xen/xsm: Add xsm_default parameter to XSM hooks

Include the default XSM hook action as the first argument of the hook
to facilitate quick understanding of how the call site is expected to
be used (dom0-only, arbitrary guest, or device model). This argument
does not solely define how a given hook is interpreted, since any
changes to the hook's default action need to be made identically to
all callers of a hook (if there are multiple callers; most hooks only
have one), and may also require changing the arguments of the hook.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: Tim Deegan <tim@xen.org>
Committed-by: Keir Fraser <keir@xen.org>

9 files changed, 31 insertions, 31 deletions

diff --git a/xen/common/domain.c b/xen/common/domain.c
index ec8efe8a41..07f62b3b34 100644
--- a/xen/common/domain.c
+++ b/xen/common/domain.c
@@ -252,7 +252,7 @@ struct domain *domain_create(
 
     if ( !is_idle_domain(d) )
     {
-        if ( (err = xsm_domain_create(d, ssidref)) != 0 )
+        if ( (err = xsm_domain_create(XSM_HOOK, d, ssidref)) != 0 )
             goto fail;
 
         d->is_paused_by_controller = 1;
diff --git a/xen/common/domctl.c b/xen/common/domctl.c
index e1fb75d751..caa68f7c79 100644
--- a/xen/common/domctl.c
+++ b/xen/common/domctl.c
@@ -265,7 +265,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
             return -ESRCH;
     }
 
-    ret = xsm_domctl(d, op->cmd);
+    ret = xsm_domctl(XSM_OTHER, d, op->cmd);
     if ( ret )
         goto domctl_out_unlock_domonly;
 
@@ -579,7 +579,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
             break;
         }
 
-        ret = xsm_getdomaininfo(d);
+        ret = xsm_getdomaininfo(XSM_HOOK, d);
         if ( ret )
             goto getdomaininfo_out;
 
@@ -719,7 +719,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
 
         if ( pirq >= d->nr_pirqs )
             ret = -EINVAL;
-        else if ( xsm_irq_permission(d, pirq, allow) )
+        else if ( xsm_irq_permission(XSM_HOOK, d, pirq, allow) )
             ret = -EPERM;
         else if ( allow )
             ret = irq_permit_access(d, pirq);
@@ -738,7 +738,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
         if ( (mfn + nr_mfns - 1) < mfn ) /* wrap? */
             break;
 
-        if ( xsm_iomem_permission(d, mfn, mfn + nr_mfns - 1, allow) )
+        if ( xsm_iomem_permission(XSM_HOOK, d, mfn, mfn + nr_mfns - 1, allow) )
             ret = -EPERM;
         else if ( allow )
             ret = iomem_permit_access(d, mfn, mfn + nr_mfns - 1);
@@ -770,7 +770,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
             break;
         }
 
-        ret = xsm_set_target(d, e);
+        ret = xsm_set_target(XSM_HOOK, d, e);
         if ( ret ) {
             put_domain(e);
             break;
diff --git a/xen/common/event_channel.c b/xen/common/event_channel.c
index f620966ce2..2d7afc9e2b 100644
--- a/xen/common/event_channel.c
+++ b/xen/common/event_channel.c
@@ -175,7 +175,7 @@ static long evtchn_alloc_unbound(evtchn_alloc_unbound_t *alloc)
         ERROR_EXIT_DOM(port, d);
     chn = evtchn_from_port(d, port);
 
-    rc = xsm_evtchn_unbound(d, chn, alloc->remote_dom);
+    rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, alloc->remote_dom);
     if ( rc )
         goto out;
 
@@ -231,7 +231,7 @@ static long evtchn_bind_interdomain(evtchn_bind_interdomain_t *bind)
          (rchn->u.unbound.remote_domid != ld->domain_id) )
         ERROR_EXIT_DOM(-EINVAL, rd);
 
-    rc = xsm_evtchn_interdomain(ld, lchn, rd, rchn);
+    rc = xsm_evtchn_interdomain(XSM_HOOK, ld, lchn, rd, rchn);
     if ( rc )
         goto out;
 
@@ -580,7 +580,7 @@ int evtchn_send(struct domain *d, unsigned int lport)
         return -EINVAL;
     }
 
-    ret = xsm_evtchn_send(ld, lchn);
+    ret = xsm_evtchn_send(XSM_HOOK, ld, lchn);
     if ( ret )
         goto out;
 
@@ -812,7 +812,7 @@ static long evtchn_status(evtchn_status_t *status)
 
     chn = evtchn_from_port(d, port);
 
-    rc = xsm_evtchn_status(d, chn);
+    rc = xsm_evtchn_status(XSM_TARGET, d, chn);
     if ( rc )
         goto out;
 
@@ -954,7 +954,7 @@ static long evtchn_reset(evtchn_reset_t *r)
     if ( d == NULL )
         return -ESRCH;
 
-    rc = xsm_evtchn_reset(current->domain, d);
+    rc = xsm_evtchn_reset(XSM_TARGET, current->domain, d);
     if ( rc )
         goto out;
 
@@ -1101,7 +1101,7 @@ int alloc_unbound_xen_event_channel(
         goto out;
     chn = evtchn_from_port(d, port);
 
-    rc = xsm_evtchn_unbound(d, chn, remote_domid);
+    rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, remote_domid);
 
     chn->state = ECS_UNBOUND;
     chn->xen_consumer = get_xen_consumer(notification_fn);
diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c
index 59708c33e4..f85adb44b7 100644
--- a/xen/common/grant_table.c
+++ b/xen/common/grant_table.c
@@ -552,7 +552,7 @@ __gnttab_map_grant_ref(
         return;
     }
 
-    rc = xsm_grant_mapref(ld, rd, op->flags);
+    rc = xsm_grant_mapref(XSM_HOOK, ld, rd, op->flags);
     if ( rc )
     {
         rcu_unlock_domain(rd);
@@ -872,7 +872,7 @@ __gnttab_unmap_common(
         return;
     }
 
-    rc = xsm_grant_unmapref(ld, rd);
+    rc = xsm_grant_unmapref(XSM_HOOK, ld, rd);
     if ( rc )
     {
         rcu_unlock_domain(rd);
@@ -1336,7 +1336,7 @@ gnttab_setup_table(
         goto out2;
     }
 
-    if ( xsm_grant_setup(current->domain, d) )
+    if ( xsm_grant_setup(XSM_TARGET, current->domain, d) )
     {
         op.status = GNTST_permission_denied;
         goto out2;
@@ -1406,7 +1406,7 @@ gnttab_query_size(
         goto query_out;
     }
 
-    rc = xsm_grant_query_size(current->domain, d);
+    rc = xsm_grant_query_size(XSM_TARGET, current->domain, d);
     if ( rc )
     {
         op.status = GNTST_permission_denied;
@@ -1582,7 +1582,7 @@ gnttab_transfer(
             goto copyback;
         }
 
-        if ( xsm_grant_transfer(d, e) )
+        if ( xsm_grant_transfer(XSM_HOOK, d, e) )
         {
             put_gfn(d, gop.mfn);
             gop.status = GNTST_permission_denied;
@@ -2022,7 +2022,7 @@ __gnttab_copy(
         PIN_FAIL(error_out, GNTST_bad_domain,
                  "couldn't find %d\n", op->dest.domid);
 
-    rc = xsm_grant_copy(sd, dd);
+    rc = xsm_grant_copy(XSM_HOOK, sd, dd);
     if ( rc )
     {
         rc = GNTST_permission_denied;
@@ -2280,7 +2280,7 @@ gnttab_get_status_frames(XEN_GUEST_HANDLE_PARAM(gnttab_get_status_frames_t) uop,
         op.status = GNTST_bad_domain;
         goto out1;
     }
-    rc = xsm_grant_setup(current->domain, d);
+    rc = xsm_grant_setup(XSM_TARGET, current->domain, d);
     if ( rc ) {
         op.status = GNTST_permission_denied;
         goto out1;
@@ -2331,7 +2331,7 @@ gnttab_get_version(XEN_GUEST_HANDLE_PARAM(gnttab_get_version_t) uop)
     if ( d == NULL )
         return -ESRCH;
 
-    rc = xsm_grant_query_size(current->domain, d);
+    rc = xsm_grant_query_size(XSM_TARGET, current->domain, d);
     if ( rc )
     {
         rcu_unlock_domain(d);
diff --git a/xen/common/kexec.c b/xen/common/kexec.c
index d4f633268a..6dd20c65dd 100644
--- a/xen/common/kexec.c
+++ b/xen/common/kexec.c
@@ -852,7 +852,7 @@ static int do_kexec_op_internal(unsigned long op,
     unsigned long flags;
     int ret = -EINVAL;
 
