[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 3/3] xen/arch/arm: add XSM hook to HVMOP_{get, set}_param



This hook is not x86-specific; move it out of CONFIG_X86.

Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Cc: Ian Campbell <ian.campbell@xxxxxxxxxx>
Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>
Cc: Tim Deegan <tim@xxxxxxx>
---
 xen/arch/arm/hvm.c      | 11 ++++++++---
 xen/include/xsm/dummy.h | 10 +++++-----
 xen/include/xsm/xsm.h   | 13 +++++++------
 xen/xsm/dummy.c         |  2 +-
 xen/xsm/flask/hooks.c   | 46 +++++++++++++++++++++++-----------------------
 5 files changed, 44 insertions(+), 38 deletions(-)

diff --git a/xen/arch/arm/hvm.c b/xen/arch/arm/hvm.c
index 40f519e..63ac793 100644
--- a/xen/arch/arm/hvm.c
+++ b/xen/arch/arm/hvm.c
@@ -30,9 +30,13 @@ long do_hvm_op(unsigned long op, 
XEN_GUEST_HANDLE_PARAM(void) arg)
         if ( a.index >= HVM_NR_PARAMS )
             return -EINVAL;
 
-        rc = rcu_lock_target_domain_by_id(a.domid, &d);
-        if ( rc != 0 )
-            return rc;
+        d = rcu_lock_domain_by_any_id(a.domid);
+        if ( d == NULL )
+            return -ESRCH;
+
+        rc = xsm_hvm_param(XSM_TARGET, d, op);
+        if ( rc )
+            goto param_fail;
 
         if ( op == HVMOP_set_param )
         {
@@ -44,6 +48,7 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) 
arg)
             rc = copy_to_guest(arg, &a, 1) ? -EFAULT : 0;
         }
 
+    param_fail:
         rcu_unlock_domain(d);
         break;
     }
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index aa4c7d2..8c746a4 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -455,16 +455,16 @@ static XSM_INLINE int 
xsm_pci_config_permission(XSM_DEFAULT_ARG struct domain *d
     return xsm_default_action(action, current->domain, d);
 }
 
-#ifdef CONFIG_X86
-static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, 
uint32_t op)
+static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned 
long op)
 {
-    XSM_ASSERT_ACTION(XSM_HOOK);
+    XSM_ASSERT_ACTION(XSM_TARGET);
     return xsm_default_action(action, current->domain, d);
 }
 
-static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned 
long op)
+#ifdef CONFIG_X86
+static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, 
uint32_t op)
 {
-    XSM_ASSERT_ACTION(XSM_TARGET);
+    XSM_ASSERT_ACTION(XSM_HOOK);
     return xsm_default_action(action, current->domain, d);
 }
 
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index c77cb92..c73c872 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -128,9 +128,10 @@ struct xsm_operations {
 
     long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op);
 
+    int (*hvm_param) (struct domain *d, unsigned long op);
+
 #ifdef CONFIG_X86
     int (*shadow_control) (struct domain *d, uint32_t op);
-    int (*hvm_param) (struct domain *d, unsigned long op);
     int (*hvm_set_pci_intx_level) (struct domain *d);
     int (*hvm_set_isa_irq_level) (struct domain *d);
     int (*hvm_set_pci_link_route) (struct domain *d);
@@ -482,15 +483,15 @@ static inline long xsm_do_xsm_op 
(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
     return xsm_ops->do_xsm_op(op);
 }
 
-#ifdef CONFIG_X86
-static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, 
uint32_t op)
+static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned 
long op)
 {
-    return xsm_ops->shadow_control(d, op);
+    return xsm_ops->hvm_param(d, op);
 }
 
-static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned 
long op)
+#ifdef CONFIG_X86
+static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, 
uint32_t op)
 {
-    return xsm_ops->hvm_param(d, op);
+    return xsm_ops->shadow_control(d, op);
 }
 
 static inline int xsm_hvm_set_pci_intx_level (xsm_default_t def, struct domain 
*d)
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 5a9371f..cae42f5 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -100,12 +100,12 @@ void xsm_fixup_ops (struct xsm_operations *ops)
     set_to_dummy_if_null(ops, page_offline);
     set_to_dummy_if_null(ops, tmem_op);
     set_to_dummy_if_null(ops, tmem_control);
+    set_to_dummy_if_null(ops, hvm_param);
 
     set_to_dummy_if_null(ops, do_xsm_op);
 
 #ifdef CONFIG_X86
     set_to_dummy_if_null(ops, shadow_control);
-    set_to_dummy_if_null(ops, hvm_param);
     set_to_dummy_if_null(ops, hvm_set_pci_intx_level);
     set_to_dummy_if_null(ops, hvm_set_isa_irq_level);
     set_to_dummy_if_null(ops, hvm_set_pci_link_route);
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index ba136ba..eb1d764 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1058,6 +1058,28 @@ static inline int flask_tmem_control(void)
     return domain_has_xen(current->domain, XEN__TMEM_CONTROL);
 }
 
+static int flask_hvm_param(struct domain *d, unsigned long op)
+{
+    u32 perm;
+
+    switch ( op )
+    {
+    case HVMOP_set_param:
+        perm = HVM__SETPARAM;
+        break;
+    case HVMOP_get_param:
+        perm = HVM__GETPARAM;
+        break;
+    case HVMOP_track_dirty_vram:
+        perm = HVM__TRACKDIRTYVRAM;
+        break;
+    default:
+        perm = HVM__HVMCTL;
+    }
+
+    return current_has_perm(d, SECCLASS_HVM, perm);
+}
+
 #ifdef CONFIG_X86
 static int flask_shadow_control(struct domain *d, uint32_t op)
 {
@@ -1138,28 +1160,6 @@ static int flask_ioport_mapping(struct domain *d, 
uint32_t start, uint32_t end,
     return flask_ioport_permission(d, start, end, access);
 }
 
-static int flask_hvm_param(struct domain *d, unsigned long op)
-{
-    u32 perm;
-
-    switch ( op )
-    {
-    case HVMOP_set_param:
-        perm = HVM__SETPARAM;
-        break;
-    case HVMOP_get_param:
-        perm = HVM__GETPARAM;
-        break;
-    case HVMOP_track_dirty_vram:
-        perm = HVM__TRACKDIRTYVRAM;
-        break;
-    default:
-        perm = HVM__HVMCTL;
-    }
-
-    return current_has_perm(d, SECCLASS_HVM, perm);
-}
-
 static int flask_hvm_set_pci_intx_level(struct domain *d)
 {
     return current_has_perm(d, SECCLASS_HVM, HVM__PCILEVEL);
@@ -1503,12 +1503,12 @@ static struct xsm_operations flask_ops = {
     .page_offline = flask_page_offline,
     .tmem_op = flask_tmem_op,
     .tmem_control = flask_tmem_control,
+    .hvm_param = flask_hvm_param,
 
     .do_xsm_op = do_flask_op,
 
 #ifdef CONFIG_X86
     .shadow_control = flask_shadow_control,
-    .hvm_param = flask_hvm_param,
     .hvm_set_pci_intx_level = flask_hvm_set_pci_intx_level,
     .hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level,
     .hvm_set_pci_link_route = flask_hvm_set_pci_link_route,
-- 
1.8.0.2


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.