Message ID | 1460000983-28170-19-git-send-email-konrad.wilk@oracle.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
On 07/04/16 04:49, Konrad Rzeszutek Wilk wrote: > The VERSION hypercall provides the flexibility to expose > the size of the build-id (so the callers can allocate the > proper size before trying to retrieve it). It also allows > in one nice swoop to retrieve the hypervisor build-id in the > provided buffer. > > Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> > Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> > Acked-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
diff --git a/tools/flask/policy/policy/modules/xen/xen.te b/tools/flask/policy/policy/modules/xen/xen.te index 68ef6de..9ad5953 100644 --- a/tools/flask/policy/policy/modules/xen/xen.te +++ b/tools/flask/policy/policy/modules/xen/xen.te @@ -81,6 +81,7 @@ allow dom0_t xen_t:version { xen_extraversion xen_compile_info xen_capabilities xen_changeset xen_pagesize xen_guest_handle xen_commandline extraversion capabilities changeset pagesize guest_handle commandline + build_id }; allow dom0_t xen_t:mmu memorymap; diff --git a/xen/common/kernel.c b/xen/common/kernel.c index af2674d..14e14ad 100644 --- a/xen/common/kernel.c +++ b/xen/common/kernel.c @@ -474,6 +474,10 @@ DO(version_op)(unsigned int cmd, XEN_GUEST_HANDLE_PARAM(void) arg, ptr = saved_cmdline; break; + case XEN_VERSION_build_id: + rc = xen_build_id(&ptr, &sz); + break; + default: rc = -ENOSYS; } diff --git a/xen/include/public/version.h b/xen/include/public/version.h index 78961c9..3f3238f 100644 --- a/xen/include/public/version.h +++ b/xen/include/public/version.h @@ -157,6 +157,9 @@ DEFINE_XEN_GUEST_HANDLE(xen_version_op_val_t); /* arg = char[]. Contains NUL terminated utf-8 string. */ #define XEN_VERSION_commandline 9 +/* arg = void. Contains binary value of hypervisor build-id. */ +#define XEN_VERSION_build_id 10 + #endif /* __XEN_PUBLIC_VERSION_H__ */ /* diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index 3ef0441..f3a2160 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1693,6 +1693,9 @@ static int flask_version_op (uint32_t op) case XEN_VERSION_commandline: return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_VERSION, VERSION__COMMANDLINE, NULL); + case XEN_VERSION_build_id: + return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_VERSION, + VERSION__BUILD_ID, NULL); default: return -EPERM; } diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/access_vectors index 1c59b58..6e7888c 100644 --- a/xen/xsm/flask/policy/access_vectors +++ b/xen/xsm/flask/policy/access_vectors @@ -536,4 +536,6 @@ class version guest_handle # Xen command line. commandline +# Build id of the hypervisor + build_id }