|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] XSM support for recently added priv hypercall ops
The attached patch provides an update to XSM and the associated
security modules. This patch enables
XSM to interpose on the recently added privileged hypercall operations
as well as refactors the existing
IO assignment hooks.
The patch applies cleanly against changeset 16606:8f0cbfc478d6.
Signed-off by: George Coker <george.coker@xxxxxxxxx>, <gscoker@xxxxxxxxxxxxxx>
XSM:
The following hooks are added:
xsm_sendtrigger
xsm_test_assign_device
xsm_assign_device
xsm_bind_pt_irq
xsm_pin_mem_cacheattr
xsm_ext_vcpucontext
xsm_firmware_info
xsm_acpi_sleep
xsm_change_freq
xsm_getideltime
xsm_debug_keys
xsm_getcpuinfo
xsm_availheap
xsm_add_range
xsm_remove_range
The following hooks are deprecated:
xsm_irq_permission
xsm_iomem_permission
xsm_ioport_permission
The functionality provided by the deprecated hooks has been refactored
into the xsm_add_range and
xsm_remove_range hooks. The refactoring enables XSM to centralize the
interposition on IO resource
assignment. The refactoring was necessitated by the addition of the
XEN_DOMCTL_memory_mapping
and XEN_DOMCTL_ioport_mapping operations to support HVM domains.
ACM:
- no updates to ACM
FLASK:
- updated and refactored to implement the new XSM hooks
Attachment:
update-xsm-121307-xen-16606.diff _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |