[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH 06/22] xen: convert do_domctl to use XSM
The xsm_domctl hook now covers every domctl, in addition to the more fine-grained XSM hooks in most sub-functions. This also removes the need to special-case XEN_DOMCTL_getdomaininfo. Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> Cc: Keir Fraser <keir@xxxxxxx> Cc: Jan Beulich <jbeulich@xxxxxxxx> --- xen/common/domctl.c | 32 +++---------------- xen/include/xsm/dummy.h | 16 ++++++++-- xen/xsm/flask/hooks.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 103 insertions(+), 30 deletions(-) diff --git a/xen/common/domctl.c b/xen/common/domctl.c index 05d9c55..b32e614 100644 --- a/xen/common/domctl.c +++ b/xen/common/domctl.c @@ -265,27 +265,9 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) return -ESRCH; } - switch ( op->cmd ) - { - case XEN_DOMCTL_ioport_mapping: - case XEN_DOMCTL_memory_mapping: - case XEN_DOMCTL_bind_pt_irq: - case XEN_DOMCTL_unbind_pt_irq: { - bool_t is_priv = IS_PRIV_FOR(current->domain, d); - if ( !is_priv ) - { - ret = -EPERM; - goto domctl_out_unlock_domonly; - } - break; - } - case XEN_DOMCTL_getdomaininfo: - break; - default: - if ( !IS_PRIV(current->domain) ) - return -EPERM; - break; - } + ret = xsm_domctl(d, op->cmd); + if ( ret ) + goto domctl_out_unlock_domonly; if ( !domctl_lock_acquire() ) { @@ -855,17 +837,13 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) case XEN_DOMCTL_subscribe: { - ret = xsm_domctl(d, op->cmd); - if ( !ret ) - d->suspend_evtchn = op->u.subscribe.port; + d->suspend_evtchn = op->u.subscribe.port; } break; case XEN_DOMCTL_disable_migrate: { - ret = xsm_domctl(d, op->cmd); - if ( !ret ) - d->disable_migrate = op->u.disable_migrate.disable; + d->disable_migrate = op->u.disable_migrate.disable; } break; diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index dc16684..93b1148 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -64,8 +64,6 @@ static XSM_INLINE int xsm_scheduler(struct domain *d) static XSM_INLINE int xsm_getdomaininfo(struct domain *d) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; return 0; } @@ -91,6 +89,20 @@ static XSM_INLINE int xsm_set_target(struct domain *d, struct domain *e) static XSM_INLINE int xsm_domctl(struct domain *d, int cmd) { + switch ( cmd ) + { + case XEN_DOMCTL_ioport_mapping: + case XEN_DOMCTL_memory_mapping: + case XEN_DOMCTL_bind_pt_irq: + case XEN_DOMCTL_unbind_pt_irq: { + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; + break; + } + default: + if ( !IS_PRIV(current->domain) ) + return -EPERM; + } return 0; } diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index c8a7999..fe7178c 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -582,7 +582,90 @@ static int flask_set_target(struct domain *d, struct domain *e) static int flask_domctl(struct domain *d, int cmd) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO); + switch ( cmd ) + { + /* These have individual XSM hooks (common/domctl.c) */ + case XEN_DOMCTL_createdomain: + case XEN_DOMCTL_destroydomain: + case XEN_DOMCTL_pausedomain: + case XEN_DOMCTL_unpausedomain: + case XEN_DOMCTL_getdomaininfo: + case XEN_DOMCTL_setvcpuaffinity: + case XEN_DOMCTL_max_mem: + case XEN_DOMCTL_setvcpucontext: + case XEN_DOMCTL_getvcpucontext: + case XEN_DOMCTL_getvcpuinfo: + case XEN_DOMCTL_max_vcpus: + case XEN_DOMCTL_scheduler_op: + case XEN_DOMCTL_setdomainhandle: + case XEN_DOMCTL_setdebugging: + case XEN_DOMCTL_irq_permission: + case XEN_DOMCTL_iomem_permission: + case XEN_DOMCTL_settimeoffset: + case XEN_DOMCTL_getvcpuaffinity: + case XEN_DOMCTL_resumedomain: + case XEN_DOMCTL_set_target: + case XEN_DOMCTL_set_virq_handler: +#ifdef CONFIG_X86 + /* These have individual XSM hooks (arch/x86/domctl.c) */ + case XEN_DOMCTL_shadow_op: + case XEN_DOMCTL_ioport_permission: + case XEN_DOMCTL_getpageframeinfo: + case XEN_DOMCTL_getpageframeinfo2: + case XEN_DOMCTL_getpageframeinfo3: + case XEN_DOMCTL_getmemlist: + case XEN_DOMCTL_hypercall_init: + case XEN_DOMCTL_sethvmcontext: + case XEN_DOMCTL_gethvmcontext: + case XEN_DOMCTL_gethvmcontext_partial: + case XEN_DOMCTL_set_address_size: + case XEN_DOMCTL_get_address_size: + case XEN_DOMCTL_set_machine_address_size: + case XEN_DOMCTL_get_machine_address_size: + case XEN_DOMCTL_sendtrigger: + case XEN_DOMCTL_bind_pt_irq: + case XEN_DOMCTL_unbind_pt_irq: + case XEN_DOMCTL_memory_mapping: + case XEN_DOMCTL_ioport_mapping: + case XEN_DOMCTL_pin_mem_cacheattr: + case XEN_DOMCTL_set_ext_vcpucontext: + case XEN_DOMCTL_get_ext_vcpucontext: + case XEN_DOMCTL_setvcpuextstate: + case XEN_DOMCTL_getvcpuextstate: + case XEN_DOMCTL_mem_event_op: + case XEN_DOMCTL_mem_sharing_op: + case XEN_DOMCTL_set_access_required: + /* These have individual XSM hooks (drivers/passthrough/iommu.c) */ + case XEN_DOMCTL_get_device_group: + case XEN_DOMCTL_test_assign_device: + case XEN_DOMCTL_assign_device: + case XEN_DOMCTL_deassign_device: +#endif + return 0; + + case XEN_DOMCTL_subscribe: + case XEN_DOMCTL_disable_migrate: + return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, + DOMAIN__SET_MISC_INFO); + + case XEN_DOMCTL_set_cpuid: + case XEN_DOMCTL_suppress_spurious_page_faults: + case XEN_DOMCTL_debug_op: + case XEN_DOMCTL_gettscinfo: + case XEN_DOMCTL_settscinfo: + case XEN_DOMCTL_audit_p2m: + case XEN_DOMCTL_gdbsx_guestmemio: + case XEN_DOMCTL_gdbsx_pausevcpu: + case XEN_DOMCTL_gdbsx_unpausevcpu: + case XEN_DOMCTL_gdbsx_domstatus: + /* TODO add per-subfunction hooks */ + if ( !IS_PRIV(current->domain) ) + return -EPERM; + return 0; + default: + printk("flask_domctl: Unknown op %d\n", cmd); + return -EPERM; + } } static int flask_set_virq_handler(struct domain *d, uint32_t virq) -- 1.7.11.7 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |