diff options
| author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2011-12-02 13:47:08 -0800 |
|---|---|---|
| committer | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2011-12-02 13:47:08 -0800 |
| commit | 3d7895b3bbe977e3abd2d4128e42c1daba5e3fa4 (patch) | |
| tree | 3a17a23357b787f377dc3dc669824cc88e352306 /xen/include/xsm | |
| parent | 65d744c6d56f92401b9d279c9cf8fe618397be0e (diff) | |
| download | xen-3d7895b3bbe977e3abd2d4128e42c1daba5e3fa4.tar.gz xen-3d7895b3bbe977e3abd2d4128e42c1daba5e3fa4.tar.bz2 xen-3d7895b3bbe977e3abd2d4128e42c1daba5e3fa4.zip | |
xsm: Expand I/O resource hooks
The XSM hooks inside rangeset are not useful in capturing the PIRQ
mappings in HVM domains. They can also be called from softirq context
where current->domain is invalid, causing spurious AVC denials from
unrelated domains on such calls.
Within FLASK code, the rangeset hooks were already divided between
IRQs, I/O memory, and x86 IO ports; propagate this division back
through the XSM hooks and call the XSM functions directly when needed.
This removes XSM checks for the initial rangeset population for dom0
and the removal checks on domain destruction; denying either of these
actions does not make sense.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Committed-by: Keir Fraser <keir@xen.org>
Diffstat (limited to 'xen/include/xsm')
| -rw-r--r-- | xen/include/xsm/xsm.h | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index e8111a46b7..0afe49f437 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -106,8 +106,8 @@ struct xsm_operations { int (*kexec) (void); int (*schedop_shutdown) (struct domain *d1, struct domain *d2); - int (*add_range) (struct domain *d, char *name, unsigned long s, unsigned long e); - int (*remove_range) (struct domain *d, char *name, unsigned long s, unsigned long e); + int (*irq_permission) (struct domain *d, int pirq, uint8_t allow); + int (*iomem_permission) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow); int (*test_assign_device) (uint32_t machine_bdf); int (*assign_device) (struct domain *d, uint32_t machine_bdf); @@ -152,6 +152,7 @@ struct xsm_operations { int (*pin_mem_cacheattr) (struct domain *d); int (*ext_vcpucontext) (struct domain *d, uint32_t cmd); int (*vcpuextstate) (struct domain *d, uint32_t cmd); + int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); #endif }; @@ -415,16 +416,14 @@ static inline int xsm_schedop_shutdown (struct domain *d1, struct domain *d2) return xsm_call(schedop_shutdown(d1, d2)); } -static inline int xsm_add_range (struct domain *d, char *name, unsigned long s, - unsigned long e) +static inline int xsm_irq_permission (struct domain *d, int pirq, uint8_t allow) { - return xsm_call(add_range(d, name, s, e)); + return xsm_call(irq_permission(d, pirq, allow)); } - -static inline int xsm_remove_range (struct domain *d, char *name, unsigned long s, - unsigned long e) + +static inline int xsm_iomem_permission (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - return xsm_call(remove_range(d, name, s, e)); + return xsm_call(iomem_permission(d, s, e, allow)); } static inline int xsm_test_assign_device(uint32_t machine_bdf) @@ -640,6 +639,11 @@ static inline int xsm_vcpuextstate(struct domain *d, uint32_t cmd) { return xsm_call(vcpuextstate(d, cmd)); } + +static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +{ + return xsm_call(ioport_permission(d, s, e, allow)); +} #endif /* CONFIG_X86 */ extern struct xsm_operations dummy_xsm_ops; |