[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen staging-4.21] domctl/XSM: drop scheduler_op hook

commit b48039e907a65ce0b85dfc32ceed0d0bad639319
Author:     Jan Beulich <jbeulich@xxxxxxxx>
AuthorDate: Thu Jun 4 21:37:32 2026 +0100
Commit:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Thu Jun 4 21:38:04 2026 +0100

    domctl/XSM: drop scheduler_op hook
    
    Integrate the checking with xsm_domctl(), now that it has the full op
    struct passed. As a positive side effect, permissions are then checked at
    the same early point with and without Flask.
    
    This is part of XSA-492.
    
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Acked-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>
    Reviewed-by: Juergen Gross <jgross@xxxxxxxx>
    (cherry picked from commit 3ba374d3886f0e1d835eafe62cc2fa20ca5376ad)
---
 xen/common/sched/core.c | 4 ----
 xen/include/xsm/dummy.h | 7 -------
 xen/include/xsm/xsm.h   | 7 -------
 xen/xsm/dummy.c         | 1 -
 xen/xsm/flask/hooks.c   | 7 ++++---
 5 files changed, 4 insertions(+), 22 deletions(-)

diff --git a/xen/common/sched/core.c b/xen/common/sched/core.c
index adfdddde15..08175215a0 100644
--- a/xen/common/sched/core.c
+++ b/xen/common/sched/core.c
@@ -2074,10 +2074,6 @@ long sched_adjust(struct domain *d, struct 
xen_domctl_scheduler_op *op)
 {
     long ret;
 
-    ret = xsm_domctl_scheduler_op(XSM_HOOK, d, op->cmd);
-    if ( ret )
-        return ret;
-
     if ( op->sched_id != dom_scheduler(d)->sched_id )
         return -EINVAL;
 
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index c469331ea8..f4444b0488 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -141,13 +141,6 @@ static XSM_INLINE int cf_check xsm_getdomaininfo(
     return xsm_default_action(action, current->domain, d);
 }
 
-static XSM_INLINE int cf_check xsm_domctl_scheduler_op(
-    XSM_DEFAULT_ARG struct domain *d, int cmd)
-{
-    XSM_ASSERT_ACTION(XSM_HOOK);
-    return xsm_default_action(action, current->domain, d);
-}
-
 static XSM_INLINE int cf_check xsm_sysctl_scheduler_op(XSM_DEFAULT_ARG int cmd)
 {
     XSM_ASSERT_ACTION(XSM_HOOK);
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 4379a6e96b..941e768dd6 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -56,7 +56,6 @@ struct xsm_ops {
                                 struct xen_domctl_getdomaininfo *info);
     int (*domain_create)(struct domain *d, uint32_t ssidref);
     int (*getdomaininfo)(struct domain *d);
-    int (*domctl_scheduler_op)(struct domain *d, int op);
 #ifdef CONFIG_SYSCTL
     int (*sysctl_scheduler_op)(int op);
 #endif
@@ -240,12 +239,6 @@ static inline int xsm_get_domain_state(xsm_default_t def, 
struct domain *d)
     return alternative_call(xsm_ops.get_domain_state, d);
 }
 
-static inline int xsm_domctl_scheduler_op(
-    xsm_default_t def, struct domain *d, int cmd)
-{
-    return alternative_call(xsm_ops.domctl_scheduler_op, d, cmd);
-}
-
 #ifdef CONFIG_SYSCTL
 static inline int xsm_sysctl_scheduler_op(xsm_default_t def, int cmd)
 {
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index ccdaa924d7..5e58ccd260 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -18,7 +18,6 @@ static const struct xsm_ops __initconst_cf_clobber dummy_ops 
= {
     .security_domaininfo           = xsm_security_domaininfo,
     .domain_create                 = xsm_domain_create,
     .getdomaininfo                 = xsm_getdomaininfo,
-    .domctl_scheduler_op           = xsm_domctl_scheduler_op,
 #ifdef CONFIG_SYSCTL
     .sysctl_scheduler_op           = xsm_sysctl_scheduler_op,
 #endif
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index ca4aa9d367..f318f37fd9 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -609,7 +609,7 @@ static int cf_check flask_getdomaininfo(struct domain *d)
     return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETDOMAININFO);
 }
 
-static int cf_check flask_domctl_scheduler_op(struct domain *d, int op)
+static int flask_domctl_scheduler_op(struct domain *d, int op)
 {
     switch ( op )
     {
@@ -697,7 +697,6 @@ static int cf_check flask_domctl(struct domain *d, struct 
xen_domctl *op)
         return -EILSEQ;
 
     /* These have individual XSM hooks (common/domctl.c) */
-    case XEN_DOMCTL_scheduler_op:
     case XEN_DOMCTL_set_target:
 
 #ifdef CONFIG_X86
@@ -745,6 +744,9 @@ static int cf_check flask_domctl(struct domain *d, struct 
xen_domctl *op)
     case XEN_DOMCTL_setdomainhandle:
         return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINHANDLE);
 
+    case XEN_DOMCTL_scheduler_op:
+        return flask_domctl_scheduler_op(d, op->u.scheduler_op.cmd);
+
     case XEN_DOMCTL_set_ext_vcpucontext:
     case XEN_DOMCTL_set_vcpu_msrs:
     case XEN_DOMCTL_setvcpucontext:
@@ -1884,7 +1886,6 @@ static const struct xsm_ops __initconst_cf_clobber 
flask_ops = {
     .security_domaininfo = flask_security_domaininfo,
     .domain_create = flask_domain_create,
     .getdomaininfo = flask_getdomaininfo,
-    .domctl_scheduler_op = flask_domctl_scheduler_op,
 #ifdef CONFIG_SYSCTL
     .sysctl_scheduler_op = flask_sysctl_scheduler_op,
 #endif
--
generated by git-patchbot for /home/xen/git/xen.git#staging-4.21

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.