[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH v6 02/10] xsm bits for vNUMA hypercalls
Define xsm_get_vnumainfo hypercall used for domain which wish to receive vnuma topology. Add xsm hook for XEN_DOMCTL_setvnumainfo. Also adds basic policies. Signed-off-by: Elena Ufimtseva <ufimtseva@xxxxxxxxx> --- xen/common/memory.c | 7 +++++++ xen/include/xsm/dummy.h | 6 ++++++ xen/include/xsm/xsm.h | 7 +++++++ xen/xsm/dummy.c | 1 + xen/xsm/flask/hooks.c | 10 ++++++++++ xen/xsm/flask/policy/access_vectors | 4 ++++ 6 files changed, 35 insertions(+) diff --git a/xen/common/memory.c b/xen/common/memory.c index 925b9fc..9a87aa8 100644 --- a/xen/common/memory.c +++ b/xen/common/memory.c @@ -988,6 +988,13 @@ long do_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg) if ( (d = rcu_lock_domain_by_any_id(topology.domid)) == NULL ) return -ESRCH; + rc = xsm_get_vnumainfo(XSM_PRIV, d); + if ( rc ) + { + rcu_unlock_domain(d); + return rc; + } + rc = -EOPNOTSUPP; if ( d->vnuma == NULL ) goto vnumainfo_out; diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index c5aa316..4262fd8 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -317,6 +317,12 @@ static XSM_INLINE int xsm_set_pod_target(XSM_DEFAULT_ARG struct domain *d) return xsm_default_action(action, current->domain, d); } +static XSM_INLINE int xsm_get_vnumainfo(XSM_DEFAULT_ARG struct domain *d) +{ + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, d); +} + #if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) static XSM_INLINE int xsm_get_device_group(XSM_DEFAULT_ARG uint32_t machine_bdf) { diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index a85045d..c7ec562 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -169,6 +169,7 @@ struct xsm_operations { int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); + int (*get_vnumainfo) (struct domain *d); #endif }; @@ -653,6 +654,12 @@ static inline int xsm_ioport_mapping (xsm_default_t def, struct domain *d, uint3 { return xsm_ops->ioport_mapping(d, s, e, allow); } + +static inline int xsm_get_vnumainfo (xsm_default_t def, struct domain *d) +{ + return xsm_ops->get_vnumainfo(d); +} + #endif /* CONFIG_X86 */ #endif /* XSM_NO_WRAPPERS */ diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c index c95c803..0826a8b 100644 --- a/xen/xsm/dummy.c +++ b/xen/xsm/dummy.c @@ -85,6 +85,7 @@ void xsm_fixup_ops (struct xsm_operations *ops) set_to_dummy_if_null(ops, iomem_permission); set_to_dummy_if_null(ops, iomem_mapping); set_to_dummy_if_null(ops, pci_config_permission); + set_to_dummy_if_null(ops, get_vnumainfo); #if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) set_to_dummy_if_null(ops, get_device_group); diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index f2f59ea..00efba1 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -404,6 +404,11 @@ static int flask_claim_pages(struct domain *d) return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SETCLAIM); } +static int flask_get_vnumainfo(struct domain *d) +{ + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__GET_VNUMAINFO); +} + static int flask_console_io(struct domain *d, int cmd) { u32 perm; @@ -715,6 +720,9 @@ static int flask_domctl(struct domain *d, int cmd) case XEN_DOMCTL_cacheflush: return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__CACHEFLUSH); + case XEN_DOMCTL_setvnumainfo: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN2__SET_VNUMAINFO); + default: printk("flask_domctl: Unknown op %d\n", cmd); return -EPERM; @@ -1552,6 +1560,8 @@ static struct xsm_operations flask_ops = { .hvm_param_nested = flask_hvm_param_nested, .do_xsm_op = do_flask_op, + .get_vnumainfo = flask_get_vnumainfo, + #ifdef CONFIG_COMPAT .do_compat_op = compat_flask_op, #endif diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/access_vectors index 32371a9..d279841 100644 --- a/xen/xsm/flask/policy/access_vectors +++ b/xen/xsm/flask/policy/access_vectors @@ -200,6 +200,10 @@ class domain2 cacheflush # Creation of the hardware domain when it is not dom0 create_hardware_domain +# XEN_DOMCTL_setvnumainfo + set_vnumainfo +# XENMEM_getvnumainfo + get_vnumainfo } # Similar to class domain, but primarily contains domctls related to HVM domains -- 1.7.10.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |