[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 14/23] xsm/dummy: Allow XS_PRIV to call get_hvm_param


  • To: <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Jason Andryuk <jason.andryuk@xxxxxxx>
  • Date: Thu, 6 Mar 2025 17:03:34 -0500
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TNgQrZnx+1brlKFiQ9NUOt1D3BsJYWITfDLiw9hTcZM=; b=SITUgxldZs16Fi75BN80NqQboE/qAziRO4Eevh2RSgz55Z+TVBM4qLRktuJcjlFcI4aqGAgurioDtqR8g3aqxyb7GgIHX9Hc5Vk4QBuNdb823uywL7C2Y/Kj2AxSOQJAkrUh8ymlM4rHJYRDN9pUQQzYD0VM89hrXVeVk8NjBj1JI9zbDPpFJBdINNlei3ULK+J2k2HNy2JDR9FmO/PsFQPQY5FALkya9dlmEYofuAAuiG7TYkomACHEc9GUkZqimIu8wFRX/b5s9N1H6mNl8FyworqXkT6gMRNZs1EBg9lL47jjMzZzA81/pbK8CbJU5gk1i6xrKHC61ODz0RNt5g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=M+duMxeKFPY+K2EpRSRoDLL047tDFglfbWulRwOx2yNLxEoI4yT7jqnowhSn+QrNikdjo0GZNsqN6XnR0wQ+yKP5DjOwDhvN9++7Zj92yHVXFERDnYbxAKqqccbmgVj3h6fqChgpwgGnaBh0Jy4zNlzlcZwCDDaQGFCmqTCHxooQ+7Ffakptw0x2boyLO8TW3l7nZSl3v0n0ONi0JVJmb8k+AIC0lYcJHbHKO1n3q8f6N9GGoke8f3HJBdHwjUlhcI7fEHte1vSye1XtrdIlk6TlSYgBM8yW1SfLR8BJ9p+NjBvjBMahjc45xsxWWjB76h3Z6FzwAgSkjiE4HNmMTw==
  • Cc: Jason Andryuk <jason.andryuk@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, "Volodymyr Babchuk" <Volodymyr_Babchuk@xxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, "Andrew Cooper" <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Thu, 06 Mar 2025 22:41:28 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

This is useful for a combined hardware/xenstore domain that will run
init-dom0less and xenstored.  init-dom0less calls xc_hvm_param_get() to
retrieve the xenstore event channel and pfn to configure xenstore for a
guest.  With a hypervisor-allocated event channel and page, the
set_hvm_param is not needed, and the normal domid permissions will allow
xenstored to connect.

Similarly, a hyperlaunch-ed xenstore stubdom needs to read a domain's
xenstore event channel out of hvm_param.

This allows reading but not modifying the guest, so allow the permission.

Signed-off-by: Jason Andryuk <jason.andryuk@xxxxxxx>
---
 xen/arch/arm/hvm.c      |  2 +-
 xen/arch/x86/hvm/hvm.c  |  8 ++++----
 xen/include/xsm/dummy.h | 14 ++++++++++++--
 3 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/xen/arch/arm/hvm.c b/xen/arch/arm/hvm.c
index 86e49bf474..b50ca10cee 100644
--- a/xen/arch/arm/hvm.c
+++ b/xen/arch/arm/hvm.c
@@ -89,7 +89,7 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) 
arg)
         if ( d == NULL )
             return -ESRCH;
 
-        rc = xsm_hvm_param(XSM_TARGET, d, op);
+        rc = xsm_hvm_param(XSM_OTHER, d, op);
         if ( rc )
             goto param_fail;
 
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 969e43c2f2..f3f1002cc9 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -4177,7 +4177,7 @@ static int hvm_allow_set_param(struct domain *d,
     uint64_t value;
     int rc;
 
-    rc = xsm_hvm_param(XSM_TARGET, d, HVMOP_set_param);
+    rc = xsm_hvm_param(XSM_OTHER, d, HVMOP_set_param);
     if ( rc )
         return rc;
 
@@ -4458,7 +4458,7 @@ static int hvm_allow_get_param(struct domain *d,
 {
     int rc;
 
-    rc = xsm_hvm_param(XSM_TARGET, d, HVMOP_get_param);
+    rc = xsm_hvm_param(XSM_OTHER, d, HVMOP_get_param);
     if ( rc )
         return rc;
 
@@ -5055,7 +5055,7 @@ static int hvmop_get_mem_type(
     if ( d == NULL )
         return -ESRCH;
 
-    rc = xsm_hvm_param(XSM_TARGET, d, HVMOP_get_mem_type);
+    rc = xsm_hvm_param(XSM_OTHER, d, HVMOP_get_mem_type);
     if ( rc )
         goto out;
 
@@ -5148,7 +5148,7 @@ long do_hvm_op(unsigned long op, 
XEN_GUEST_HANDLE_PARAM(void) arg)
         if ( unlikely(d != current->domain) )
             rc = -EOPNOTSUPP;
         else if ( is_hvm_domain(d) && paging_mode_shadow(d) )
-            rc = xsm_hvm_param(XSM_TARGET, d, op);
+            rc = xsm_hvm_param(XSM_OTHER, d, op);
         if ( !rc )
             pagetable_dying(a.gpa);
 
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index f2d6662a9d..06f4eccf5f 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -614,8 +614,18 @@ static XSM_INLINE int cf_check xsm_map_gmfn_foreign(
 static XSM_INLINE int cf_check xsm_hvm_param(
     XSM_DEFAULT_ARG struct domain *d, unsigned long op)
 {
-    XSM_ASSERT_ACTION(XSM_TARGET);
-    return xsm_default_action(action, current->domain, d);
+    XSM_ASSERT_ACTION(XSM_OTHER);
+    switch ( op )
+    {
+    case HVMOP_get_param:
+        /* A domain can query itself, or a DM can query its target. */
+        if ( !xsm_default_action(XSM_TARGET, current->domain, d) )
+            return 0;
+        /* Xenstore domain needs to be able to query for mapping. */
+        return xsm_default_action(XSM_XS_PRIV, current->domain, d);
+    default:
+        return xsm_default_action(XSM_TARGET, current->domain, d);
+    }
 }
 
 static XSM_INLINE int cf_check xsm_hvm_param_altp2mhvm(
-- 
2.48.1




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.