Message ID | 20220214125127.17985-4-andrew.cooper3@citrix.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | x86: Support for CET Indirect Branch Tracking | expand |
On 2/14/22 07:50, Andrew Cooper wrote: > Declaring sideways like this is unsafe, because the compiler can't check that > the implementaton in flask_op.c still has the same type. > > Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> > --- > CC: Daniel De Graaf <dgdegra@tycho.nsa.gov> > CC: Daniel Smith <dpsmith@apertussolutions.com> > > v2: > * Rework in the face of no useful progress on the better fix. > --- > xen/xsm/flask/flask_op.c | 1 + > xen/xsm/flask/hooks.c | 4 +--- > xen/xsm/flask/private.h | 9 +++++++++ > 3 files changed, 11 insertions(+), 3 deletions(-) > create mode 100644 xen/xsm/flask/private.h > > diff --git a/xen/xsm/flask/flask_op.c b/xen/xsm/flask/flask_op.c > index 221ff00fd3cc..bb3bebc30e01 100644 > --- a/xen/xsm/flask/flask_op.c > +++ b/xen/xsm/flask/flask_op.c > @@ -21,6 +21,7 @@ > #include <avc_ss.h> > #include <objsec.h> > #include <conditional.h> > +#include "private.h" > > #define ret_t long > #define _copy_to_guest copy_to_guest > diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c > index 3b29f7fde372..6ff1be28e4a4 100644 > --- a/xen/xsm/flask/hooks.c > +++ b/xen/xsm/flask/hooks.c > @@ -36,6 +36,7 @@ > #include <avc_ss.h> > #include <objsec.h> > #include <conditional.h> > +#include "private.h" > > static u32 domain_sid(const struct domain *dom) > { > @@ -1742,9 +1743,6 @@ static int flask_argo_send(const struct domain *d, const struct domain *t) > > #endif > > -long do_flask_op(XEN_GUEST_HANDLE_PARAM(void) u_flask_op); > -int compat_flask_op(XEN_GUEST_HANDLE_PARAM(void) u_flask_op); > - > static const struct xsm_ops __initconstrel flask_ops = { > .security_domaininfo = flask_security_domaininfo, > .domain_create = flask_domain_create, > diff --git a/xen/xsm/flask/private.h b/xen/xsm/flask/private.h > new file mode 100644 > index 000000000000..73b0de87245a > --- /dev/null > +++ b/xen/xsm/flask/private.h > @@ -0,0 +1,9 @@ > +#ifndef XSM_FLASK_PRIVATE > +#define XSM_FLASK_PRIVATE > + > +#include <public/xen.h> > + > +long do_flask_op(XEN_GUEST_HANDLE_PARAM(void) u_flask_op); > +int compat_flask_op(XEN_GUEST_HANDLE_PARAM(void) u_flask_op); > + > +#endif /* XSM_FLASK_PRIVATE */ Reviewed-by: Daniel P. Smith <dpsmith@apertussolutions.com>
diff --git a/xen/xsm/flask/flask_op.c b/xen/xsm/flask/flask_op.c index 221ff00fd3cc..bb3bebc30e01 100644 --- a/xen/xsm/flask/flask_op.c +++ b/xen/xsm/flask/flask_op.c @@ -21,6 +21,7 @@ #include <avc_ss.h> #include <objsec.h> #include <conditional.h> +#include "private.h" #define ret_t long #define _copy_to_guest copy_to_guest diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index 3b29f7fde372..6ff1be28e4a4 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -36,6 +36,7 @@ #include <avc_ss.h> #include <objsec.h> #include <conditional.h> +#include "private.h" static u32 domain_sid(const struct domain *dom) { @@ -1742,9 +1743,6 @@ static int flask_argo_send(const struct domain *d, const struct domain *t) #endif -long do_flask_op(XEN_GUEST_HANDLE_PARAM(void) u_flask_op); -int compat_flask_op(XEN_GUEST_HANDLE_PARAM(void) u_flask_op); - static const struct xsm_ops __initconstrel flask_ops = { .security_domaininfo = flask_security_domaininfo, .domain_create = flask_domain_create, diff --git a/xen/xsm/flask/private.h b/xen/xsm/flask/private.h new file mode 100644 index 000000000000..73b0de87245a --- /dev/null +++ b/xen/xsm/flask/private.h @@ -0,0 +1,9 @@ +#ifndef XSM_FLASK_PRIVATE +#define XSM_FLASK_PRIVATE + +#include <public/xen.h> + +long do_flask_op(XEN_GUEST_HANDLE_PARAM(void) u_flask_op); +int compat_flask_op(XEN_GUEST_HANDLE_PARAM(void) u_flask_op); + +#endif /* XSM_FLASK_PRIVATE */
Declaring sideways like this is unsafe, because the compiler can't check that the implementaton in flask_op.c still has the same type. Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> --- CC: Daniel De Graaf <dgdegra@tycho.nsa.gov> CC: Daniel Smith <dpsmith@apertussolutions.com> v2: * Rework in the face of no useful progress on the better fix. --- xen/xsm/flask/flask_op.c | 1 + xen/xsm/flask/hooks.c | 4 +--- xen/xsm/flask/private.h | 9 +++++++++ 3 files changed, 11 insertions(+), 3 deletions(-) create mode 100644 xen/xsm/flask/private.h