From patchwork Tue Mar 15 17:56:48 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
X-Patchwork-Id: 8591321
Return-Path: <xen-devel-bounces@lists.xen.org>
X-Original-To: patchwork-xen-devel@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork1.web.kernel.org (Postfix) with ESMTP id AA35D9F294
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Tue, 15 Mar 2016 18:03:13 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id CD14920304
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Tue, 15 Mar 2016 18:03:06 +0000 (UTC)
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id A7D6F2021F
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Tue, 15 Mar 2016 18:03:04 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <xen-devel-bounces@lists.xen.org>)
	id 1aftGl-0001PH-M7; Tue, 15 Mar 2016 18:00:35 +0000
Received: from mail6.bemta14.messagelabs.com ([193.109.254.103])
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <konrad@char.us.oracle.com>) id 1aftGk-0001Il-8W
	for xen-devel@lists.xenproject.org; Tue, 15 Mar 2016 18:00:34 +0000
Received: from [193.109.254.147] by server-4.bemta-14.messagelabs.com id
	C9/E7-03301-1CD48E65; Tue, 15 Mar 2016 18:00:33 +0000
X-Env-Sender: konrad@char.us.oracle.com
X-Msg-Ref: server-4.tower-27.messagelabs.com!1458064831!30491105!1
X-Originating-IP: [141.146.126.69]
X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor:
	VHJ1c3RlZCBJUDogMTQxLjE0Ni4xMjYuNjkgPT4gMjc3MjE4\n
X-StarScan-Received: 
X-StarScan-Version: 8.11; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 61742 invoked from network); 15 Mar 2016 18:00:32 -0000
Received: from aserp1040.oracle.com (HELO aserp1040.oracle.com)
	(141.146.126.69)
	by server-4.tower-27.messagelabs.com with DHE-RSA-AES256-GCM-SHA384
	encrypted SMTP; 15 Mar 2016 18:00:32 -0000
Received: from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234])
	by aserp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2)
	with ESMTP id u2FI0OOF026815
	(version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK);
	Tue, 15 Mar 2016 18:00:24 GMT
Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235])
	by aserv0022.oracle.com (8.13.8/8.13.8) with ESMTP id
	u2FI0O54014046
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL);
	Tue, 15 Mar 2016 18:00:24 GMT
Received: from abhmp0003.oracle.com (abhmp0003.oracle.com [141.146.116.9])
	by aserv0121.oracle.com (8.13.8/8.13.8) with ESMTP id u2FI0OGv010511;
	Tue, 15 Mar 2016 18:00:24 GMT
Received: from char.us.oracle.com (/10.137.176.158)
	by default (Oracle Beehive Gateway v4.0)
	with ESMTP ; Tue, 15 Mar 2016 11:00:23 -0700
Received: by char.us.oracle.com (Postfix, from userid 1000)
	id 630A46A00EB; Tue, 15 Mar 2016 13:59:52 -0400 (EDT)
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To: xen-devel@lists.xenproject.org, ross.lagerwall@citrix.com,
	konrad@kernel.org, andrew.cooper3@citrix.com, mpohlack@amazon.de,
	sasha.levin@oracle.com
Date: Tue, 15 Mar 2016 13:56:48 -0400
Message-Id: <1458064616-23101-27-git-send-email-konrad.wilk@oracle.com>
X-Mailer: git-send-email 2.5.0
In-Reply-To: <1458064616-23101-1-git-send-email-konrad.wilk@oracle.com>
References: <1458064616-23101-1-git-send-email-konrad.wilk@oracle.com>
X-Source-IP: aserv0022.oracle.com [141.146.126.234]
Cc: Wei Liu <wei.liu2@citrix.com>, Daniel De Graaf <dgdegra@tycho.nsa.gov>,
	Stefano Stabellini <stefano.stabellini@eu.citrix.com>,
	Ian Jackson <ian.jackson@eu.citrix.com>,
	Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Subject: [Xen-devel] [PATCH v4 26/34] HYPERCALL_version_op: Add
	VERSION_OP_build_id to retrieve build-id.
X-BeenThere: xen-devel@lists.xen.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xen.org>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: xen-devel-bounces@lists.xen.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, UNPARSEABLE_RELAY
	autolearn=unavailable version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

The VERSION_OP hypercall provides the flexibility to expose
the size of the build-id (so the callers can allocate the
proper size before trying to retrieve it). It also allows
in one nice swoop to retrieve the hypervisor build-id in the
provided buffer.

Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
---
Cc: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Cc: Ian Jackson <ian.jackson@eu.citrix.com>
Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Cc: Wei Liu <wei.liu2@citrix.com>
---
---
 tools/flask/policy/policy/modules/xen/xen.te |  4 ++--
 xen/common/kernel.c                          | 14 ++++++++++++++
 xen/include/public/version.h                 |  3 +++
 xen/xsm/flask/hooks.c                        |  3 +++
 xen/xsm/flask/policy/access_vectors          |  2 ++
 5 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/tools/flask/policy/policy/modules/xen/xen.te b/tools/flask/policy/policy/modules/xen/xen.te
index bac0c9e..e5eb666 100644
--- a/tools/flask/policy/policy/modules/xen/xen.te
+++ b/tools/flask/policy/policy/modules/xen/xen.te
@@ -82,7 +82,7 @@ allow dom0_t xen_t:version {
     xen_changeset xen_platform_parameters xen_get_features xen_pagesize
     xen_guest_handle xen_commandline
     version extraversion capabilities changeset platform_parameters
-    get_features pagesize guest_handle commandline
+    get_features pagesize guest_handle commandline build_id
 };
 
 allow dom0_t xen_t:mmu memorymap;
@@ -150,7 +150,7 @@ if (guest_writeconsole) {
 allow domain_type xen_t:xen2 pmu_use;
 
 # For normal guests all except XENVER_commandline, VERSION_OP_changeset,
-# and VERSION_OP_commandline
+# VERSION_OP_commandline, and VERSION_OP_build_info
 allow domain_type xen_t:version {
     xen_version xen_extraversion xen_compile_info xen_capabilities
     xen_changeset xen_platform_parameters xen_get_features xen_pagesize
diff --git a/xen/common/kernel.c b/xen/common/kernel.c
index f06b3d9..96d08ed 100644
--- a/xen/common/kernel.c
+++ b/xen/common/kernel.c
@@ -390,6 +390,7 @@ DO(xen_version)(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
             return -EFAULT;
         return 0;
     }
+
     }
 
     return -ENOSYS;
@@ -455,6 +456,13 @@ static int size_of_subops_data(unsigned int cmd, ssize_t *sz)
         *sz = ARRAY_SIZE(saved_cmdline);
         break;
 
+    case XEN_VERSION_OP_build_id:
+    {
+        const void *p;
+        rc = xen_build_id(&p, sz);
+        break;
+    }
+
     default:
         rc = -ENOSYS;
     }
@@ -549,6 +557,12 @@ DO(version_op)(unsigned int cmd, XEN_GUEST_HANDLE_PARAM(void) arg,
         ptr = saved_cmdline;
         break;
 
+    case XEN_VERSION_OP_build_id:
+    {
+        rc = xen_build_id(&ptr, &sz);
+        break;
+    }
+
     default:
         rc = -ENOSYS;
     }
diff --git a/xen/include/public/version.h b/xen/include/public/version.h
index 4ceb97b..ca0ffca 100644
--- a/xen/include/public/version.h
+++ b/xen/include/public/version.h
@@ -157,6 +157,9 @@ DEFINE_XEN_GUEST_HANDLE(xen_version_op_buf_t);
 /* arg = version_op_buf */
 #define XEN_VERSION_OP_commandline 9
 
+/* arg = version_op_buf */
+#define XEN_VERSION_OP_build_id 10
+
 #endif /* __XEN_PUBLIC_VERSION_H__ */
 
 /*
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index fb5cc4a..29debc4 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1701,6 +1701,9 @@ static int flask_version_op (uint32_t op)
     case XEN_VERSION_OP_commandline:
         return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_VERSION,
                             VERSION__COMMANDLINE, NULL);
+    case XEN_VERSION_OP_build_id:
+        return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_VERSION,
+                            VERSION__BUILD_ID, NULL);
     default:
         return -EPERM;
     }
diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/access_vectors
index a227f88..5ff47c2 100644
--- a/xen/xsm/flask/policy/access_vectors
+++ b/xen/xsm/flask/policy/access_vectors
@@ -544,4 +544,6 @@ class version
     guest_handle
 # Xen command line.
     commandline
+# Build id of the hypervisor
+    build_id
 }