From patchwork Mon Mar 7 18:42:41 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Douglas Goldstein X-Patchwork-Id: 8521621 Return-Path: X-Original-To: patchwork-xen-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 72700C0553 for ; Mon, 7 Mar 2016 18:45:23 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 87568202C8 for ; Mon, 7 Mar 2016 18:45:22 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9E981202D1 for ; Mon, 7 Mar 2016 18:45:21 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xen.org with esmtp (Exim 4.84) (envelope-from ) id 1ad07Q-0003BA-2A; Mon, 07 Mar 2016 18:43:00 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.84) (envelope-from ) id 1ad07O-0003Ab-I5 for xen-devel@lists.xen.org; Mon, 07 Mar 2016 18:42:58 +0000 Received: from [85.158.139.211] by server-1.bemta-5.messagelabs.com id 01/7E-29419-1BBCDD65; Mon, 07 Mar 2016 18:42:57 +0000 X-Env-Sender: cardoe@cardoe.com X-Msg-Ref: server-2.tower-206.messagelabs.com!1457376176!11364055!1 X-Originating-IP: [209.85.160.193] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 8.11; banners=-,-,- X-VirusChecked: Checked Received: (qmail 46979 invoked from network); 7 Mar 2016 18:42:57 -0000 Received: from mail-yk0-f193.google.com (HELO mail-yk0-f193.google.com) (209.85.160.193) by server-2.tower-206.messagelabs.com with AES128-GCM-SHA256 encrypted SMTP; 7 Mar 2016 18:42:57 -0000 Received: by mail-yk0-f193.google.com with SMTP id z7so1151084yka.3 for ; Mon, 07 Mar 2016 10:42:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cardoe.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=iyk8D6+2jwnNhlqVo1kSxvyp2uYJYGPhtqlUbtYOyBk=; b=HKmLDjaXL0TXD+AAeEpPB+/tmccG8fZRdAsYFDr1t75i5RSROaG1X9UtQpTaLiZRzM eBO7Gtl9y7iJ8KuXrxhiNsek8fHvmrxUSYaDwgotghLiiJZHeKC4JCHqASegCiELp92/ cqb7xuFOuY9btU3tbbThiAcEnwTf4IJQlVIFg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=iyk8D6+2jwnNhlqVo1kSxvyp2uYJYGPhtqlUbtYOyBk=; b=bJp5Y9ycueYkkziDPrpxhY6xSeO2YH67hzq6FvfHfMU/w6Pnhg/ocREhwde0I75kVy EXw2N8wS4g5XHoO/C7bOcy6xV4dtXQtreosBjPnYB1QnH85LRHZM/2MRH8WkVqo7cux1 dazKgqc8btPSSz0/ouRasylG5BcA6mmEQ/yW0suNf9EisttKEoNiFj8fMhWmxCFyca2C 2lqPAKqcB9zZmbS/QlrDiEXyTO0mISEbrJmu/yG5PJnM2PceTLBAVv+gbHCCHTSf0B9A de5YmSWIXxrQrfWEXwCTmAaxFlB78X5m8DbI2Hks2omPmQDpB6/jCG+/BBX8FqFZWd14 MJUQ== X-Gm-Message-State: AD7BkJKpRChC1xvtWZCMjJCMZb1HxaZlWuNKdQeKvhQUYlPM778Jn5gdQiGpjwpgbhglFg== X-Received: by 10.37.102.197 with SMTP id a188mr12821110ybc.85.1457376176181; Mon, 07 Mar 2016 10:42:56 -0800 (PST) Received: from swanson.lan (c-68-46-196-185.hsd1.al.comcast.net. [68.46.196.185]) by smtp.gmail.com with ESMTPSA id a10sm12614886ywc.52.2016.03.07.10.42.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 07 Mar 2016 10:42:55 -0800 (PST) From: Doug Goldstein To: xen-devel@lists.xen.org Date: Mon, 7 Mar 2016 12:42:41 -0600 Message-Id: <1457376161-24982-2-git-send-email-cardoe@cardoe.com> X-Mailer: git-send-email 2.4.10 In-Reply-To: <1457376161-24982-1-git-send-email-cardoe@cardoe.com> References: <1457376161-24982-1-git-send-email-cardoe@cardoe.com> Cc: Daniel De Graaf , Doug Goldstein Subject: [Xen-devel] [PATCH 2/2] xsm: move FLASK_AVC_STATS to Kconfig X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, T_DKIM_INVALID,UNPARSEABLE_RELAY autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Have Kconfig set CONFIG_FLASK_AVC_STATS and prefix all uses with CONFIG_ to use the Kconfig variable. Signed-off-by: Doug Goldstein Acked-by: Daniel De Graaf --- CC: Daniel De Graaf --- xen/common/Kconfig | 8 +++++++- xen/include/xen/config.h | 5 ----- xen/xsm/flask/avc.c | 4 ++-- xen/xsm/flask/flask_op.c | 4 ++-- xen/xsm/flask/include/avc.h | 2 +- 5 files changed, 12 insertions(+), 11 deletions(-) diff --git a/xen/common/Kconfig b/xen/common/Kconfig index d661da3..db23edc 100644 --- a/xen/common/Kconfig +++ b/xen/common/Kconfig @@ -23,6 +23,12 @@ config FLASK If unsure, say N. +config FLASK_AVC_STATS + def_bool y if FLASK + depends on FLASK + ---help--- + Maintain statistics on the access vector cache + # Select HAS_DEVICE_TREE if device tree is supported config HAS_DEVICE_TREE bool @@ -117,7 +123,7 @@ config XSM config XSM_MAGIC hex default 0xf97cff8c if FLASK - default 0 if !FLASK + default 0 ---help--- Identifies a FLASK XSM policy start point diff --git a/xen/include/xen/config.h b/xen/include/xen/config.h index 3f8c53d..ef6e5ee 100644 --- a/xen/include/xen/config.h +++ b/xen/include/xen/config.h @@ -78,11 +78,6 @@ #define __STR(...) #__VA_ARGS__ #define STR(...) __STR(__VA_ARGS__) -#ifdef CONFIG_FLASK -/* Maintain statistics on the access vector cache */ -#define FLASK_AVC_STATS 1 -#endif - /* allow existing code to work with Kconfig variable */ #define NR_CPUS CONFIG_NR_CPUS diff --git a/xen/xsm/flask/avc.c b/xen/xsm/flask/avc.c index 31bc702..7764379 100644 --- a/xen/xsm/flask/avc.c +++ b/xen/xsm/flask/avc.c @@ -56,7 +56,7 @@ const struct selinux_class_perm selinux_class_perm = { #define AVC_DEF_CACHE_THRESHOLD 512 #define AVC_CACHE_RECLAIM 16 -#ifdef FLASK_AVC_STATS +#ifdef CONFIG_FLASK_AVC_STATS #define avc_cache_stats_incr(field) \ do { \ __get_cpu_var(avc_cache_stats).field++; \ @@ -101,7 +101,7 @@ struct avc_callback_node { /* Exported via Flask hypercall */ unsigned int avc_cache_threshold = AVC_DEF_CACHE_THRESHOLD; -#ifdef FLASK_AVC_STATS +#ifdef CONFIG_FLASK_AVC_STATS DEFINE_PER_CPU(struct avc_cache_stats, avc_cache_stats); #endif diff --git a/xen/xsm/flask/flask_op.c b/xen/xsm/flask/flask_op.c index f4f5dd1..3c9c99e 100644 --- a/xen/xsm/flask/flask_op.c +++ b/xen/xsm/flask/flask_op.c @@ -469,7 +469,7 @@ static int flask_security_make_bools(void) return ret; } -#ifdef FLASK_AVC_STATS +#ifdef CONFIG_FLASK_AVC_STATS static int flask_security_avc_cachestats(struct xen_flask_cache_stats *arg) { @@ -761,7 +761,7 @@ ret_t do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op) rv = avc_get_hash_stats(&op.u.hash_stats); break; -#ifdef FLASK_AVC_STATS +#ifdef CONFIG_FLASK_AVC_STATS case FLASK_AVC_CACHESTATS: rv = flask_security_avc_cachestats(&op.u.cache_stats); break; diff --git a/xen/xsm/flask/include/avc.h b/xen/xsm/flask/include/avc.h index 4283562..729856e 100644 --- a/xen/xsm/flask/include/avc.h +++ b/xen/xsm/flask/include/avc.h @@ -108,7 +108,7 @@ struct xen_flask_hash_stats; int avc_get_hash_stats(struct xen_flask_hash_stats *arg); extern unsigned int avc_cache_threshold; -#ifdef FLASK_AVC_STATS +#ifdef CONFIG_FLASK_AVC_STATS DECLARE_PER_CPU(struct avc_cache_stats, avc_cache_stats); #endif