diff options
| author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2013-01-11 10:41:51 +0000 |
|---|---|---|
| committer | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2013-01-11 10:41:51 +0000 |
| commit | 652f94327383c5517b709f0a3e4b970216b3d375 (patch) | |
| tree | d81086462375a68fa66ba6b315ef83d793a0df7a /xen/common/domctl.c | |
| parent | 58632b5b140c35e8003a4efbe1eabe936c602490 (diff) | |
| download | xen-652f94327383c5517b709f0a3e4b970216b3d375.tar.gz xen-652f94327383c5517b709f0a3e4b970216b3d375.tar.bz2 xen-652f94327383c5517b709f0a3e4b970216b3d375.zip | |
xen: domctl XSM hook removal
A number of the domctl XSM hooks do nothing except pass the domain and
operation ID, making them redundant with the xsm_domctl hook. Remove
these redundant hooks.
The remaining domctls all use individual hooks because they pass extra
details of the call to the XSM module in order to allow a more
fine-grained access decision to be made - for example, considering the
exact device or memory range being set up for guest access.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Committed-by: Keir Fraser <keir@xen.org>
Diffstat (limited to 'xen/common/domctl.c')
| -rw-r--r-- | xen/common/domctl.c | 59 |
1 files changed, 2 insertions, 57 deletions
diff --git a/xen/common/domctl.c b/xen/common/domctl.c index b32e614e71..e1fb75d751 100644 --- a/xen/common/domctl.c +++ b/xen/common/domctl.c @@ -290,10 +290,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) if ( d == NULL ) break; - ret = xsm_setvcpucontext(d); - if ( ret ) - goto svc_out; - ret = -EINVAL; if ( (d == current->domain) || /* no domain_pause() */ (vcpu >= d->max_vcpus) || ((v = d->vcpu[vcpu]) == NULL) ) @@ -340,10 +336,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) case XEN_DOMCTL_pausedomain: { - ret = xsm_pausedomain(d); - if ( ret ) - break; - ret = -EINVAL; if ( d != current->domain ) { @@ -355,10 +347,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) case XEN_DOMCTL_unpausedomain: { - ret = xsm_unpausedomain(d); - if ( ret ) - break; - domain_unpause_by_systemcontroller(d); ret = 0; } @@ -366,10 +354,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) case XEN_DOMCTL_resumedomain: { - ret = xsm_resumedomain(d); - if ( ret ) - break; - domain_resume(d); ret = 0; } @@ -452,10 +436,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) (is_hvm_domain(d) && (max > MAX_HVM_VCPUS)) ) break; - ret = xsm_max_vcpus(d); - if ( ret ) - break; - /* Until Xenoprof can dynamically grow its vcpu-s array... */ if ( d->xenoprof ) { @@ -538,7 +518,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) case XEN_DOMCTL_destroydomain: { - ret = xsm_destroydomain(d) ? : domain_kill(d); + ret = domain_kill(d); } break; @@ -547,10 +527,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) { struct vcpu *v; - ret = xsm_vcpuaffinity(op->cmd, d); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.vcpuaffinity.vcpu >= d->max_vcpus ) break; @@ -581,10 +557,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) case XEN_DOMCTL_scheduler_op: { - ret = xsm_scheduler(d); - if ( ret ) - break; - ret = sched_adjust(d, &op->u.scheduler_op); copyback = 1; } @@ -627,10 +599,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) vcpu_guest_context_u c = { .nat = NULL }; struct vcpu *v; - ret = xsm_getvcpucontext(d); - if ( ret ) - goto getvcpucontext_out; - ret = -EINVAL; if ( op->u.vcpucontext.vcpu >= d->max_vcpus ) goto getvcpucontext_out; @@ -684,10 +652,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) struct vcpu *v; struct vcpu_runstate_info runstate; - ret = xsm_getvcpuinfo(d); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.getvcpuinfo.vcpu >= d->max_vcpus ) break; @@ -712,10 +676,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) { unsigned long new_max; - ret = xsm_setdomainmaxmem(d); - if ( ret ) - break; - ret = -EINVAL; new_max = op->u.max_mem.max_memkb >> (PAGE_SHIFT-10); @@ -733,10 +693,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) case XEN_DOMCTL_setdomainhandle: { - ret = xsm_setdomainhandle(d); - if ( ret ) - break; - memcpy(d->handle, op->u.setdomainhandle.handle, sizeof(xen_domain_handle_t)); ret = 0; @@ -749,10 +705,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) if ( d == current->domain ) /* no domain_pause() */ break; - ret = xsm_setdebugging(d); - if ( ret ) - break; - domain_pause(d); d->debugger_attached = !!op->u.setdebugging.enable; domain_unpause(d); /* causes guest to latch new status */ @@ -797,10 +749,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) case XEN_DOMCTL_settimeoffset: { - ret = xsm_domain_settime(d); - if ( ret ) - break; - domain_set_time_offset(d, op->u.settimeoffset.time_offset_seconds); ret = 0; } @@ -850,10 +798,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) case XEN_DOMCTL_set_virq_handler: { uint32_t virq = op->u.set_virq_handler.virq; - - ret = xsm_set_virq_handler(d, virq); - if ( !ret ) - ret = set_global_virq_handler(d, virq); + ret = set_global_virq_handler(d, virq); } break; |