xsm: remove unused xsm_assign_vector check

The PHYSDEVOP_alloc_irq_vector hypercall is a noop, so its XSM check is not useful. Remove it and the "event vector" FLASK permission. Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Committed-by: Keir Fraser <keir@xen.org>
author: Daniel De Graaf <dgdegra@tycho.nsa.gov> 2011-12-02 13:45:15 -0800
committer: Daniel De Graaf <dgdegra@tycho.nsa.gov> 2011-12-02 13:45:15 -0800
commit: c9f7324e6c6f634bc0f7214fd0ab12fb9847c857 (patch)
tree: ac9afc51243fa6cbedacbb821319bd59d2a2bdc5 /xen/xsm
parent: 64b8b98854e09202f420b8bb02cb915b8a03cd55 (diff)
download: xen-c9f7324e6c6f634bc0f7214fd0ab12fb9847c857.tar.gz
xen-c9f7324e6c6f634bc0f7214fd0ab12fb9847c857.tar.bz2
xen-c9f7324e6c6f634bc0f7214fd0ab12fb9847c857.zip
4 files changed, 2 insertions, 23 deletions
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 65369482c6..1b50d0e163 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -345,11 +345,6 @@ static int dummy_apic (struct domain *d, int cmd)
     return 0;
 }
 
-static int dummy_assign_vector (struct domain *d, uint32_t pirq)
-{
-    return 0;
-}
-
 static int dummy_xen_settime (void)
 {
     return 0;
@@ -560,7 +555,6 @@ void xsm_fixup_ops (struct xsm_operations *ops)
     set_to_dummy_if_null(ops, hvm_set_isa_irq_level);
     set_to_dummy_if_null(ops, hvm_set_pci_link_route);
     set_to_dummy_if_null(ops, apic);
-    set_to_dummy_if_null(ops, assign_vector);
     set_to_dummy_if_null(ops, xen_settime);
     set_to_dummy_if_null(ops, memtype);
     set_to_dummy_if_null(ops, microcode);
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 37b297e983..97ae4d9407 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -907,18 +907,6 @@ static int flask_apic(struct domain *d, int cmd)
     return domain_has_xen(d, perm);
 }
 
-static int flask_assign_vector(struct domain *d, uint32_t pirq)
-{
-    u32 psid;
-    struct domain_security_struct *dsec;
-    dsec = d->ssid;
-
-    if ( security_pirq_sid(pirq, &psid) )
-        return -EPERM;
-
-    return avc_has_perm(dsec->sid, psid, SECCLASS_EVENT, EVENT__VECTOR, NULL);
-}
-
 static int flask_xen_settime(void)
 {
     return domain_has_xen(current->domain, XEN__SETTIME);
@@ -1306,7 +1294,6 @@ static struct xsm_operations flask_ops = {
     .hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level,
     .hvm_set_pci_link_route = flask_hvm_set_pci_link_route,
     .apic = flask_apic,
-    .assign_vector = flask_assign_vector,
     .xen_settime = flask_xen_settime,
     .memtype = flask_memtype,
     .microcode = flask_microcode,
diff --git a/xen/xsm/flask/include/av_perm_to_string.h b/xen/xsm/flask/include/av_perm_to_string.h
index c32488ee9b..70aa02d2da 100644
--- a/xen/xsm/flask/include/av_perm_to_string.h
+++ b/xen/xsm/flask/include/av_perm_to_string.h
@@ -56,18 +56,17 @@
    S_(SECCLASS_HVM, HVM__GETHVMC, "gethvmc")
    S_(SECCLASS_HVM, HVM__SETPARAM, "setparam")
    S_(SECCLASS_HVM, HVM__GETPARAM, "getparam")
-   S_(SECCLASS_HVM, HVM__TRACKDIRTYVRAM, "trackdirtyvram")
    S_(SECCLASS_HVM, HVM__PCILEVEL, "pcilevel")
    S_(SECCLASS_HVM, HVM__IRQLEVEL, "irqlevel")
    S_(SECCLASS_HVM, HVM__PCIROUTE, "pciroute")
    S_(SECCLASS_HVM, HVM__BIND_IRQ, "bind_irq")
    S_(SECCLASS_HVM, HVM__CACHEATTR, "cacheattr")
+   S_(SECCLASS_HVM, HVM__TRACKDIRTYVRAM, "trackdirtyvram")
    S_(SECCLASS_EVENT, EVENT__BIND, "bind")
    S_(SECCLASS_EVENT, EVENT__SEND, "send")
    S_(SECCLASS_EVENT, EVENT__STATUS, "status")
    S_(SECCLASS_EVENT, EVENT__NOTIFY, "notify")
    S_(SECCLASS_EVENT, EVENT__CREATE, "create")
-   S_(SECCLASS_EVENT, EVENT__VECTOR, "vector")
    S_(SECCLASS_EVENT, EVENT__RESET, "reset")
    S_(SECCLASS_GRANT, GRANT__MAP_READ, "map_read")
    S_(SECCLASS_GRANT, GRANT__MAP_WRITE, "map_write")
diff --git a/xen/xsm/flask/include/av_permissions.h b/xen/xsm/flask/include/av_permissions.h
index f5dcc6f8fe..4c2ffb61e8 100644
--- a/xen/xsm/flask/include/av_permissions.h
+++ b/xen/xsm/flask/include/av_permissions.h
@@ -70,8 +70,7 @@
 #define EVENT__STATUS                             0x00000004UL
 #define EVENT__NOTIFY                             0x00000008UL
 #define EVENT__CREATE                             0x00000010UL
-#define EVENT__VECTOR                             0x00000020UL
-#define EVENT__RESET                              0x00000040UL
+#define EVENT__RESET                              0x00000020UL
 
 #define GRANT__MAP_READ                           0x00000001UL
 #define GRANT__MAP_WRITE                          0x00000002UL
author	Daniel De Graaf <dgdegra@tycho.nsa.gov>	2011-12-02 13:45:15 -0800
committer	Daniel De Graaf <dgdegra@tycho.nsa.gov>	2011-12-02 13:45:15 -0800
commit	c9f7324e6c6f634bc0f7214fd0ab12fb9847c857 (patch)
tree	ac9afc51243fa6cbedacbb821319bd59d2a2bdc5 /xen/xsm
parent	64b8b98854e09202f420b8bb02cb915b8a03cd55 (diff)
download	xen-c9f7324e6c6f634bc0f7214fd0ab12fb9847c857.tar.gz xen-c9f7324e6c6f634bc0f7214fd0ab12fb9847c857.tar.bz2 xen-c9f7324e6c6f634bc0f7214fd0ab12fb9847c857.zip