diff options
| author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2013-04-23 11:56:05 +0200 |
|---|---|---|
| committer | Jan Beulich <jbeulich@suse.com> | 2013-04-23 11:56:05 +0200 |
| commit | 3f28d0077788e7f8cd3ee25b023a4225d7e26e87 (patch) | |
| tree | 56758394d52f0aed5f71ad2763a54d76c07d8810 /xen/arch/x86/mm | |
| parent | 4bc22a50ebc1fb1695d59f69105797e208021edb (diff) | |
| download | xen-3f28d0077788e7f8cd3ee25b023a4225d7e26e87.tar.gz xen-3f28d0077788e7f8cd3ee25b023a4225d7e26e87.tar.bz2 xen-3f28d0077788e7f8cd3ee25b023a4225d7e26e87.zip | |
x86: remove IS_PRIV_FOR references
The check in guest_physmap_mark_populate_on_demand is redundant, since
its only caller is populate_physmap whose only caller checks the
xsm_memory_adjust_reservation hook prior to calling.
Add a new XSM hook for the other two checks since they allow privileged
domains to arbitrarily map a guest's memory.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: George Dunlap <george.dunlap@eu.citrix.com> (release perspective)
Diffstat (limited to 'xen/arch/x86/mm')
| -rw-r--r-- | xen/arch/x86/mm/p2m-pod.c | 3 | ||||
| -rw-r--r-- | xen/arch/x86/mm/shadow/multi.c | 19 |
2 files changed, 11 insertions, 11 deletions
diff --git a/xen/arch/x86/mm/p2m-pod.c b/xen/arch/x86/mm/p2m-pod.c index 55936c6e99..04ffbcb26e 100644 --- a/xen/arch/x86/mm/p2m-pod.c +++ b/xen/arch/x86/mm/p2m-pod.c @@ -1117,9 +1117,6 @@ guest_physmap_mark_populate_on_demand(struct domain *d, unsigned long gfn, mfn_t omfn; int rc = 0; - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - if ( !paging_mode_translate(d) ) return -EINVAL; diff --git a/xen/arch/x86/mm/shadow/multi.c b/xen/arch/x86/mm/shadow/multi.c index a593f762e3..a8ef75eb14 100644 --- a/xen/arch/x86/mm/shadow/multi.c +++ b/xen/arch/x86/mm/shadow/multi.c @@ -29,6 +29,7 @@ #include <xen/perfc.h> #include <xen/domain_page.h> #include <xen/iocap.h> +#include <xsm/xsm.h> #include <asm/page.h> #include <asm/current.h> #include <asm/shadow.h> @@ -849,14 +850,16 @@ shadow_get_page_from_l1e(shadow_l1e_t sl1e, struct domain *d, p2m_type_t type) !shadow_mode_translate(d) && mfn_valid(mfn = shadow_l1e_get_mfn(sl1e)) && (owner = page_get_owner(mfn_to_page(mfn))) && - (d != owner) && - IS_PRIV_FOR(d, owner)) - { - res = get_page_from_l1e(sl1e, d, owner); - SHADOW_PRINTK("privileged domain %d installs map of mfn %05lx " - "which is owned by domain %d: %s\n", - d->domain_id, mfn_x(mfn), owner->domain_id, - res >= 0 ? "success" : "failed"); + (d != owner) ) + { + res = xsm_priv_mapping(XSM_TARGET, d, owner); + if ( !res ) { + res = get_page_from_l1e(sl1e, d, owner); + SHADOW_PRINTK("privileged domain %d installs map of mfn %05lx " + "which is owned by domain %d: %s\n", + d->domain_id, mfn_x(mfn), owner->domain_id, + res >= 0 ? "success" : "failed"); + } } /* Okay, it might still be a grant mapping PTE. Try it. */ |