromised)."
>
> See that file for further information.
>
> This patch simply adds the boilerplate for the hypercall.
>
> Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
> Suggested-by: Ian Jackson <ian.jackson@citrix.com>
> Suggested-by: Jennifer Herbert <jennifer.herbert@citrix.com>
> Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
> Acked-by: Wei Liu <wei.liu2@citrix.com>
> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>

This patch (and possibly others in the series) break FLASK-enabled build.

First, this

> diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
> index 95460af..b206f5a 100644
> --- a/xen/include/xsm/dummy.h
> +++ b/xen/include/xsm/dummy.h
> @@ -727,6 +727,12 @@ static XSM_INLINE int xsm_pmu_op (XSM_DEFAULT_ARG struct domain *d, unsigned int
>      }
>  }
>  
> +static XSM_INLINE int xsm_dm_op(XSM_DEFAULT_ARG struct domain *d)
> +{
> +    XSM_ASSERT_ACTION(XSM_DM_PRIV);
> +    return xsm_default_action(action, current->domain, d);
> +}
> +
>

generates

/home/build/xtt-x86_64/bootstrap/xen.git/xen/include/xsm/dummy.h:700:
error: ‘xsm_dm_op’ defined but not used

and I think needs

diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 1f659c7..3cb5492 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -156,6 +156,7 @@ void __init xsm_fixup_ops (struct xsm_operations *ops)
     set_to_dummy_if_null(ops, ioport_permission);
     set_to_dummy_if_null(ops, ioport_mapping);
     set_to_dummy_if_null(ops, pmu_op);
+    set_to_dummy_if_null(ops, dm_op);
 #endif
     set_to_dummy_if_null(ops, xen_version);
 }


And then

make[4]: Entering directory
`/home/build/xtt-x86_64/bootstrap/xen.git/xen/xsm/flask'
gcc -m64 -DBUILD_ID -fno-strict-aliasing -std=gnu99 -Wall
-Wstrict-prototypes -Wdeclaration-after-statement
-Wno-unused-but-set-variable   -O1 -nostdinc -fno-builtin -fno-common
-Werror -Wredundant-decls -Wno-pointer-arith -pipe -g -D__XEN__ -include
/home/build/xtt-x86_64/bootstrap/xen.git/xen/include/xen/config.h
'-D__OBJECT_FILE__="hooks.o"' -Wa,--strip-local-absolute
-fno-omit-frame-pointer -MMD -MF ./.hooks.o.d
-I/home/build/xtt-x86_64/bootstrap/xen.git/xen/include
-I/home/build/xtt-x86_64/bootstrap/xen.git/xen/include/asm-x86/mach-generic
-I/home/build/xtt-x86_64/bootstrap/xen.git/xen/include/asm-x86/mach-default
'-D__OBJECT_LABEL__=xsm$flask$hooks.o' -msoft-float -fno-stack-protector
-fno-exceptions -Wnested-externs -DHAVE_GAS_VMX -DHAVE_GAS_SSE4_2
-DHAVE_GAS_EPT -mno-red-zone -mno-sse -fpic
-fno-asynchronous-unwind-tables -DGCC_HAS_VISIBILITY_ATTRIBUTE
-I./include -c hooks.c -o hooks.o
hooks.c: In function ‘flask_dm_op’:
hooks.c:1613: error: ‘HVM__DM’ undeclared (first use in this function)
hooks.c:1613: error: (Each undeclared identifier is reported only once
hooks.c:1613: error: for each function it appears in.)
hooks.c: At top level:
hooks.c:1779: error: unknown field ‘hvm_set_pci_intx_level’ specified in
initializer
hooks.c:1779: error: ‘flask_hvm_set_pci_intx_level’ undeclared here (not
in a function)
hooks.c:1780: error: unknown field ‘hvm_set_isa_irq_level’ specified in
initializer
hooks.c:1780: error: ‘flask_hvm_set_isa_irq_level’ undeclared here (not
in a function)
hooks.c:1781: error: unknown field ‘hvm_set_pci_link_route’ specified in
initializer
hooks.c:1781: error: ‘flask_hvm_set_pci_link_route’ undeclared here (not
in a function)
make[4]: *** [hooks.o] Error 1


-boris

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel