xen/arch/arm: add XSM hook to HVMOP_{get,set}_param

This hook is not x86-specific; move it out of CONFIG_X86. Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Keir Fraser <keir@xen.org>
author: Daniel De Graaf <dgdegra@tycho.nsa.gov> 2013-01-30 02:36:40 -0800
committer: Daniel De Graaf <dgdegra@tycho.nsa.gov> 2013-01-30 02:36:40 -0800
commit: 6cf13d0d523e20557e11a94fda51452f54c3a1b5 (patch)
tree: 94bb2e3ea61916df469ab5debbaab11db319a5a4
parent: 66eb6f8b77474fcdd140e43f819a3a80fd5a25a8 (diff)
download: xen-6cf13d0d523e20557e11a94fda51452f54c3a1b5.tar.gz
xen-6cf13d0d523e20557e11a94fda51452f54c3a1b5.tar.bz2
xen-6cf13d0d523e20557e11a94fda51452f54c3a1b5.zip
5 files changed, 44 insertions, 38 deletions
diff --git a/xen/arch/arm/hvm.c b/xen/arch/arm/hvm.c
index 40f519ef3c..63ac793250 100644
--- a/xen/arch/arm/hvm.c
+++ b/xen/arch/arm/hvm.c
@@ -30,9 +30,13 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg)
         if ( a.index >= HVM_NR_PARAMS )
             return -EINVAL;
 
-        rc = rcu_lock_target_domain_by_id(a.domid, &d);
-        if ( rc != 0 )
-            return rc;
+        d = rcu_lock_domain_by_any_id(a.domid);
+        if ( d == NULL )
+            return -ESRCH;
+
+        rc = xsm_hvm_param(XSM_TARGET, d, op);
+        if ( rc )
+            goto param_fail;
 
         if ( op == HVMOP_set_param )
         {
@@ -44,6 +48,7 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg)
             rc = copy_to_guest(arg, &a, 1) ? -EFAULT : 0;
         }
 
+    param_fail:
         rcu_unlock_domain(d);
         break;
     }
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index 19bbe19415..025936a5a1 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -467,16 +467,16 @@ static XSM_INLINE int xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1,
     return xsm_default_action(action, d1, d2);
 }
 
-#ifdef CONFIG_X86
-static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op)
+static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned long op)
 {
-    XSM_ASSERT_ACTION(XSM_HOOK);
+    XSM_ASSERT_ACTION(XSM_TARGET);
     return xsm_default_action(action, current->domain, d);
 }
 
-static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned long op)
+#ifdef CONFIG_X86
+static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op)
 {
-    XSM_ASSERT_ACTION(XSM_TARGET);
+    XSM_ASSERT_ACTION(XSM_HOOK);
     return xsm_default_action(action, current->domain, d);
 }
 
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 2399da0a6d..cba744ce1a 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -129,9 +129,10 @@ struct xsm_operations {
 
     long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op);
 
+    int (*hvm_param) (struct domain *d, unsigned long op);
+
 #ifdef CONFIG_X86
     int (*shadow_control) (struct domain *d, uint32_t op);
-    int (*hvm_param) (struct domain *d, unsigned long op);
     int (*hvm_set_pci_intx_level) (struct domain *d);
     int (*hvm_set_isa_irq_level) (struct domain *d);
     int (*hvm_set_pci_link_route) (struct domain *d);
@@ -487,15 +488,15 @@ static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
     return xsm_ops->do_xsm_op(op);
 }
 
-#ifdef CONFIG_X86
-static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, uint32_t op)
+static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op)
 {
-    return xsm_ops->shadow_control(d, op);
+    return xsm_ops->hvm_param(d, op);
 }
 
-static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op)
+#ifdef CONFIG_X86
+static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, uint32_t op)
 {
-    return xsm_ops->hvm_param(d, op);
+    return xsm_ops->shadow_control(d, op);
 }
 
 static inline int xsm_hvm_set_pci_intx_level (xsm_default_t def, struct domain *d)
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index dcd3e31526..6f1e0b4860 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -100,6 +100,7 @@ void xsm_fixup_ops (struct xsm_operations *ops)
     set_to_dummy_if_null(ops, page_offline);
     set_to_dummy_if_null(ops, tmem_op);
     set_to_dummy_if_null(ops, tmem_control);
+    set_to_dummy_if_null(ops, hvm_param);
 
     set_to_dummy_if_null(ops, do_xsm_op);
 
