diff options
| author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2013-01-11 10:41:51 +0000 |
|---|---|---|
| committer | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2013-01-11 10:41:51 +0000 |
| commit | 652f94327383c5517b709f0a3e4b970216b3d375 (patch) | |
| tree | d81086462375a68fa66ba6b315ef83d793a0df7a /xen/include/xsm | |
| parent | 58632b5b140c35e8003a4efbe1eabe936c602490 (diff) | |
| download | xen-652f94327383c5517b709f0a3e4b970216b3d375.tar.gz xen-652f94327383c5517b709f0a3e4b970216b3d375.tar.bz2 xen-652f94327383c5517b709f0a3e4b970216b3d375.zip | |
xen: domctl XSM hook removal
A number of the domctl XSM hooks do nothing except pass the domain and
operation ID, making them redundant with the xsm_domctl hook. Remove
these redundant hooks.
The remaining domctls all use individual hooks because they pass extra
details of the call to the XSM module in order to allow a more
fine-grained access decision to be made - for example, considering the
exact device or memory range being set up for guest access.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Committed-by: Keir Fraser <keir@xen.org>
Diffstat (limited to 'xen/include/xsm')
| -rw-r--r-- | xen/include/xsm/dummy.h | 135 | ||||
| -rw-r--r-- | xen/include/xsm/xsm.h | 161 |
2 files changed, 0 insertions, 296 deletions
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index 9894d8d6d5..2b18f512ab 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -17,71 +17,16 @@ static XSM_INLINE void xsm_security_domaininfo(struct domain *d, return; } -static XSM_INLINE int xsm_setvcpucontext(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_pausedomain(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_unpausedomain(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_resumedomain(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_domain_create(struct domain *d, u32 ssidref) { return 0; } -static XSM_INLINE int xsm_max_vcpus(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_destroydomain(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_vcpuaffinity(int cmd, struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_scheduler(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_getdomaininfo(struct domain *d) { return 0; } -static XSM_INLINE int xsm_getvcpucontext(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_getvcpuinfo(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_domain_settime(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_set_target(struct domain *d, struct domain *e) { return 0; @@ -113,11 +58,6 @@ static XSM_INLINE int xsm_sysctl(int cmd) return 0; } -static XSM_INLINE int xsm_set_virq_handler(struct domain *d, uint32_t virq) -{ - return 0; -} - static XSM_INLINE int xsm_tbufcontrol(void) { return 0; @@ -133,21 +73,6 @@ static XSM_INLINE int xsm_sched_id(void) return 0; } -static XSM_INLINE int xsm_setdomainmaxmem(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_setdomainhandle(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_setdebugging(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_perfcontrol(void) { return 0; @@ -493,36 +418,6 @@ static XSM_INLINE int xsm_shadow_control(struct domain *d, uint32_t op) return 0; } -static XSM_INLINE int xsm_getpageframeinfo(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_getmemlist(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_hypercall_init(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_hvmcontext(struct domain *d, uint32_t cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_address_size(struct domain *d, uint32_t cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_machine_address_size(struct domain *d, uint32_t cmd) -{ - return 0; -} - static XSM_INLINE int xsm_hvm_param(struct domain *d, unsigned long op) { if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) @@ -558,11 +453,6 @@ static XSM_INLINE int xsm_hvm_inject_msi(struct domain *d) return 0; } -static XSM_INLINE int xsm_mem_event_setup(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_mem_event_control(struct domain *d, int mode, int op) { if ( !IS_PRIV(current->domain) ) @@ -577,11 +467,6 @@ static XSM_INLINE int xsm_mem_event_op(struct domain *d, int op) return 0; } -static XSM_INLINE int