The PHYSDEVOP_alloc_irq_vector hypercall is a noop, so its XSM check is
not useful. Remove it and the "event vector" FLASK permission.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
---
tools/flask/policy/policy/flask/access_vectors | 1 -
tools/flask/policy/policy/modules/xen/xen.if | 1 -
tools/flask/policy/policy/modules/xen/xen.te | 1 -
xen/arch/x86/physdev.c | 4 ----
xen/include/xsm/xsm.h | 6 ------
xen/xsm/dummy.c | 6 ------
xen/xsm/flask/hooks.c | 13 -------------
xen/xsm/flask/include/av_perm_to_string.h | 3 +--
xen/xsm/flask/include/av_permissions.h | 3 +--
9 files changed, 2 insertions(+), 36 deletions(-)
diff --git a/tools/flask/policy/policy/flask/access_vectors b/tools/flask/policy/policy/flask/access_vectors
index 9d09c5b..1b2687a 100644
--- a/tools/flask/policy/policy/flask/access_vectors
+++ b/tools/flask/policy/policy/flask/access_vectors
@@ -100,7 +100,6 @@ class event
status
notify
create
- vector
reset
}
diff --git a/tools/flask/policy/policy/modules/xen/xen.if b/tools/flask/policy/policy/modules/xen/xen.if
index bf3b794..d12af74 100644
--- a/tools/flask/policy/policy/modules/xen/xen.if
+++ b/tools/flask/policy/policy/modules/xen/xen.if
@@ -67,7 +67,6 @@ define(`create_channel', `
###############################################################################
define(`create_passthrough_resource', `
type $3, resource_type;
- allow $1 $3:event vector;
allow $1 $2:resource {add remove};
allow $1 ioport_t:resource {add_ioport use};
allow $1 iomem_t:resource {add_iomem use};
diff --git a/tools/flask/policy/policy/modules/xen/xen.te b/tools/flask/policy/policy/modules/xen/xen.te
index d95a7da..8113467 100644
--- a/tools/flask/policy/policy/modules/xen/xen.te
+++ b/tools/flask/policy/policy/modules/xen/xen.te
@@ -31,7 +31,6 @@ scheduler physinfo heap quirk readconsole writeconsole settime microcode};
allow dom0_t domio_t:mmu {map_read map_write};
allow dom0_t iomem_t:mmu {map_read map_write};
-allow dom0_t pirq_t:event {vector};
allow dom0_t xen_t:mmu {memorymap};
allow dom0_t dom0_t:mmu {pinpage map_read map_write adjust updatemp};
diff --git a/xen/arch/x86/physdev.c b/xen/arch/x86/physdev.c
index cca56bb..5c7ab68 100644
--- a/xen/arch/x86/physdev.c
+++ b/xen/arch/x86/physdev.c
@@ -452,10 +452,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_HANDLE(void) arg)
if ( !IS_PRIV(v->domain) )
break;
- ret = xsm_assign_vector(v->domain, irq_op.irq);
- if ( ret )
- break;
-
/* Vector is only used by hypervisor, and dom0 shouldn't
touch it in its world, return irq_op.irq as the vecotr,
and make this hypercall dummy, and also defer the vector
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 1f70e87..82f510d 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -129,7 +129,6 @@ struct xsm_operations {
int (*hvm_set_pci_link_route) (struct domain *d);
int (*hvm_inject_msi) (struct domain *d);
int (*apic) (struct domain *d, int cmd);
- int (*assign_vector) (struct domain *d, uint32_t pirq);
int (*xen_settime) (void);
int (*memtype) (uint32_t access);
int (*microcode) (void);
@@ -535,11 +534,6 @@ static inline int xsm_apic (struct domain *d, int cmd)
return xsm_call(apic(d, cmd));
}
-static inline int xsm_assign_vector (struct domain *d, uint32_t pirq)
-{
- return xsm_call(assign_vector(d, pirq));
-}
-
static inline int xsm_xen_settime (void)
{