@@ -108,7 +109,6 @@ void xsm_fixup_ops (struct xsm_operations *ops)
 
 #ifdef CONFIG_X86
     set_to_dummy_if_null(ops, shadow_control);
-    set_to_dummy_if_null(ops, hvm_param);
     set_to_dummy_if_null(ops, hvm_set_pci_intx_level);
     set_to_dummy_if_null(ops, hvm_set_isa_irq_level);
     set_to_dummy_if_null(ops, hvm_set_pci_link_route);
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 58695884ae..85d009c42b 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1068,6 +1068,28 @@ static int flask_remove_from_physmap(struct domain *d1, struct domain *d2)
     return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP);
 }
 
+static int flask_hvm_param(struct domain *d, unsigned long op)
+{
+    u32 perm;
+
+    switch ( op )
+    {
+    case HVMOP_set_param:
+        perm = HVM__SETPARAM;
+        break;
+    case HVMOP_get_param:
+        perm = HVM__GETPARAM;
+        break;
+    case HVMOP_track_dirty_vram:
+        perm = HVM__TRACKDIRTYVRAM;
+        break;
+    default:
+        perm = HVM__HVMCTL;
+    }
+
+    return current_has_perm(d, SECCLASS_HVM, perm);
+}
+
 #ifdef CONFIG_X86
 static int flask_shadow_control(struct domain *d, uint32_t op)
 {
@@ -1148,28 +1170,6 @@ static int flask_ioport_mapping(struct domain *d, uint32_t start, uint32_t end,
     return flask_ioport_permission(d, start, end, access);
 }
 
-static int flask_hvm_param(struct domain *d, unsigned long op)
-{
-    u32 perm;
-
-    switch ( op )
-    {
-    case HVMOP_set_param:
-        perm = HVM__SETPARAM;
-        break;
-    case HVMOP_get_param:
-        perm = HVM__GETPARAM;
-        break;
-    case HVMOP_track_dirty_vram:
-        perm = HVM__TRACKDIRTYVRAM;
-        break;
-    default:
-        perm = HVM__HVMCTL;
-    }
-
-    return current_has_perm(d, SECCLASS_HVM, perm);
-}
-
 static int flask_hvm_set_pci_intx_level(struct domain *d)
 {
     return current_has_perm(d, SECCLASS_HVM, HVM__PCILEVEL);
@@ -1503,6 +1503,7 @@ static struct xsm_operations flask_ops = {
     .page_offline = flask_page_offline,
     .tmem_op = flask_tmem_op,
     .tmem_control = flask_tmem_control,
+    .hvm_param = flask_hvm_param,
 
     .do_xsm_op = do_flask_op,
 
@@ -1511,7 +1512,6 @@ static struct xsm_operations flask_ops = {
 
 #ifdef CONFIG_X86
     .shadow_control = flask_shadow_control,
-    .hvm_param = flask_hvm_param,
     .hvm_set_pci_intx_level = flask_hvm_set_pci_intx_level,
     .hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level,
     .hvm_set_pci_link_route = flask_hvm_set_pci_link_route,
author	Daniel De Graaf <dgdegra@tycho.nsa.gov>	2013-01-30 02:36:40 -0800
committer	Daniel De Graaf <dgdegra@tycho.nsa.gov>	2013-01-30 02:36:40 -0800
commit	6cf13d0d523e20557e11a94fda51452f54c3a1b5 (patch)
tree	94bb2e3ea61916df469ab5debbaab11db319a5a4
parent	66eb6f8b77474fcdd140e43f819a3a80fd5a25a8 (diff)
download	xen-6cf13d0d523e20557e11a94fda51452f54c3a1b5.tar.gz xen-6cf13d0d523e20557e11a94fda51452f54c3a1b5.tar.bz2 xen-6cf13d0d523e20557e11a94fda51452f54c3a1b5.zip