From: Boris Ostrovsky Date: Thu, 9 Jul 2015 11:27:52 +0000 (+0200) Subject: common/symbols: export hypervisor symbols to privileged guest X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~2877 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=a05d39009fa9929f985bf56c4d17d298ee5da42a;p=xen.git common/symbols: export hypervisor symbols to privileged guest Export Xen's symbols as {
} triplet via new XENPF_get_symbol hypercall Signed-off-by: Boris Ostrovsky Acked-by: Daniel De Graaf Reviewed-by: Konrad Rzeszutek Wilk Reviewed-by: Dietmar Hahn Tested-by: Dietmar Hahn --- diff --git a/xen/arch/x86/platform_hypercall.c b/xen/arch/x86/platform_hypercall.c index 334d4742a9..76262617cf 100644 --- a/xen/arch/x86/platform_hypercall.c +++ b/xen/arch/x86/platform_hypercall.c @@ -23,6 +23,7 @@ #include #include #include +#include #include #include #include @@ -798,6 +799,33 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PARAM(xen_platform_op_t) u_xenpf_op) } break; + case XENPF_get_symbol: + { + static char name[KSYM_NAME_LEN + 1]; /* protected by xenpf_lock */ + XEN_GUEST_HANDLE(char) nameh; + uint32_t namelen, copylen; + + guest_from_compat_handle(nameh, op->u.symdata.name); + + ret = xensyms_read(&op->u.symdata.symnum, &op->u.symdata.type, + &op->u.symdata.address, name); + + namelen = strlen(name) + 1; + + if ( namelen > op->u.symdata.namelen ) + copylen = op->u.symdata.namelen; + else + copylen = namelen; + + op->u.symdata.namelen = namelen; + + if ( !ret && copy_to_guest(nameh, name, copylen) ) + ret = -EFAULT; + if ( !ret && __copy_field_to_guest(u_xenpf_op, op, u.symdata) ) + ret = -EFAULT; + } + break; + default: ret = -ENOSYS; break; diff --git a/xen/common/symbols.c b/xen/common/symbols.c index fc7c9e760f..a59c59d94a 100644 --- a/xen/common/symbols.c +++ b/xen/common/symbols.c @@ -17,6 +17,8 @@ #include #include #include +#include +#include #ifdef SYMBOLS_ORIGIN extern const unsigned int symbols_offsets[]; @@ -148,3 +150,55 @@ const char *symbols_lookup(unsigned long addr, *offset = addr - symbols_address(low); return namebuf; } + +/* + * Get symbol type information. This is encoded as a single char at the + * beginning of the symbol name. + */ +static char symbols_get_symbol_type(unsigned int off) +{ + /* + * Get just the first code, look it up in the token table, + * and return the first char from this token. + */ + return symbols_token_table[symbols_token_index[symbols_names[off + 1]]]; +} + +int xensyms_read(uint32_t *symnum, char *type, + uint64_t *address, char *name) +{ + /* + * Symbols are most likely accessed sequentially so we remember position + * from previous read. This can help us avoid the extra call to + * get_symbol_offset(). + */ + static uint64_t next_symbol, next_offset; + static DEFINE_SPINLOCK(symbols_mutex); + + if ( *symnum > symbols_num_syms ) + return -ERANGE; + if ( *symnum == symbols_num_syms ) + { + /* No more symbols */ + name[0] = '\0'; + return 0; + } + + spin_lock(&symbols_mutex); + + if ( *symnum == 0 ) + next_offset = next_symbol = 0; + if ( next_symbol != *symnum ) + /* Non-sequential access */ + next_offset = get_symbol_offset(*symnum); + + *type = symbols_get_symbol_type(next_offset); + next_offset = symbols_expand_symbol(next_offset, name); + *address = symbols_address(*symnum); + + next_symbol = ++*symnum; + + spin_unlock(&symbols_mutex); + + return 0; +} diff --git a/xen/include/public/platform.h b/xen/include/public/platform.h index 82ec84ef8f..1e6a6cee39 100644 --- a/xen/include/public/platform.h +++ b/xen/include/public/platform.h @@ -590,6 +590,24 @@ struct xenpf_resource_op { typedef struct xenpf_resource_op xenpf_resource_op_t; DEFINE_XEN_GUEST_HANDLE(xenpf_resource_op_t); +#define XENPF_get_symbol 63 +struct xenpf_symdata { + /* IN/OUT variables */ + uint32_t namelen; /* IN: size of name buffer */ + /* OUT: strlen(name) of hypervisor symbol (may be */ + /* larger than what's been copied to guest) */ + uint32_t symnum; /* IN: Symbol to read */ + /* OUT: Next available symbol. If same as IN then */ + /* we reached the end */ + + /* OUT variables */ + XEN_GUEST_HANDLE(char) name; + uint64_t address; + char type; +}; +typedef struct xenpf_symdata xenpf_symdata_t; +DEFINE_XEN_GUEST_HANDLE(xenpf_symdata_t); + /* * ` enum neg_errnoval * ` HYPERVISOR_platform_op(const struct xen_platform_op*); @@ -619,6 +637,7 @@ struct xen_platform_op { struct xenpf_mem_hotadd mem_add; struct xenpf_core_parking core_parking; struct xenpf_resource_op resource_op; + struct xenpf_symdata symdata; uint8_t pad[128]; } u; }; diff --git a/xen/include/xen/symbols.h b/xen/include/xen/symbols.h index 87cd77d230..1fa05376d0 100644 --- a/xen/include/xen/symbols.h +++ b/xen/include/xen/symbols.h @@ -11,4 +11,7 @@ const char *symbols_lookup(unsigned long addr, unsigned long *offset, char *namebuf); +int xensyms_read(uint32_t *symnum, char *type, + uint64_t *address, char *name); + #endif /*_XEN_SYMBOLS_H*/ diff --git a/xen/include/xlat.lst b/xen/include/xlat.lst index 28343b5bb6..9f2545e92c 100644 --- a/xen/include/xlat.lst +++ b/xen/include/xlat.lst @@ -88,6 +88,7 @@ ? processor_px platform.h ! psd_package platform.h ? xenpf_enter_acpi_sleep platform.h +! xenpf_symdata platform.h ? xenpf_pcpuinfo platform.h ? xenpf_pcpu_version platform.h ? xenpf_resource_entry platform.h diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index 317f50fc9d..74c0c0537b 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1521,6 +1521,10 @@ static int flask_platform_op(uint32_t op) return avc_current_has_perm(SECINITSID_XEN, SECCLASS_XEN2, XEN2__RESOURCE_OP, NULL); + case XENPF_get_symbol: + return avc_has_perm(domain_sid(current->domain), SECINITSID_XEN, + SECCLASS_XEN2, XEN2__GET_SYMBOL, NULL); + default: printk("flask_platform_op: Unknown op %d\n", op); return -EPERM; diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/access_vectors index e1a11b2b6c..0eb491cb84 100644 --- a/xen/xsm/flask/policy/access_vectors +++ b/xen/xsm/flask/policy/access_vectors @@ -87,6 +87,8 @@ class xen2 psr_cmt_op # XEN_SYSCTL_psr_cat_op psr_cat_op +# XENPF_get_symbol + get_symbol } # Classes domain and domain2 consist of operations that a domain performs on