return xsm_call(xen_settime());
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 6536948..1b50d0e 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -345,11 +345,6 @@ static int dummy_apic (struct domain *d, int cmd)
return 0;
}
-static int dummy_assign_vector (struct domain *d, uint32_t pirq)
-{
- return 0;
-}
-
static int dummy_xen_settime (void)
{
return 0;
@@ -560,7 +555,6 @@ void xsm_fixup_ops (struct xsm_operations *ops)
set_to_dummy_if_null(ops, hvm_set_isa_irq_level);
set_to_dummy_if_null(ops, hvm_set_pci_link_route);
set_to_dummy_if_null(ops, apic);
- set_to_dummy_if_null(ops, assign_vector);
set_to_dummy_if_null(ops, xen_settime);
set_to_dummy_if_null(ops, memtype);
set_to_dummy_if_null(ops, microcode);
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 37b297e..97ae4d9 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -907,18 +907,6 @@ static int flask_apic(struct domain *d, int cmd)
return domain_has_xen(d, perm);
}
-static int flask_assign_vector(struct domain *d, uint32_t pirq)
-{
- u32 psid;
- struct domain_security_struct *dsec;
- dsec = d->ssid;
-
- if ( security_pirq_sid(pirq, &psid) )
- return -EPERM;
-
- return avc_has_perm(dsec->sid, psid, SECCLASS_EVENT, EVENT__VECTOR, NULL);
-}
-
static int flask_xen_settime(void)
{
return domain_has_xen(current->domain, XEN__SETTIME);
@@ -1306,7 +1294,6 @@ static struct xsm_operations flask_ops = {
.hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level,
.hvm_set_pci_link_route = flask_hvm_set_pci_link_route,
.apic = flask_apic,
- .assign_vector = flask_assign_vector,
.xen_settime = flask_xen_settime,
.memtype = flask_memtype,
.microcode = flask_microcode,
diff --git a/xen/xsm/flask/include/av_perm_to_string.h b/xen/xsm/flask/include/av_perm_to_string.h
index c32488e..70aa02d 100644
--- a/xen/xsm/flask/include/av_perm_to_string.h
+++ b/xen/xsm/flask/include/av_perm_to_string.h
@@ -56,18 +56,17 @@
S_(SECCLASS_HVM, HVM__GETHVMC, "gethvmc")
S_(SECCLASS_HVM, HVM__SETPARAM, "setparam")
S_(SECCLASS_HVM, HVM__GETPARAM, "getparam")
- S_(SECCLASS_HVM, HVM__TRACKDIRTYVRAM, "trackdirtyvram")
S_(SECCLASS_HVM, HVM__PCILEVEL, "pcilevel")
S_(SECCLASS_HVM, HVM__IRQLEVEL, "irqlevel")
S_(SECCLASS_HVM, HVM__PCIROUTE, "pciroute")
S_(SECCLASS_HVM, HVM__BIND_IRQ, "bind_irq")
S_(SECCLASS_HVM, HVM__CACHEATTR, "cacheattr")
+ S_(SECCLASS_HVM, HVM__TRACKDIRTYVRAM, "trackdirtyvram")
S_(SECCLASS_EVENT, EVENT__BIND, "bind")
S_(SECCLASS_EVENT, EVENT__SEND, "send")
S_(SECCLASS_EVENT, EVENT__STATUS, "status")
S_(SECCLASS_EVENT, EVENT__NOTIFY, "notify")
S_(SECCLASS_EVENT, EVENT__CREATE, "create")
- S_(SECCLASS_EVENT, EVENT__VECTOR, "vector")
S_(SECCLASS_EVENT, EVENT__RESET, "reset")
S_(SECCLASS_GRANT, GRANT__MAP_READ, "map_read")
S_(SECCLASS_GRANT, GRANT__MAP_WRITE, "map_write")
diff --git a/xen/xsm/flask/include/av_permissions.h b/xen/xsm/flask/include/av_permissions.h
index f5dcc6f..4c2ffb6 100644
--- a/xen/xsm/flask/include/av_permissions.h
+++ b/xen/xsm/flask/include/av_permissions.h
@@ -70,8 +70,7 @@
#define EVENT__STATUS 0x00000004UL
#define EVENT__NOTIFY 0x00000008UL
#define EVENT__CREATE 0x00000010UL
-#define EVENT__VECTOR 0x00000020UL
-#define EVENT__RESET 0x00000040UL
+#define EVENT__RESET 0x00000020UL
#define GRANT__MAP_READ 0x00000001UL
#define GRANT__MAP_WRITE 0x00000002UL
--
1.7.7.3