-    ret = xsm_kexec();
+    ret = xsm_kexec(XSM_PRIV);
     if ( ret )
         return ret;
 
diff --git a/xen/common/memory.c b/xen/common/memory.c
index e18e224156..fe79ca003e 100644
--- a/xen/common/memory.c
+++ b/xen/common/memory.c
@@ -348,7 +348,7 @@ static long memory_exchange(XEN_GUEST_HANDLE_PARAM(xen_memory_exchange_t) arg)
         goto fail_early;
     }
 
-    rc = xsm_memory_exchange(d);
+    rc = xsm_memory_exchange(XSM_TARGET, d);
     if ( rc )
     {
         rcu_unlock_domain(d);
@@ -600,7 +600,7 @@ long do_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
             return start_extent;
         args.domain = d;
 
-        rc = xsm_memory_adjust_reservation(current->domain, d);
+        rc = xsm_memory_adjust_reservation(XSM_TARGET, current->domain, d);
         if ( rc )
         {
             rcu_unlock_domain(d);
@@ -649,7 +649,7 @@ long do_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
         if ( d == NULL )
             return -ESRCH;
 
-        rc = xsm_memory_stat_reservation(current->domain, d);
+        rc = xsm_memory_stat_reservation(XSM_TARGET, current->domain, d);
         if ( rc )
         {
             rcu_unlock_domain(d);
@@ -687,7 +687,7 @@ long do_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
         if ( d == NULL )
             return -ESRCH;
 
-        if ( xsm_remove_from_physmap(current->domain, d) )
+        if ( xsm_remove_from_physmap(XSM_TARGET, current->domain, d) )
         {
             rcu_unlock_domain(d);
             return -EPERM;
diff --git a/xen/common/schedule.c b/xen/common/schedule.c
index d40508144b..903f32d57c 100644
--- a/xen/common/schedule.c
+++ b/xen/common/schedule.c
@@ -921,7 +921,7 @@ ret_t do_sched_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
         if ( d == NULL )
             break;
 
-        ret = xsm_schedop_shutdown(current->domain, d);
+        ret = xsm_schedop_shutdown(XSM_DM_PRIV, current->domain, d);
         if ( ret )
         {
             rcu_unlock_domain(d);
diff --git a/xen/common/sysctl.c b/xen/common/sysctl.c
index 2ebf5e64cc..d663ed7430 100644
--- a/xen/common/sysctl.c
+++ b/xen/common/sysctl.c
@@ -40,7 +40,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xen_sysctl_t) u_sysctl)
     if ( op->interface_version != XEN_SYSCTL_INTERFACE_VERSION )
         return -EACCES;
 
-    ret = xsm_sysctl(op->cmd);
+    ret = xsm_sysctl(XSM_PRIV, op->cmd);
     if ( ret )
         return ret;
 
@@ -57,7 +57,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xen_sysctl_t) u_sysctl)
     switch ( op->cmd )
     {
     case XEN_SYSCTL_readconsole:
-        ret = xsm_readconsole(op->u.readconsole.clear);
+        ret = xsm_readconsole(XSM_HOOK, op->u.readconsole.clear);
         if ( ret )
             break;
 
@@ -87,7 +87,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xen_sysctl_t) u_sysctl)
             if ( num_domains == op->u.getdomaininfolist.max_domains )
                 break;
 
-            ret = xsm_getdomaininfo(d);
+            ret = xsm_getdomaininfo(XSM_HOOK, d);
             if ( ret )
                 continue;
 
@@ -186,7 +186,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xen_sysctl_t) u_sysctl)
         uint32_t *status, *ptr;
         unsigned long pfn;
 
-        ret = xsm_page_offline(op->u.page_offline.cmd);
+        ret = xsm_page_offline(XSM_HOOK, op->u.page_offline.cmd);
         if ( ret )
             break;
 
diff --git a/xen/common/xenoprof.c b/xen/common/xenoprof.c
index f545e26bbc..220f1c7785 100644
--- a/xen/common/xenoprof.c
+++ b/xen/common/xenoprof.c
@@ -677,7 +677,7 @@ ret_t do_xenoprof_op(int op, XEN_GUEST_HANDLE_PARAM(void) arg)
         return -EPERM;
     }
 
-    ret = xsm_profile(current->domain, op);
+    ret = xsm_profile(XSM_HOOK, current->domain, op);
     if ( ret )
         return ret;