On 5/3/22 09:17, Luca Fancellu wrote:
> Hi Daniel,
>
>> diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
>> index 0bf63ffa84..b93101191e 100644
>> --- a/xen/xsm/flask/hooks.c
>> +++ b/xen/xsm/flask/hooks.c
>> @@ -186,6 +186,28 @@ static int cf_check flask_domain_alloc_security(struct
>> domain *d)
>> return 0;
>> }
>>
>> +static int cf_check flask_set_system_active(void)
>> +{
>> + struct domain *d = current->domain;
>> +
>> + ASSERT(d->is_privileged);
>> +
>> + if ( d->domain_id != DOMID_IDLE )
>> + {
>> + printk("xsm_set_system_active should only be called by idle
>> domain\n");
>
> Sorry I spotted that now, here in the printk probably you mean
> “flask_set_system_active”
> instead of “xsm_set_system_active”, you can keep my R-by after this change.
That was intentional as that was the hook it came in as, but after you
pointed it out I realized this may cause confusion since the default
policy function name is the same as the hook. Though changing it I would
do as Julien suggested and use __func__.
v/r,
dps
