ACM: Test sharing as part of the authorization check.

Protected the policy from being changed while the hooks are being
called.

Signed-off-by: Stefan Berger <stefanb@us.ibm.com>

diff --git a/xen/include/xsm/acm/acm_hooks.h b/xen/include/xsm/acm/acm_hooks.h
index f3ca68fa01336cc82ce329158da30df74df05fa6..35ea144378bde99ba7f80f4103ef14ef37893e74 100644 (file)
--- a/xen/include/xsm/acm/acm_hooks.h
+++ b/xen/include/xsm/acm/acm_hooks.h
@@ -325,7 +325,7 @@ static inline int acm_authorization(ssidref_t ssidref1, ssidref_t ssidref2)
              acm_secondary_ops->authorization(ssidref1, ssidref2)) {
         return ACM_ACCESS_DENIED;
     } else
-        return ACM_ACCESS_PERMITTED;
+        return acm_sharing(ssidref1, ssidref2);
 }
 
 

diff --git a/xen/xsm/acm/acm_policy.c b/xen/xsm/acm/acm_policy.c
index 6f334effa81104aaaf730c037b0279952417d5f1..fce439c9fa92543625c85e123e37af2c704164d2 100644 (file)
--- a/xen/xsm/acm/acm_policy.c
+++ b/xen/xsm/acm/acm_policy.c
@@ -430,6 +430,9 @@ int
 acm_get_decision(ssidref_t ssidref1, ssidref_t ssidref2, u32 hook)
 {
     int ret = ACM_ACCESS_DENIED;
+
+    read_lock(&acm_bin_pol_rwlock);
+
     switch ( hook )
     {
 
@@ -447,6 +450,8 @@ acm_get_decision(ssidref_t ssidref1, ssidref_t ssidref2, u32 hook)
         break;
     }
 
+    read_unlock(&acm_bin_pol_rwlock);
+
     printkd("%s: ssid1=%x, ssid2=%x, decision=%s.\n",
             __func__, ssidref1, ssidref2,
             (ret == ACM_ACCESS_PERMITTED) ? "GRANTED" : "DENIED");