[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH 3/3] xen/arch/arm: add XSM hook to HVMOP_{get, set}_param
This hook is not x86-specific; move it out of CONFIG_X86. Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> Cc: Ian Campbell <ian.campbell@xxxxxxxxxx> Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx> Cc: Tim Deegan <tim@xxxxxxx> --- xen/arch/arm/hvm.c | 11 ++++++++--- xen/include/xsm/dummy.h | 10 +++++----- xen/include/xsm/xsm.h | 13 +++++++------ xen/xsm/dummy.c | 2 +- xen/xsm/flask/hooks.c | 46 +++++++++++++++++++++++----------------------- 5 files changed, 44 insertions(+), 38 deletions(-) diff --git a/xen/arch/arm/hvm.c b/xen/arch/arm/hvm.c index 40f519e..63ac793 100644 --- a/xen/arch/arm/hvm.c +++ b/xen/arch/arm/hvm.c @@ -30,9 +30,13 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg) if ( a.index >= HVM_NR_PARAMS ) return -EINVAL; - rc = rcu_lock_target_domain_by_id(a.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(a.domid); + if ( d == NULL ) + return -ESRCH; + + rc = xsm_hvm_param(XSM_TARGET, d, op); + if ( rc ) + goto param_fail; if ( op == HVMOP_set_param ) { @@ -44,6 +48,7 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg) rc = copy_to_guest(arg, &a, 1) ? -EFAULT : 0; } + param_fail: rcu_unlock_domain(d); break; } diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index aa4c7d2..8c746a4 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -455,16 +455,16 @@ static XSM_INLINE int xsm_pci_config_permission(XSM_DEFAULT_ARG struct domain *d return xsm_default_action(action, current->domain, d); } -#ifdef CONFIG_X86 -static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op) +static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned long op) { - XSM_ASSERT_ACTION(XSM_HOOK); + XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned long op) +#ifdef CONFIG_X86 +static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op) { - XSM_ASSERT_ACTION(XSM_TARGET); + XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index c77cb92..c73c872 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -128,9 +128,10 @@ struct xsm_operations { long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); + int (*hvm_param) (struct domain *d, unsigned long op); + #ifdef CONFIG_X86 int (*shadow_control) (struct domain *d, uint32_t op); - int (*hvm_param) (struct domain *d, unsigned long op); int (*hvm_set_pci_intx_level) (struct domain *d); int (*hvm_set_isa_irq_level) (struct domain *d); int (*hvm_set_pci_link_route) (struct domain *d); @@ -482,15 +483,15 @@ static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) return xsm_ops->do_xsm_op(op); } -#ifdef CONFIG_X86 -static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, uint32_t op) +static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op) { - return xsm_ops->shadow_control(d, op); + return xsm_ops->hvm_param(d, op); } -static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op) +#ifdef CONFIG_X86 +static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, uint32_t op) { - return xsm_ops->hvm_param(d, op); + return xsm_ops->shadow_control(d, op); } static inline int xsm_hvm_set_pci_intx_level (xsm_default_t def, struct domain *d) diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c index 5a9371f..cae42f5 100644 --- a/xen/xsm/dummy.c +++ b/xen/xsm/dummy.c @@ -100,12 +100,12 @@ void xsm_fixup_ops (struct xsm_operations *ops) set_to_dummy_if_null(ops, page_offline); set_to_dummy_if_null(ops, tmem_op); set_to_dummy_if_null(ops, tmem_control); + set_to_dummy_if_null(ops, hvm_param); set_to_dummy_if_null(ops, do_xsm_op); #ifdef CONFIG_X86 set_to_dummy_if_null(ops, shadow_control); - set_to_dummy_if_null(ops, hvm_param); set_to_dummy_if_null(ops, hvm_set_pci_intx_level); set_to_dummy_if_null(ops, hvm_set_isa_irq_level); set_to_dummy_if_null(ops, hvm_set_pci_link_route); diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index ba136ba..eb1d764 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1058,6 +1058,28 @@ static inline int flask_tmem_control(void) return domain_has_xen(current->domain, XEN__TMEM_CONTROL); } +static int flask_hvm_param(struct domain *d, unsigned long op) +{ + u32 perm; + + switch ( op ) + { + case HVMOP_set_param: + perm = HVM__SETPARAM; + break; + case HVMOP_get_param: + perm = HVM__GETPARAM; + break; + case HVMOP_track_dirty_vram: + perm = HVM__TRACKDIRTYVRAM; + break; + default: + perm = HVM__HVMCTL; + } + + return current_has_perm(d, SECCLASS_HVM, perm); +} + #ifdef CONFIG_X86 static int flask_shadow_control(struct domain *d, uint32_t op) { @@ -1138,28 +1160,6 @@ static int flask_ioport_mapping(struct domain *d, uint32_t start, uint32_t end, return flask_ioport_permission(d, start, end, access); } -static int flask_hvm_param(struct domain *d, unsigned long op) -{ - u32 perm; - - switch ( op ) - { - case HVMOP_set_param: - perm = HVM__SETPARAM; - break; - case HVMOP_get_param: - perm = HVM__GETPARAM; - break; - case HVMOP_track_dirty_vram: - perm = HVM__TRACKDIRTYVRAM; - break; - default: - perm = HVM__HVMCTL; - } - - return current_has_perm(d, SECCLASS_HVM, perm); -} - static int flask_hvm_set_pci_intx_level(struct domain *d) { return current_has_perm(d, SECCLASS_HVM, HVM__PCILEVEL); @@ -1503,12 +1503,12 @@ static struct xsm_operations flask_ops = { .page_offline = flask_page_offline, .tmem_op = flask_tmem_op, .tmem_control = flask_tmem_control, + .hvm_param = flask_hvm_param, .do_xsm_op = do_flask_op, #ifdef CONFIG_X86 .shadow_control = flask_shadow_control, - .hvm_param = flask_hvm_param, .hvm_set_pci_intx_level = flask_hvm_set_pci_intx_level, .hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level, .hvm_set_pci_link_route = flask_hvm_set_pci_link_route, -- 1.8.0.2 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |