[v2,03/10] xsm: remove the ability to disable flask

Message ID	20210712203233.20289-4-dpsmith@apertussolutions.com (mailing list archive)
State	Superseded
Headers	show Return-Path: <SRS0=qW8Y=ME=lists.xenproject.org=xen-devel-bounces@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1120D611C1 Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org> From: "Daniel P. Smith" <dpsmith@apertussolutions.com> To: xen-devel@lists.xenproject.org Cc: "Daniel P. Smith" <dpsmith@apertussolutions.com>, Daniel De Graaf <dgdegra@tycho.nsa.gov> Subject: [PATCH v2 03/10] xsm: remove the ability to disable flask Date: Mon, 12 Jul 2021 16:32:26 -0400 Message-Id: <20210712203233.20289-4-dpsmith@apertussolutions.com> In-Reply-To: <20210712203233.20289-1-dpsmith@apertussolutions.com> References: <20210712203233.20289-1-dpsmith@apertussolutions.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	xsm: refactoring xsm hooks \| expand [v2,00/10] xsm: refactoring xsm hooks [v2,01/10] xen: Implement xen/alternative-call.h for use in common code [v2,02/10] xsm: refactor xsm_ops handling [v2,03/10] xsm: remove the ability to disable flask [v2,04/10] xsm: convert xsm_ops hook calls to alternative call [v2,05/10] xsm: decouple xsm header inclusion selection [v2,06/10] xsm: enable xsm to always be included [v2,07/10] xsm: drop generic event channel labeling [v2,08/10] xsm: remove xsm_default_t from hook definitions [v2,09/10] xsm: expand the function related macros in dummy.h [v2,10/10] xsm: removing the XSM_ASSERT_ACTION macro

Message ID

20210712203233.20289-4-dpsmith@apertussolutions.com (mailing list archive)

State

Superseded

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1120D611C1
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
From: "Daniel P. Smith" <dpsmith@apertussolutions.com>
To: xen-devel@lists.xenproject.org
Cc: "Daniel P. Smith" <dpsmith@apertussolutions.com>,
	Daniel De Graaf <dgdegra@tycho.nsa.gov>
Subject: [PATCH v2 03/10] xsm: remove the ability to disable flask
Date: Mon, 12 Jul 2021 16:32:26 -0400
Message-Id: <20210712203233.20289-4-dpsmith@apertussolutions.com>
In-Reply-To: <20210712203233.20289-1-dpsmith@apertussolutions.com>
References: <20210712203233.20289-1-dpsmith@apertussolutions.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

xsm: refactoring xsm hooks | expand

Commit Message

Daniel P. Smith July 12, 2021, 8:32 p.m. UTC

The flask XSM module provided the ability to switch from flask back to
the dummy XSM module during runtime. With this removal the only way to
switch between XSM modules is at boot time.

Signed-off-by: Daniel P. Smith <dpsmith@apertussolutions.com>
---
 xen/xsm/flask/flask_op.c | 32 --------------------------------
 1 file changed, 32 deletions(-)

Comments

Andrew Cooper July 12, 2021, 11:22 p.m. UTC | #1

On 12/07/2021 21:32, Daniel P. Smith wrote:
> The flask XSM module provided the ability to switch from flask back to
> the dummy XSM module during runtime. With this removal the only way to
> switch between XSM modules is at boot time.
>
> Signed-off-by: Daniel P. Smith <dpsmith@apertussolutions.com>

This patch wants reordering ahead of "xsm: refactor xsm_ops handling"
which will reduce the churn in that patch.

In addition, you want:

diff --git a/xen/include/public/xsm/flask_op.h
b/xen/include/public/xsm/flask_op.h
index 16af7bc22f75..b41dd6dac894 100644
--- a/xen/include/public/xsm/flask_op.h
+++ b/xen/include/public/xsm/flask_op.h
@@ -188,7 +188,7 @@ struct xen_flask_op {
 #define FLASK_SETBOOL           12
 #define FLASK_COMMITBOOLS       13
 #define FLASK_MLS               14
-#define FLASK_DISABLE           15
+#define FLASK_DISABLE           15 /* No longer implemented */
 #define FLASK_GETAVC_THRESHOLD  16
 #define FLASK_SETAVC_THRESHOLD  17
 #define FLASK_AVC_HASHSTATS     18

to match the removal of FLASK_USER in c/s 559f439bfa3bf

~Andrew

Jan Beulich July 14, 2021, 3:58 p.m. UTC | #2

On 12.07.2021 22:32, Daniel P. Smith wrote:
> The flask XSM module provided the ability to switch from flask back to
> the dummy XSM module during runtime. With this removal the only way to
> switch between XSM modules is at boot time.
> 
> Signed-off-by: Daniel P. Smith <dpsmith@apertussolutions.com>

Can you please add a statement as to why you/we want this, perhaps
helping clarify why apparently you think no-one is making use of
this?

Jan

Daniel P. Smith July 15, 2021, 5:17 p.m. UTC | #3

On 7/12/21 7:22 PM, Andrew Cooper wrote:
> On 12/07/2021 21:32, Daniel P. Smith wrote:
>> The flask XSM module provided the ability to switch from flask back to
>> the dummy XSM module during runtime. With this removal the only way to
>> switch between XSM modules is at boot time.
>>
>> Signed-off-by: Daniel P. Smith <dpsmith@apertussolutions.com>
> 
> This patch wants reordering ahead of "xsm: refactor xsm_ops handling"
> which will reduce the churn in that patch.

Ack

> In addition, you want:
> 
> diff --git a/xen/include/public/xsm/flask_op.h
> b/xen/include/public/xsm/flask_op.h
> index 16af7bc22f75..b41dd6dac894 100644
> --- a/xen/include/public/xsm/flask_op.h
> +++ b/xen/include/public/xsm/flask_op.h
> @@ -188,7 +188,7 @@ struct xen_flask_op {
>  #define FLASK_SETBOOL           12
>  #define FLASK_COMMITBOOLS       13
>  #define FLASK_MLS               14
> -#define FLASK_DISABLE           15
> +#define FLASK_DISABLE           15 /* No longer implemented */
>  #define FLASK_GETAVC_THRESHOLD  16
>  #define FLASK_SETAVC_THRESHOLD  17
>  #define FLASK_AVC_HASHSTATS     18
> 
> to match the removal of FLASK_USER in c/s 559f439bfa3bf

Ack

Daniel P. Smith July 15, 2021, 5:19 p.m. UTC | #4

On 7/14/21 11:58 AM, Jan Beulich wrote:
> On 12.07.2021 22:32, Daniel P. Smith wrote:
>> The flask XSM module provided the ability to switch from flask back to
>> the dummy XSM module during runtime. With this removal the only way to
>> switch between XSM modules is at boot time.
>>
>> Signed-off-by: Daniel P. Smith <dpsmith@apertussolutions.com>
> 
> Can you please add a statement as to why you/we want this, perhaps
> helping clarify why apparently you think no-one is making use of
> this?

Yes, I can expand more on the why.

v/r
dps

diff --git a/xen/xsm/flask/flask_op.c b/xen/xsm/flask/flask_op.c
index 32e079d676..f41c025391 100644
--- a/xen/xsm/flask/flask_op.c
+++ b/xen/xsm/flask/flask_op.c
@@ -223,34 +223,6 @@  static int flask_security_sid(struct xen_flask_sid_context *arg)
 
 #ifndef COMPAT
 
-static int flask_disable(void)
-{
-    static int flask_disabled = 0;
-    struct xsm_operations default_ops;
-
-    if ( ss_initialized )
-    {
-        /* Not permitted after initial policy load. */
-        return -EINVAL;
-    }
-
-    if ( flask_disabled )
-    {
-        /* Only do this once. */
-        return -EINVAL;
-    }
-
-    printk("Flask:  Disabled at runtime.\n");
-
-    flask_disabled = 1;
-
-    /* Reset xsm_ops to the original module. */
-    xsm_fixup_ops(&default_ops);
-    xsm_ops = default_ops;
-
-    return 0;
-}
-
 static int flask_security_setavc_threshold(struct xen_flask_setavc_threshold *arg)
 {
     int rv = 0;
@@ -700,10 +672,6 @@  ret_t do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op)
         rv = flask_mls_enabled;
         break;    
 
-    case FLASK_DISABLE:
-        rv = flask_disable();
-        break;
-
     case FLASK_GETAVC_THRESHOLD:
         rv = avc_cache_threshold;
         break;

[v2,03/10] xsm: remove the ability to disable flask

Commit Message

Comments

Patch