Xen project Mailing List

[Xen-devel] Re: [Xen-changelog] [xen-unstable] Add build option to allow more hypercalls from stubdoms

To: "Cui, Dexuan" <dexuan.cui@xxxxxxxxx>, Stefano Stabellini <Stefano.Stabellini@xxxxxxxxxxxxx>

From: Keir Fraser <keir.fraser@xxxxxxxxxxxxx>

Date: Thu, 15 Oct 2009 16:47:28 +0100

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>

Delivery-date: Thu, 15 Oct 2009 08:48:01 -0700

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Thread-index: AcpMpokSgWk+LCd3See1gIYO/DmQRwBBjuKwAACB6V8=

Thread-topic: [Xen-changelog] [xen-unstable] Add build option to allow more hypercalls from stubdoms

Rearrangement typo on my part! -- Keir On 15/10/2009 16:39, "Cui, Dexuan" <dexuan.cui@xxxxxxxxx> wrote: > Hi, the changeset prevents the domain destroy actually. > e.g., in the non-stubdomain case, the following code would get many references > to the op->domain, so the domain can't be destroyed throughly. > > + switch ( op->cmd ) > + { > + case XEN_DOMCTL_ioport_mapping: > + case XEN_DOMCTL_memory_mapping: > + case XEN_DOMCTL_bind_pt_irq: > + case XEN_DOMCTL_unbind_pt_irq: > + case XEN_DOMCTL_assign_device: > + case XEN_DOMCTL_deassign_device: { > + struct domain *d = get_domain_by_id(op->domain); > > Thanks, > -- Dexuan > > -----Original Message----- > From: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx > [mailto:xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Xen > patchbot-unstable > Sent: 2009?10?14? 16:15 > To: xen-changelog@xxxxxxxxxxxxxxxxxxx > Subject: [Xen-changelog] [xen-unstable] Add build option to allow more > hypercalls from stubdoms > > # HG changeset patch > # User Keir Fraser <keir.fraser@xxxxxxxxxx> > # Date 1255506898 -3600 > # Node ID 6100b7a34705e40ae23a0e081f2bce1b6ed342f5 > # Parent b3c9f5f9532a0dba89204c37d7fb85144e2ad973 > Add build option to allow more hypercalls from stubdoms > > Stubdoms need to be able to make all the passthrough related > hypercalls on behalf of the guest (for now). > > Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> > Signed-off-by: Keir Fraser <keir.fraser@xxxxxxxxxx> > --- > xen/Rules.mk | 7 +++++++ > xen/arch/x86/irq.c | 2 +- > xen/arch/x86/physdev.c | 19 ++++++++++--------- > xen/common/domctl.c | 28 +++++++++++++++++++++++++--- > xen/include/xen/config.h | 6 ++++++ > 5 files changed, 49 insertions(+), 13 deletions(-) > > diff -r b3c9f5f9532a -r 6100b7a34705 xen/Rules.mk > --- a/xen/Rules.mk Wed Oct 14 08:33:11 2009 +0100 > +++ b/xen/Rules.mk Wed Oct 14 08:54:58 2009 +0100 > @@ -8,6 +8,9 @@ perfc_arrays ?= n > perfc_arrays ?= n > crash_debug ?= n > frame_pointer ?= n > + > +# Allow some delicate passthrough related hypercalls to be made from a > stubdom > +privileged_stubdoms ?= y > > XEN_ROOT=$(BASEDIR)/.. > include $(XEN_ROOT)/Config.mk > @@ -56,6 +59,10 @@ endif > endif > ifneq ($(max_phys_irqs),) > CFLAGS-y += -DMAX_PHYS_IRQS=$(max_phys_irqs) > +endif > + > +ifeq ($(privileged_stubdoms),y) > +CFLAGS += -DPRIVILEGED_STUBDOMS > endif > > AFLAGS-y += -D__ASSEMBLY__ > diff -r b3c9f5f9532a -r 6100b7a34705 xen/arch/x86/irq.c > --- a/xen/arch/x86/irq.c Wed Oct 14 08:33:11 2009 +0100 > +++ b/xen/arch/x86/irq.c Wed Oct 14 08:54:58 2009 +0100 > @@ -1340,7 +1340,7 @@ int map_domain_pirq( > ASSERT(spin_is_locked(&pcidevs_lock)); > ASSERT(spin_is_locked(&d->event_lock)); > > - if ( !IS_PRIV(current->domain) ) > + if ( !STUBDOM_IS_PRIV_FOR(current->domain, d) ) > return -EPERM; > > if ( pirq < 0 || pirq >= d->nr_pirqs || irq < 0 || irq >= nr_irqs ) > diff -r b3c9f5f9532a -r 6100b7a34705 xen/arch/x86/physdev.c > --- a/xen/arch/x86/physdev.c Wed Oct 14 08:33:11 2009 +0100 > +++ b/xen/arch/x86/physdev.c Wed Oct 14 08:54:58 2009 +0100 > @@ -34,9 +34,6 @@ static int physdev_map_pirq(struct physd > struct msi_info _msi; > void *map_data = NULL; > > - if ( !IS_PRIV(current->domain) ) > - return -EPERM; > - > if ( !map ) > return -EINVAL; > > @@ -46,8 +43,11 @@ static int physdev_map_pirq(struct physd > d = rcu_lock_domain_by_id(map->domid); > > if ( d == NULL ) > - { > - ret = -ESRCH; > + return -ESRCH; > + > + if ( !STUBDOM_IS_PRIV_FOR(current->domain, d) ) > + { > + ret = -EPERM; > goto free_domain; > } > > @@ -160,9 +160,6 @@ static int physdev_unmap_pirq(struct phy > struct domain *d; > int ret; > > - if ( !IS_PRIV(current->domain) ) > - return -EPERM; > - > if ( unmap->domid == DOMID_SELF ) > d = rcu_lock_domain(current->domain); > else > @@ -170,6 +167,10 @@ static int physdev_unmap_pirq(struct phy > > if ( d == NULL ) > return -ESRCH; > + > + ret = -EPERM; > + if ( !STUBDOM_IS_PRIV_FOR(current->domain, d) ) > + goto free_domain; > > spin_lock(&pcidevs_lock); > spin_lock(&d->event_lock); > @@ -177,8 +178,8 @@ static int physdev_unmap_pirq(struct phy > spin_unlock(&d->event_lock); > spin_unlock(&pcidevs_lock); > > +free_domain: > rcu_unlock_domain(d); > - > return ret; > } > > diff -r b3c9f5f9532a -r 6100b7a34705 xen/common/domctl.c > --- a/xen/common/domctl.c Wed Oct 14 08:33:11 2009 +0100 > +++ b/xen/common/domctl.c Wed Oct 14 08:54:58 2009 +0100 > @@ -220,14 +220,36 @@ long do_domctl(XEN_GUEST_HANDLE(xen_domc > long ret = 0; > struct xen_domctl curop, *op = &curop; > > - if ( !IS_PRIV(current->domain) ) > - return -EPERM; > - > if ( copy_from_guest(op, u_domctl, 1) ) > return -EFAULT; > > if ( op->interface_version != XEN_DOMCTL_INTERFACE_VERSION ) > return -EACCES; > + > + switch ( op->cmd ) > + { > + case XEN_DOMCTL_ioport_mapping: > + case XEN_DOMCTL_memory_mapping: > + case XEN_DOMCTL_bind_pt_irq: > + case XEN_DOMCTL_unbind_pt_irq: > + case XEN_DOMCTL_assign_device: > + case XEN_DOMCTL_deassign_device: { > + struct domain *d = get_domain_by_id(op->domain); > + bool_t is_priv = IS_PRIV(current->domain); > + if ( !is_priv && ((d = rcu_lock_domain_by_id(op->domain)) != NULL) ) > + { > + is_priv = STUBDOM_IS_PRIV_FOR(current->domain, d); > + rcu_unlock_domain(d); > + } > + if ( !is_priv ) > + return -EPERM; > + break; > + } > + default: > + if ( !IS_PRIV(current->domain) ) > + return -EPERM; > + break; > + } > > if ( !domctl_lock_acquire() ) > return hypercall_create_continuation( > diff -r b3c9f5f9532a -r 6100b7a34705 xen/include/xen/config.h > --- a/xen/include/xen/config.h Wed Oct 14 08:33:11 2009 +0100 > +++ b/xen/include/xen/config.h Wed Oct 14 08:54:58 2009 +0100 > @@ -95,4 +95,10 @@ int current_domain_id(void); > #define __cpuinitdata > #define __cpuinit > > +#ifdef PRIVILEGED_STUBDOMS > +#define STUBDOM_IS_PRIV_FOR(x,y) IS_PRIV_FOR(x,y) > +#else > +#define STUBDOM_IS_PRIV_FOR(x,y) IS_PRIV(x) > +#endif > + > #endif /* __XEN_CONFIG_H__ */ > > _______________________________________________ > Xen-changelog mailing list > Xen-changelog@xxxxxxxxxxxxxxxxxxx > http://lists.xensource.com/xen-changelog _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.