Xen project Mailing List

Re: [Xen-devel] [PATCH RESEND 4/4] xen: rename IS_PRIV to is_hardware_domain

To: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxx>

From: Keir Fraser <keir.xen@xxxxxxxxx>

Date: Fri, 03 May 2013 17:00:30 +0100

Cc: Keir Fraser <keir@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>

Delivery-date: Fri, 03 May 2013 16:01:20 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Thread-index: Ac5IF1W5NGcebcTBLk+z2IgFddX6RA==

Thread-topic: [PATCH RESEND 4/4] xen: rename IS_PRIV to is_hardware_domain

On 03/05/2013 15:09, "Daniel De Graaf" <dgdegra@xxxxxxxxxxxxx> wrote: > Since the remaining uses of IS_PRIV are actually concerned with the > domain having control of the hardware (i.e. being the initial domain), > clarify this by renaming IS_PRIV to is_hardware_domain. This also > removes IS_PRIV_FOR since the only remaining user was xsm/dummy.h. > > Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> > Acked-by: George Dunlap <george.dunlap@xxxxxxxxxxxxx> (for 4.3 release) > Cc: Keir Fraser <keir@xxxxxxx> Acked-by: Keir Fraser <keir@xxxxxxx> > Cc: Jan Beulich <jbeulich@xxxxxxxx> > --- > xen/arch/x86/domctl.c | 6 +++--- > xen/arch/x86/msi.c | 2 +- > xen/arch/x86/physdev.c | 4 ++-- > xen/arch/x86/traps.c | 12 ++++++------ > xen/include/xen/sched.h | 12 ++++++++++-- > xen/include/xsm/dummy.h | 32 ++++++++++++++++++++------------ > 6 files changed, 42 insertions(+), 26 deletions(-) > > diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c > index 1f16ad2..c2a04c4 100644 > --- a/xen/arch/x86/domctl.c > +++ b/xen/arch/x86/domctl.c > @@ -661,7 +661,7 @@ long arch_do_domctl( > while ( i-- ) > clear_mmio_p2m_entry(d, gfn + i); > if ( iomem_deny_access(d, mfn, mfn + nr_mfns - 1) && > - IS_PRIV(current->domain) ) > + is_hardware_domain(current->domain) ) > printk(XENLOG_ERR > "memory_map: failed to deny dom%d access to > [%lx,%lx]\n", > d->domain_id, mfn, mfn + nr_mfns - 1); > @@ -680,7 +680,7 @@ long arch_do_domctl( > ret = iomem_deny_access(d, mfn, mfn + nr_mfns - 1); > if ( !ret && add ) > ret = -EIO; > - if ( ret && IS_PRIV(current->domain) ) > + if ( ret && is_hardware_domain(current->domain) ) > printk(XENLOG_ERR > "memory_map: error %ld %s dom%d access to > [%lx,%lx]\n", > ret, add ? "removing" : "denying", d->domain_id, > @@ -767,7 +767,7 @@ long arch_do_domctl( > break; > } > ret = ioports_deny_access(d, fmp, fmp + np - 1); > - if ( ret && IS_PRIV(current->domain) ) > + if ( ret && is_hardware_domain(current->domain) ) > printk(XENLOG_ERR > "ioport_map: error %ld denying dom%d access to > [%x,%x]\n", > ret, d->domain_id, fmp, fmp + np - 1); > diff --git a/xen/arch/x86/msi.c b/xen/arch/x86/msi.c > index 36bed29..a2ceea0 100644 > --- a/xen/arch/x86/msi.c > +++ b/xen/arch/x86/msi.c > @@ -812,7 +812,7 @@ static int msix_capability_init(struct pci_dev *dev, > break; > if ( d ) > { > - if ( !IS_PRIV(d) && dev->msix_warned != d->domain_id ) > + if ( !is_hardware_domain(d) && dev->msix_warned != > d->domain_id ) > { > dev->msix_warned = d->domain_id; > printk(XENLOG_ERR > diff --git a/xen/arch/x86/physdev.c b/xen/arch/x86/physdev.c > index eb8a407..3733c7a 100644 > --- a/xen/arch/x86/physdev.c > +++ b/xen/arch/x86/physdev.c > @@ -128,7 +128,7 @@ int physdev_map_pirq(domid_t domid, int type, int *index, > int *pirq_p, > irq = domain_pirq_to_irq(current->domain, *index); > if ( irq <= 0 ) > { > - if ( IS_PRIV(current->domain) ) > + if ( is_hardware_domain(current->domain) ) > irq = *index; > else { > dprintk(XENLOG_G_ERR, "dom%d: map pirq with incorrect > irq!\n", > @@ -691,7 +691,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) > arg) > case PHYSDEVOP_dbgp_op: { > struct physdev_dbgp_op op; > > - if ( !IS_PRIV(v->domain) ) > + if ( !is_hardware_domain(v->domain) ) > ret = -EPERM; > else if ( copy_from_guest(&op, arg, 1) ) > ret = -EFAULT; > diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c > index fbbe31d..e0bc60d 100644 > --- a/xen/arch/x86/traps.c > +++ b/xen/arch/x86/traps.c > @@ -1303,7 +1303,7 @@ static int fixup_page_fault(unsigned long addr, struct > cpu_user_regs *regs) > ptwr_do_page_fault(v, addr, regs) ) > return EXCRET_fault_fixed; > > - if ( IS_PRIV(d) && (regs->error_code & PFEC_page_present) && > + if ( is_hardware_domain(d) && (regs->error_code & PFEC_page_present) > && > mmio_ro_do_page_fault(v, addr, regs) ) > return EXCRET_fault_fixed; > } > @@ -1623,7 +1623,7 @@ static int pci_cfg_ok(struct domain *d, int write, int > size) > { > uint32_t machine_bdf; > uint16_t start, end; > - if (!IS_PRIV(d)) > + if (!is_hardware_domain(d)) > return 0; > > machine_bdf = (d->arch.pci_cf8 >> 8) & 0xFFFF; > @@ -2415,7 +2415,7 @@ static int emulate_privileged_op(struct cpu_user_regs > *regs) > if ( boot_cpu_data.x86_vendor != X86_VENDOR_AMD || > boot_cpu_data.x86 < 0x10 || boot_cpu_data.x86 > 0x17 ) > goto fail; > - if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) ) > + if ( !is_hardware_domain(v->domain) || !is_pinned_vcpu(v) ) > break; > if ( (rdmsr_safe(MSR_AMD64_NB_CFG, val) != 0) || > (eax != (uint32_t)val) || > @@ -2428,7 +2428,7 @@ static int emulate_privileged_op(struct cpu_user_regs > *regs) > if ( boot_cpu_data.x86_vendor != X86_VENDOR_AMD || > boot_cpu_data.x86 < 0x10 || boot_cpu_data.x86 > 0x17 ) > goto fail; > - if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) ) > + if ( !is_hardware_domain(v->domain) || !is_pinned_vcpu(v) ) > break; > if ( (rdmsr_safe(MSR_FAM10H_MMIO_CONF_BASE, val) != 0) ) > goto fail; > @@ -2448,7 +2448,7 @@ static int emulate_privileged_op(struct cpu_user_regs > *regs) > case MSR_IA32_UCODE_REV: > if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL ) > goto fail; > - if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) ) > + if ( !is_hardware_domain(v->domain) || !is_pinned_vcpu(v) ) > break; > if ( rdmsr_safe(regs->ecx, val) ) > goto fail; > @@ -2484,7 +2484,7 @@ static int emulate_privileged_op(struct cpu_user_regs > *regs) > case MSR_IA32_ENERGY_PERF_BIAS: > if ( boot_cpu_data.x86_vendor != X86_VENDOR_INTEL ) > goto fail; > - if ( !IS_PRIV(v->domain) || !is_pinned_vcpu(v) ) > + if ( !is_hardware_domain(v->domain) || !is_pinned_vcpu(v) ) > break; > if ( wrmsr_safe(regs->ecx, msr_content) != 0 ) > goto fail; > diff --git a/xen/include/xen/sched.h b/xen/include/xen/sched.h > index cb3baed..5b55c09 100644 > --- a/xen/include/xen/sched.h > +++ b/xen/include/xen/sched.h > @@ -716,8 +716,16 @@ uint64_t get_cpu_idle_time(unsigned int cpu); > void watchdog_domain_init(struct domain *d); > void watchdog_domain_destroy(struct domain *d); > > -#define IS_PRIV(_d) ((_d)->is_privileged) > -#define IS_PRIV_FOR(_d, _t) (IS_PRIV(_d) || ((_d)->target && (_d)->target == > (_t))) > +/* > + * Use this check when the following are both true: > + * - Using this feature or interface requires full access to the hardware > + * (that is, this is would not be suitable for a driver domain) > + * - There is never a reason to deny dom0 access to this > + */ > +#define is_hardware_domain(_d) ((_d)->is_privileged) > + > +/* This check is for functionality specific to a control domain */ > +#define is_control_domain(_d) ((_d)->is_privileged) > > #define VM_ASSIST(_d,_t) (test_bit((_t), &(_d)->vm_assist)) > > diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h > index 3912bd9..a872056 100644 > --- a/xen/include/xsm/dummy.h > +++ b/xen/include/xsm/dummy.h > @@ -60,17 +60,23 @@ static always_inline int xsm_default_action( > case XSM_HOOK: > return 0; > case XSM_DM_PRIV: > - if ( !IS_PRIV_FOR(src, target) ) > - return -EPERM; > - return 0; > + if ( src->is_privileged ) > + return 0; > + if ( target && src->target == target ) > + return 0; > + return -EPERM; > case XSM_TARGET: > - if ( src != target && !IS_PRIV_FOR(src, target) ) > - return -EPERM; > - return 0; > + if ( src == target ) > + return 0; > + if ( src->is_privileged ) > + return 0; > + if ( target && src->target == target ) > + return 0; > + return -EPERM; > case XSM_PRIV: > - if ( !IS_PRIV(src) ) > - return -EPERM; > - return 0; > + if ( src->is_privileged ) > + return 0; > + return -EPERM; > default: > LINKER_BUG_ON(1); > return -EPERM; > @@ -567,10 +573,12 @@ static XSM_INLINE int > xsm_domain_memory_map(XSM_DEFAULT_ARG struct domain *d) > static XSM_INLINE int xsm_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct > domain *t, > struct domain *f, uint32_t flags) > { > + int rc; > XSM_ASSERT_ACTION(XSM_TARGET); > - if ( t && d != t && !IS_PRIV_FOR(d, t) ) > - return -EPERM; > - return xsm_default_action(action, d, f); > + rc = xsm_default_action(action, d, f); > + if ( t && !rc ) > + rc = xsm_default_action(action, d, t); > + return rc; > } > > static XSM_INLINE int xsm_mmuext_op(XSM_DEFAULT_ARG struct domain *d, struct > domain *f) _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.