xsm_mem_sharing(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_mem_sharing_op(struct domain *d, struct domain *cd, int op) { if ( !IS_PRIV_FOR(current->domain, cd) ) @@ -708,11 +593,6 @@ static XSM_INLINE int xsm_remove_from_physmap(struct domain *d1, struct domain * return 0; } -static XSM_INLINE int xsm_sendtrigger(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return 0; @@ -723,21 +603,6 @@ static XSM_INLINE int xsm_unbind_pt_irq(struct domain *d, struct xen_domctl_bind return 0; } -static XSM_INLINE int xsm_pin_mem_cacheattr(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_vcpuextstate(struct domain *d, uint32_t cmd) -{ - return 0; -} - static XSM_INLINE int xsm_ioport_permission(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return 0; diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index a8c1d875cc..4676c75551 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -41,29 +41,14 @@ extern xsm_initcall_t __xsm_initcall_start[], __xsm_initcall_end[]; struct xsm_operations { void (*security_domaininfo) (struct domain *d, struct xen_domctl_getdomaininfo *info); - int (*setvcpucontext) (struct domain *d); - int (*pausedomain) (struct domain *d); - int (*unpausedomain) (struct domain *d); - int (*resumedomain) (struct domain *d); int (*domain_create) (struct domain *d, u32 ssidref); - int (*max_vcpus) (struct domain *d); - int (*destroydomain) (struct domain *d); - int (*vcpuaffinity) (int cmd, struct domain *d); - int (*scheduler) (struct domain *d); int (*getdomaininfo) (struct domain *d); - int (*getvcpucontext) (struct domain *d); - int (*getvcpuinfo) (struct domain *d); - int (*domain_settime) (struct domain *d); int (*set_target) (struct domain *d, struct domain *e); int (*domctl) (struct domain *d, int cmd); int (*sysctl) (int cmd); - int (*set_virq_handler) (struct domain *d, uint32_t virq); int (*tbufcontrol) (void); int (*readconsole) (uint32_t clear); int (*sched_id) (void); - int (*setdomainmaxmem) (struct domain *d); - int (*setdomainhandle) (struct domain *d); - int (*setdebugging) (struct domain *d); int (*perfcontrol) (void); int (*debug_keys) (void); int (*getcpuinfo) (void); @@ -139,21 +124,13 @@ struct xsm_operations { #ifdef CONFIG_X86 int (*shadow_control) (struct domain *d, uint32_t op); - int (*getpageframeinfo) (struct domain *d); - int (*getmemlist) (struct domain *d); - int (*hypercall_init) (struct domain *d); - int (*hvmcontext) (struct domain *d, uint32_t op); - int (*address_size) (struct domain *d, uint32_t op); - int (*machine_address_size) (struct domain *d, uint32_t op); int (*hvm_param) (struct domain *d, unsigned long op); int (*hvm_set_pci_intx_level) (struct domain *d); int (*hvm_set_isa_irq_level) (struct domain *d); int (*hvm_set_pci_link_route) (struct domain *d); int (*hvm_inject_msi) (struct domain *d); - int (*mem_event_setup) (struct domain *d); int (*mem_event_control) (struct domain *d, int mode, int op); int (*mem_event_op) (struct domain *d, int op); - int (*mem_sharing) (struct domain *d); int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op); int (*apic) (struct domain *d, int cmd); int (*xen_settime) (void); @@ -178,12 +155,8 @@ struct xsm_operations { int (*mmuext_op) (struct domain *d, struct domain *f); int (*update_va_mapping) (struct domain *d, struct domain *f, l1_pgentry_t pte); int (*add_to_physmap) (struct domain *d1, struct domain *d2); - int (*sendtrigger) (struct domain *d); int (*bind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); - int (*pin_mem_cacheattr) (struct domain *d); - int (*ext_vcpucontext) (struct domain *d, uint32_t cmd); - int (*vcpuextstate) (struct domain *d, uint32_t cmd); int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); #endif @@ -201,71 +174,16 @@ static inline void xsm_security_domaininfo (struct domain *d, xsm_ops->security_domaininfo(d, info); } -static inline int xsm_setvcpucontext(struct domain *d) -{ - return xsm_ops->setvcpucontext(d); -} - -static inline int xsm_pausedomain (struct domain *d) -{ - return xsm_ops->pausedomain(d); -} - -static inline int xsm_unpausedomain (struct domain *d) -{ - return xsm_ops->unpausedomain(d); -} - -static inline int xsm_resumedomain (struct domain *d) -{ - return xsm_ops->resumedomain(d); -} - static