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
not useful. Remove it and the "event vector" FLASK permission.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
---
tools/flask/policy/policy/flask/access_vectors | 1 -
tools/flask/policy/policy/modules/xen/xen.if | 1 -
tools/flask/policy/policy/modules/xen/xen.te | 1 -
xen/arch/x86/physdev.c | 4 ----
xen/include/xsm/xsm.h | 6 ------
xen/xsm/dummy.c | 6 ------
xen/xsm/flask/hooks.c | 13 -------------
xen/xsm/flask/include/av_perm_to_string.h | 3 +--
xen/xsm/flask/include/av_permissions.h | 3 +--
9 files changed, 2 insertions(+), 36 deletions(-)
diff --git a/tools/flask/policy/policy/flask/access_vectors b/tools/flask/policy/policy/flask/access_vectors
index 9d09c5b..1b2687a 100644
--- a/tools/flask/policy/policy/flask/access_vectors
+++ b/tools/flask/policy/policy/flask/access_vectors
@@ -100,7 +100,6 @@ class event
status
notify
create
- vector
reset
}
diff --git a/tools/flask/policy/policy/modules/xen/xen.if b/tools/flask/policy/policy/modules/xen/xen.if
index bf3b794..d12af74 100644
--- a/tools/flask/policy/policy/modules/xen/xen.if
+++ b/tools/flask/policy/policy/modules/xen/xen.if
@@ -67,7 +67,6 @@ define(`create_channel', `
###############################################################################
define(`create_passthrough_resource', `
type $3, resource_type;
- allow $1 $3:event vector;
allow $1 $2:resource {add remove};
allow $1 ioport_t:resource {add_ioport use};
allow $1 iomem_t:resource {add_iomem use};
diff --git a/tools/flask/policy/policy/modules/xen/xen.te b/tools/flask/policy/policy/modules/xen/xen.te
index d95a7da..8113467 100644
--- a/tools/flask/policy/policy/modules/xen/xen.te
+++ b/tools/flask/policy/policy/modules/xen/xen.te
@@ -31,7 +31,6 @@ scheduler physinfo heap quirk readconsole writeconsole settime microcode};
allow dom0_t domio_t:mmu {map_read map_write};
allow dom0_t iomem_t:mmu {map_read map_write};
-allow dom0_t pirq_t:event {vector};
allow dom0_t xen_t:mmu {memorymap};
allow dom0_t dom0_t:mmu {pinpage map_read map_write adjust updatemp};
diff --git a/xen/arch/x86/physdev.c b/xen/arch/x86/physdev.c
index cca56bb..5c7ab68 100644
--- a/xen/arch/x86/physdev.c
+++ b/xen/arch/x86/physdev.c
@@ -452,10 +452,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_HANDLE(void) arg)
if ( !IS_PRIV(v->domain) )
break;
- ret = xsm_assign_vector(v->domain, irq_op.irq);
- if ( ret )
- break;
-
/* Vector is only used by hypervisor, and dom0 shouldn't
touch it in its world, return irq_op.irq as the vecotr,
and make this hypercall dummy, and also defer the vector
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 1f70e87..82f510d 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -129,7 +129,6 @@ struct xsm_operations {
int (*hvm_set_pci_link_route) (struct domain *d);
int (*hvm_inject_msi) (struct domain *d);
int (*apic) (struct domain *d, int cmd);
- int (*assign_vector) (struct domain *d, uint32_t pirq);
int (*xen_settime) (void);
int (*memtype) (uint32_t access);
int (*microcode) (void);
@@ -535,11 +534,6 @@ static inline int xsm_apic (struct domain *d, int cmd)
return xsm_call(apic(d, cmd));
}
-static inline int xsm_assign_vector (struct domain *d, uint32_t pirq)
-{
- return xsm_call(assign_vector(d, pirq));
-}
-
static inline int xsm_xen_settime (void)
{
return xsm_call(xen_settime());
