[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v3 01/28] xen/xsm: remove redundant xsm_iomem_mapping()

  • To: <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Penny Zheng <Penny.Zheng@xxxxxxx>
  • Date: Mon, 13 Oct 2025 18:15:13 +0800
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ORH8EP+CphvCO9xfmoZ1RhH5ktFOjdvuVwnEn+eXJWw=; b=dNQQftBMOA7jc4wMtBjjO8BEW48iXXMXh8br3Mg8VCv0JyFlq3lMzXnuE+p/e4sGJuyhk4DZ10eOLSJ6jSKj8T+OGxRbmIdrwcs8tZz9WRhe4+3VE/l3urT4MHethJ62G7vdEhgR+vDlsCAfE45w49a9JTvzqEU28O92IF9IKXeIAsLyG3wyK0sZCVsRg2sxqq2rXA8HrxG3K/PGmAlyrttjZzimMz8YPq5Qh09ns9EprpkvP0JxxMLz6NxaN8enmYAN5UyLbkeUvbQNtWLGJZOPIemhdeUjqjBWgsklsMCQrUkC+5BcIn9iFTOpHjHW+7Zj70Tg9Vz1yV0Mo7cqtg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=IMIZtyYhZpSlc8SA1Nl0WrBvhGE6bpDxAx/u6nhX9O/NT1tp53rjYY6dilZNQhCqv0yyeIVhk67nc2z+22YbcFsx+zr3DBfMG3jvqHnsxxTxppY4Guqhktk10V/wL+N/P6Rx5gfjHewdkiTD2j7/29o+Q7rg4c0/nDh2vbTPDzeOjHGzy1NMHDEvvEOSFwx9dmMZgH1cU363haQKtK6+G6L8RhtjB9SgpOgp08QIKtABKvWp+mgVvJ5CyEbDW7UoqjCcfYQos2WUEmrlxWfaFIXLOPhxI1h+it8OtO4K8+S/u1I3IXLNjRZlnR7xRBlt1kSrOdRadPU2t9suTpLbYw==
  • Cc: <ray.huang@xxxxxxx>, <oleksii.kurochko@xxxxxxxxx>, Penny Zheng <Penny.Zheng@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, "Anthony PERARD" <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, "Jan Beulich" <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, "Stefano Stabellini" <sstabellini@xxxxxxxxxx>, Stewart Hildebrand <stewart.hildebrand@xxxxxxx>, "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Mon, 13 Oct 2025 10:16:43 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Function xsm_iomem_mapping() seems redundant, and in flask policy, it just
directly calls xsm_iomem_permission().
Remove it and use xsm_iomem_permission() instead, with the benefit of a
cf_check disappearing too.

Suggested-by: Jan Beulich <jbeulich@xxxxxxxx>
Signed-off-by: Penny Zheng <Penny.Zheng@xxxxxxx>
---
v2 -> v3:
- new commit
---
 xen/common/domctl.c       | 2 +-
 xen/drivers/vpci/header.c | 2 +-
 xen/include/xsm/dummy.h   | 7 -------
 xen/include/xsm/xsm.h     | 8 --------
 xen/xsm/dummy.c           | 1 -
 xen/xsm/flask/hooks.c     | 6 ------
 6 files changed, 2 insertions(+), 24 deletions(-)

diff --git a/xen/common/domctl.c b/xen/common/domctl.c
index 954d790226..71ebeff494 100644
--- a/xen/common/domctl.c
+++ b/xen/common/domctl.c
@@ -701,7 +701,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) 
u_domctl)
              !iomem_access_permitted(d, mfn, mfn_end) )
             break;
 
-        ret = xsm_iomem_mapping(XSM_HOOK, d, mfn, mfn_end, add);
+        ret = xsm_iomem_permission(XSM_HOOK, d, mfn, mfn_end, add);
         if ( ret )
             break;
 
diff --git a/xen/drivers/vpci/header.c b/xen/drivers/vpci/header.c
index 469f497744..1ff6c63f4d 100644
--- a/xen/drivers/vpci/header.c
+++ b/xen/drivers/vpci/header.c
@@ -67,7 +67,7 @@ static int cf_check map_range(
             return -EPERM;
         }
 
-        rc = xsm_iomem_mapping(XSM_HOOK, map->d, map_mfn, m_end, map->map);
+        rc = xsm_iomem_permission(XSM_HOOK, map->d, map_mfn, m_end, map->map);
         if ( rc )
         {
             printk(XENLOG_G_WARNING
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index 12792c3a43..5e29165763 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -570,13 +570,6 @@ static XSM_INLINE int cf_check xsm_iomem_permission(
     return xsm_default_action(action, current->domain, d);
 }
 
-static XSM_INLINE int cf_check xsm_iomem_mapping(
-    XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
-{
-    XSM_ASSERT_ACTION(XSM_HOOK);
-    return xsm_default_action(action, current->domain, d);
-}
-
 static XSM_INLINE int cf_check xsm_pci_config_permission(
     XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf, uint16_t start,
     uint16_t end, uint8_t access)
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 9a23d2827c..34caad2f7e 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -116,8 +116,6 @@ struct xsm_ops {
     int (*irq_permission)(struct domain *d, int pirq, uint8_t allow);
     int (*iomem_permission)(struct domain *d, uint64_t s, uint64_t e,
                             uint8_t allow);
-    int (*iomem_mapping)(struct domain *d, uint64_t s, uint64_t e,
-                         uint8_t allow);
     int (*pci_config_permission)(struct domain *d, uint32_t machine_bdf,
                                  uint16_t start, uint16_t end, uint8_t access);
 
@@ -517,12 +515,6 @@ static inline int xsm_iomem_permission(
     return alternative_call(xsm_ops.iomem_permission, d, s, e, allow);
 }
 
-static inline int xsm_iomem_mapping(
-    xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
-{
-    return alternative_call(xsm_ops.iomem_mapping, d, s, e, allow);
-}
-
 static inline int xsm_pci_config_permission(
     xsm_default_t def, struct domain *d, uint32_t machine_bdf, uint16_t start,
     uint16_t end, uint8_t access)
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 8b7e01b506..86daca3e89 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -75,7 +75,6 @@ static const struct xsm_ops __initconst_cf_clobber dummy_ops 
= {
     .unbind_pt_irq                 = xsm_unbind_pt_irq,
     .irq_permission                = xsm_irq_permission,
     .iomem_permission              = xsm_iomem_permission,
-    .iomem_mapping                 = xsm_iomem_mapping,
     .pci_config_permission         = xsm_pci_config_permission,
     .get_vnumainfo                 = xsm_get_vnumainfo,
 
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index b0308e1b26..e98920dd52 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1167,11 +1167,6 @@ static int cf_check flask_iomem_permission(
     return security_iterate_iomem_sids(start, end, _iomem_has_perm, &data);
 }
 
-static int cf_check flask_iomem_mapping(struct domain *d, uint64_t start, 
uint64_t end, uint8_t access)
-{
-    return flask_iomem_permission(d, start, end, access);
-}
-
 static int cf_check flask_pci_config_permission(
     struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end,
     uint8_t access)
@@ -1945,7 +1940,6 @@ static const struct xsm_ops __initconst_cf_clobber 
flask_ops = {
     .unbind_pt_irq = flask_unbind_pt_irq,
     .irq_permission = flask_irq_permission,
     .iomem_permission = flask_iomem_permission,
-    .iomem_mapping = flask_iomem_mapping,
     .pci_config_permission = flask_pci_config_permission,
 
     .resource_plug_core = flask_resource_plug_core,
-- 
2.34.1

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.