inline int xsm_domain_create (struct domain *d, u32 ssidref) { return xsm_ops->domain_create(d, ssidref); } -static inline int xsm_max_vcpus(struct domain *d) -{ - return xsm_ops->max_vcpus(d); -} - -static inline int xsm_destroydomain (struct domain *d) -{ - return xsm_ops->destroydomain(d); -} - -static inline int xsm_vcpuaffinity (int cmd, struct domain *d) -{ - return xsm_ops->vcpuaffinity(cmd, d); -} - -static inline int xsm_scheduler (struct domain *d) -{ - return xsm_ops->scheduler(d); -} - static inline int xsm_getdomaininfo (struct domain *d) { return xsm_ops->getdomaininfo(d); } -static inline int xsm_getvcpucontext (struct domain *d) -{ - return xsm_ops->getvcpucontext(d); -} - -static inline int xsm_getvcpuinfo (struct domain *d) -{ - return xsm_ops->getvcpuinfo(d); -} - -static inline int xsm_domain_settime (struct domain *d) -{ - return xsm_ops->domain_settime(d); -} - static inline int xsm_set_target (struct domain *d, struct domain *e) { return xsm_ops->set_target(d, e); @@ -281,11 +199,6 @@ static inline int xsm_sysctl (int cmd) return xsm_ops->sysctl(cmd); } -static inline int xsm_set_virq_handler (struct domain *d, uint32_t virq) -{ - return xsm_ops->set_virq_handler(d, virq); -} - static inline int xsm_tbufcontrol (void) { return xsm_ops->tbufcontrol(); @@ -301,21 +214,6 @@ static inline int xsm_sched_id (void) return xsm_ops->sched_id(); } -static inline int xsm_setdomainmaxmem (struct domain *d) -{ - return xsm_ops->setdomainmaxmem(d); -} - -static inline int xsm_setdomainhandle (struct domain *d) -{ - return xsm_ops->setdomainhandle(d); -} - -static inline int xsm_setdebugging (struct domain *d) -{ - return xsm_ops->setdebugging(d); -} - static inline int xsm_perfcontrol (void) { return xsm_ops->perfcontrol(); @@ -623,36 +521,6 @@ static inline int xsm_shadow_control (struct domain *d, uint32_t op) return xsm_ops->shadow_control(d, op); } -static inline int xsm_getpageframeinfo (struct domain *d) -{ - return xsm_ops->getpageframeinfo(d); -} - -static inline int xsm_getmemlist (struct domain *d) -{ - return xsm_ops->getmemlist(d); -} - -static inline int xsm_hypercall_init (struct domain *d) -{ - return xsm_ops->hypercall_init(d); -} - -static inline int xsm_hvmcontext (struct domain *d, uint32_t cmd) -{ - return xsm_ops->hvmcontext(d, cmd); -} - -static inline int xsm_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_ops->address_size(d, cmd); -} - -static inline int xsm_machine_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_ops->machine_address_size(d, cmd); -} - static inline int xsm_hvm_param (struct domain *d, unsigned long op) { return xsm_ops->hvm_param(d, op); @@ -678,11 +546,6 @@ static inline int xsm_hvm_inject_msi (struct domain *d) return xsm_ops->hvm_inject_msi(d); } -static inline int xsm_mem_event_setup (struct domain *d) -{ - return xsm_ops->mem_event_setup(d); -} - static inline int xsm_mem_event_control (struct domain *d, int mode, int op) { return xsm_ops->mem_event_control(d, mode, op); @@ -693,11 +556,6 @@ static inline int xsm_mem_event_op (struct domain *d, int op) return xsm_ops->mem_event_op(d, op); } -static inline int xsm_mem_sharing (struct domain *d) -{ - return xsm_ops->mem_sharing(d); -} - static inline int xsm_mem_sharing_op (struct domain *d, struct domain *cd, int op) { return xsm_ops->mem_sharing_op(d, cd, op); @@ -795,11 +653,6 @@ static inline int xsm_add_to_physmap(struct domain *d1, struct domain *d2) return xsm_ops->add_to_physmap(d1, d2); } -static inline int xsm_sendtrigger(struct domain *d) -{ - return xsm_ops->sendtrigger(d); -} - static inline int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) { @@ -812,20 +665,6 @@ static inline int xsm_unbind_pt_irq(struct domain *d, return xsm_ops->unbind_pt_irq(d, bind); } -static inline int xsm_pin_mem_cacheattr(struct domain *d) -{ - return xsm_ops->pin_mem_cacheattr(d); -} - -static inline int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) -{ - return xsm_ops->ext_vcpucontext(d, cmd); -} -static inline int xsm_vcpuextstate(struct domain *d, uint32_t cmd) -{ - return xsm_ops->vcpuextstate(d, cmd); -} - static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return xsm_ops->ioport_permission(d, s, e, allow); |