diff options
author | Jean Guyader <jean.guyader@eu.citrix.com> | 2011-11-08 19:41:47 +0000 |
---|---|---|
committer | Jean Guyader <jean.guyader@eu.citrix.com> | 2011-11-08 19:41:47 +0000 |
commit | 35a5ddf29ab47c772b77e253131b3cb4757b6336 (patch) | |
tree | 5fd5450b227d8d97b77661ce2bb697e9303f84ba /xen/xsm | |
parent | 2b7ee729c5f89b24c107cca5b082453a855cdbf2 (diff) | |
download | xen-35a5ddf29ab47c772b77e253131b3cb4757b6336.tar.gz xen-35a5ddf29ab47c772b77e253131b3cb4757b6336.tar.bz2 xen-35a5ddf29ab47c772b77e253131b3cb4757b6336.zip |
xsm: Add support for HVMOP_track_dirty_vram.
Xen try to inforce the xsm policy when a HVMOP_track_dirty_vram
is received (xen/arch/x86/hvm/hvm.c:3637). It was failing because
in flask_hvmcontext, xsm didn't have any case for this operation.
Signed-off-by: Jean Guyader <jean.guyader@eu.citrix.com>
Committed-by: Keir Fraser <keir@xen.org>
Diffstat (limited to 'xen/xsm')
-rw-r--r-- | xen/xsm/flask/hooks.c | 3 | ||||
-rw-r--r-- | xen/xsm/flask/include/av_perm_to_string.h | 1 | ||||
-rw-r--r-- | xen/xsm/flask/include/av_permissions.h | 1 |
3 files changed, 5 insertions, 0 deletions
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index 30c91e5691..e70feda5a4 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -816,6 +816,9 @@ static int flask_hvmcontext(struct domain *d, uint32_t cmd) case XEN_DOMCTL_gethvmcontext_partial: perm = HVM__GETHVMC; break; + case HVMOP_track_dirty_vram: + perm = HVM__TRACKDIRTYVRAM; + break; default: return -EPERM; } diff --git a/xen/xsm/flask/include/av_perm_to_string.h b/xen/xsm/flask/include/av_perm_to_string.h index b10a252589..c32488ee9b 100644 --- a/xen/xsm/flask/include/av_perm_to_string.h +++ b/xen/xsm/flask/include/av_perm_to_string.h @@ -56,6 +56,7 @@ S_(SECCLASS_HVM, HVM__GETHVMC, "gethvmc") S_(SECCLASS_HVM, HVM__SETPARAM, "setparam") S_(SECCLASS_HVM, HVM__GETPARAM, "getparam") + S_(SECCLASS_HVM, HVM__TRACKDIRTYVRAM, "trackdirtyvram") S_(SECCLASS_HVM, HVM__PCILEVEL, "pcilevel") S_(SECCLASS_HVM, HVM__IRQLEVEL, "irqlevel") S_(SECCLASS_HVM, HVM__PCIROUTE, "pciroute") diff --git a/xen/xsm/flask/include/av_permissions.h b/xen/xsm/flask/include/av_permissions.h index 14bd0536dd..f5dcc6f8fe 100644 --- a/xen/xsm/flask/include/av_permissions.h +++ b/xen/xsm/flask/include/av_permissions.h @@ -63,6 +63,7 @@ #define HVM__PCIROUTE 0x00000040UL #define HVM__BIND_IRQ 0x00000080UL #define HVM__CACHEATTR 0x00000100UL +#define HVM__TRACKDIRTYVRAM 0x00000200UL #define EVENT__BIND 0x00000001UL #define EVENT__SEND 0x00000002UL |