xen: convert do_sysctl to use XSM

The xsm_sysctl hook now covers every sysctl, in addition to the more
fine-grained XSM hooks in most sub-functions.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Committed-by: Keir Fraser <keir@xen.org>

2 files changed, 13 insertions, 0 deletions

diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index 93b1148bfd..b335bd9565 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -106,6 +106,13 @@ static XSM_INLINE int xsm_domctl(struct domain *d, int cmd)
     return 0;
 }
 
+static XSM_INLINE int xsm_sysctl(int cmd)
+{
+    if ( !IS_PRIV(current->domain) )
+        return -EPERM;
+    return 0;
+}
+
 static XSM_INLINE int xsm_set_virq_handler(struct domain *d, uint32_t virq)
 {
     return 0;
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 662f233b1f..75c27bbcb4 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -58,6 +58,7 @@ struct xsm_operations {
     int (*domain_settime) (struct domain *d);
     int (*set_target) (struct domain *d, struct domain *e);
     int (*domctl) (struct domain *d, int cmd);
+    int (*sysctl) (int cmd);
     int (*set_virq_handler) (struct domain *d, uint32_t virq);
     int (*tbufcontrol) (void);
     int (*readconsole) (uint32_t clear);
@@ -266,6 +267,11 @@ static inline int xsm_domctl (struct domain *d, int cmd)
     return xsm_ops->domctl(d, cmd);
 }
 
+static inline int xsm_sysctl (int cmd)
+{
+    return xsm_ops->sysctl(cmd);
+}
+
 static inline int xsm_set_virq_handler (struct domain *d, uint32_t virq)
 {
     return xsm_ops->set_virq_handler(d, virq);