xsm: Add security labels to event-channel dump

In FLASK, event channel labels are distinct from the labels of the
domain using them. When debugging policy issues, it is useful to be
able to view the current label of event channels; add this label to
the event channel dump.

This patch also adds the IRQ associated with a PIRQ for event channels
bound to a PIRQ, and moves the xen_consumer flag to the front to
create more consistent alignment in the output.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Committed-by: Keir Fraser <keir@xen.org>

diff --git a/xen/common/event_channel.c b/xen/common/event_channel.c
index f784254daf75f2ed3a6214a50a0d33341e61ba95..989ebae1338edb59fd455d550a15f10999bfa50c 100644 (file)
--- a/xen/common/event_channel.c
+++ b/xen/common/event_channel.c
@@ -1256,6 +1256,7 @@ void evtchn_move_pirqs(struct vcpu *v)
 static void domain_dump_evtchn_info(struct domain *d)
 {
     unsigned int port;
+    int irq;
 
     bitmap_scnlistprintf(keyhandler_scratch, sizeof(keyhandler_scratch),
                          d->poll_mask, d->max_vcpus);
@@ -1268,6 +1269,7 @@ static void domain_dump_evtchn_info(struct domain *d)
     for ( port = 1; port < MAX_EVTCHNS(d); ++port )
     {
         const struct evtchn *chn;
+        char *ssid;
 
         if ( !port_is_valid(d, port) )
             continue;
@@ -1275,11 +1277,12 @@ static void domain_dump_evtchn_info(struct domain *d)
         if ( chn->state == ECS_FREE )
             continue;
 
-        printk("    %4u [%d/%d]: s=%d n=%d",
+        printk("    %4u [%d/%d]: s=%d n=%d x=%d",
                port,
                !!test_bit(port, &shared_info(d, evtchn_pending)),
                !!test_bit(port, &shared_info(d, evtchn_mask)),
-               chn->state, chn->notify_vcpu_id);
+               chn->state, chn->notify_vcpu_id, chn->xen_consumer);
+
         switch ( chn->state )
         {
         case ECS_UNBOUND:
@@ -1291,13 +1294,21 @@ static void domain_dump_evtchn_info(struct domain *d)
                    chn->u.interdomain.remote_port);
             break;
         case ECS_PIRQ:
-            printk(" p=%d", chn->u.pirq.irq);
+            irq = domain_pirq_to_irq(d, chn->u.pirq.irq);
+            printk(" p=%d i=%d", chn->u.pirq.irq, irq);
             break;
         case ECS_VIRQ:
             printk(" v=%d", chn->u.virq);
             break;
         }
-        printk(" x=%d\n", chn->xen_consumer);
+
+        ssid = xsm_show_security_evtchn(d, chn);
+        if (ssid) {
+            printk(" Z=%s\n", ssid);
+            xfree(ssid);
+        } else {
+            printk("\n");
+        }
     }
 
     spin_unlock(&d->event_lock);

diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index e3cae602c93a8b1148449a72ad48edb6e0cefc4d..92204b32883009b8206afe0618895584c89a96e5 100644 (file)
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -99,6 +99,7 @@ struct xsm_operations {
     void (*free_security_domain) (struct domain *d);
     int (*alloc_security_evtchn) (struct evtchn *chn);
     void (*free_security_evtchn) (struct evtchn *chn);
+    char *(*show_security_evtchn) (struct domain *d, const struct evtchn *chn);
 
     int (*get_pod_target) (struct domain *d);
     int (*set_pod_target) (struct domain *d);
@@ -424,6 +425,11 @@ static inline void xsm_free_security_evtchn (struct evtchn *chn)
     (void)xsm_call(free_security_evtchn(chn));
 }
 
+static inline char *xsm_show_security_evtchn (struct domain *d, const struct evtchn *chn)
+{
+    return xsm_call(show_security_evtchn(d, chn));
+}
+
 static inline int xsm_get_pod_target (struct domain *d)
 {
     return xsm_call(get_pod_target(d));

diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index d99f8860d1fedd16f17562e27824075e091ca7e8..fca9d7b5824e0a7b9fdd247ef26e79f80dd1867d 100644 (file)
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -290,6 +290,11 @@ static void dummy_free_security_evtchn (struct evtchn *chn)
     return;
 }
 
+static char *dummy_show_security_evtchn (struct domain *d, const struct evtchn *chn)
+{
+    return NULL;
+}
+
 static int dummy_test_assign_device (uint32_t machine_bdf)
 {
     return 0;
@@ -637,6 +642,7 @@ void xsm_fixup_ops (struct xsm_operations *ops)
     set_to_dummy_if_null(ops, free_security_domain);
     set_to_dummy_if_null(ops, alloc_security_evtchn);
     set_to_dummy_if_null(ops, free_security_evtchn);
+    set_to_dummy_if_null(ops, show_security_evtchn);
 
     set_to_dummy_if_null(ops, memory_adjust_reservation);
     set_to_dummy_if_null(ops, memory_stat_reservation);

diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 543dc77f1a4cfcf986c302377aa1359283ac8602..d207b1d1be2c4040df74fcaa392ea36e78142e2b 100644 (file)
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -274,6 +274,35 @@ static void flask_free_security_evtchn(struct evtchn *chn)
     xfree(esec);
 }
 
+static char *flask_show_security_evtchn(struct domain *d, const struct evtchn *chn)
+{
+    struct evtchn_security_struct *esec;
+    int irq;
+    u32 sid = 0;
+    char *ctx;
+    u32 ctx_len;
+
+    switch ( chn->state )
+    {
+    case ECS_UNBOUND:
+    case ECS_INTERDOMAIN:
+        esec = chn->ssid;
+        if ( esec )
+            sid = esec->sid;
+        break;
+    case ECS_PIRQ:
+        irq = domain_pirq_to_irq(d, chn->u.pirq.irq);
+        if (irq)
+            security_irq_sid(irq, &sid);
+        break;
+    }
+    if ( !sid )
+        return NULL;
+    if (security_sid_to_context(sid, &ctx, &ctx_len))
+        return NULL;
+    return ctx;
+}
+
 static int flask_grant_mapref(struct domain *d1, struct domain *d2, 
                               uint32_t flags)
 {
@@ -1499,6 +1528,7 @@ static struct xsm_operations flask_ops = {
     .free_security_domain = flask_domain_free_security,
     .alloc_security_evtchn = flask_alloc_security_evtchn,
     .free_security_evtchn = flask_free_security_evtchn,
+    .show_security_evtchn = flask_show_security_evtchn,
 
     .get_pod_target = flask_get_pod_target,
     .set_pod_target = flask_set_pod_target,