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 6536948..1b50d0e 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -345,11 +345,6 @@ static int dummy_apic (struct domain *d, int cmd)
return 0;
}
-static int dummy_assign_vector (struct domain *d, uint32_t pirq)
-{
- return 0;
-}
-
static int dummy_xen_settime (void)
{
return 0;
@@ -560,7 +555,6 @@ void xsm_fixup_ops (struct xsm_operations *ops)
set_to_dummy_if_null(ops, hvm_set_isa_irq_level);
set_to_dummy_if_null(ops, hvm_set_pci_link_route);
set_to_dummy_if_null(ops, apic);
- set_to_dummy_if_null(ops, assign_vector);
set_to_dummy_if_null(ops, xen_settime);
set_to_dummy_if_null(ops, memtype);
set_to_dummy_if_null(ops, microcode);
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 37b297e..97ae4d9 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -907,18 +907,6 @@ static int flask_apic(struct domain *d, int cmd)
return domain_has_xen(d, perm);
}
-static int flask_assign_vector(struct domain *d, uint32_t pirq)
-{
- u32 psid;
- struct domain_security_struct *dsec;
- dsec = d->ssid;
-
- if ( security_pirq_sid(pirq, &psid) )
- return -EPERM;
-
- return avc_has_perm(dsec->sid, psid, SECCLASS_EVENT, EVENT__VECTOR, NULL);
-}
-
static int flask_xen_settime(void)
{
return domain_has_xen(current->domain, XEN__SETTIME);
@@ -1306,7 +1294,6 @@ static struct xsm_operations flask_ops = {
.hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level,
.hvm_set_pci_link_route = flask_hvm_set_pci_link_route,
.apic = flask_apic,
- .assign_vector = flask_assign_vector,
.xen_settime = flask_xen_settime,
.memtype = flask_memtype,
.microcode = flask_microcode,
diff --git a/xen/xsm/flask/include/av_perm_to_string.h b/xen/xsm/flask/include/av_perm_to_string.h
index c32488e..70aa02d 100644
--- a/xen/xsm/flask/include/av_perm_to_string.h
+++ b/xen/xsm/flask/include/av_perm_to_string.h
@@ -56,18 +56,17 @@
S_(SECCLASS_HVM, HVM__GETHVMC, "gethvmc")
S_(SECCLASS_HVM, HVM__SETPARAM, "setparam")
S_(SECCLASS_HVM, HVM__GETPARAM, "getparam")
- S_(SECCLASS_HVM, HVM__TRACKDIRTYVRAM, "trackdirtyvram")
S_(SECCLASS_HVM, HVM__PCILEVEL, "pcilevel")
S_(SECCLASS_HVM, HVM__IRQLEVEL, "irqlevel")
S_(SECCLASS_HVM, HVM__PCIROUTE, "pciroute")
S_(SECCLASS_HVM, HVM__BIND_IRQ, "bind_irq")
S_(SECCLASS_HVM, HVM__CACHEATTR, "cacheattr")
+ S_(SECCLASS_HVM, HVM__TRACKDIRTYVRAM, "trackdirtyvram")
S_(SECCLASS_EVENT, EVENT__BIND, "bind")
S_(SECCLASS_EVENT, EVENT__SEND, "send")
S_(SECCLASS_EVENT, EVENT__STATUS, "status")
S_(SECCLASS_EVENT, EVENT__NOTIFY, "notify")
S_(SECCLASS_EVENT, EVENT__CREATE, "create")
- S_(SECCLASS_EVENT, EVENT__VECTOR, "vector")
S_(SECCLASS_EVENT, EVENT__RESET, "reset")
S_(SECCLASS_GRANT, GRANT__MAP_READ, "map_read")
S_(SECCLASS_GRANT, GRANT__MAP_WRITE, "map_write")
diff --git a/xen/xsm/flask/include/av_permissions.h b/xen/xsm/flask/include/av_permissions.h
index f5dcc6f..4c2ffb6 100644
--- a/xen/xsm/flask/include/av_permissions.h
+++ b/xen/xsm/flask/include/av_permissions.h
@@ -70,8 +70,7 @@
#define EVENT__STATUS 0x00000004UL
#define EVENT__NOTIFY 0x00000008UL
#define EVENT__CREATE 0x00000010UL
-#define EVENT__VECTOR 0x00000020UL
-#define EVENT__RESET 0x00000040UL
+#define EVENT__RESET 0x00000020UL
#define GRANT__MAP_READ 0x00000001UL
#define GRANT__MAP_WRITE 0x00000002UL
--
1.7.7.3
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel