xen/xen - xen

	Commit message (Collapse)	Author	Age	Files	Lines
*	xsm: Expand I/O resource hooks	Daniel De Graaf	2011-12-02	1	-8/+0
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The XSM hooks inside rangeset are not useful in capturing the PIRQ mappings in HVM domains. They can also be called from softirq context where current->domain is invalid, causing spurious AVC denials from unrelated domains on such calls. Within FLASK code, the rangeset hooks were already divided between IRQs, I/O memory, and x86 IO ports; propagate this division back through the XSM hooks and call the XSM functions directly when needed. This removes XSM checks for the initial rangeset population for dom0 and the removal checks on domain destruction; denying either of these actions does not make sense. Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Committed-by: Keir Fraser <keir@xen.org>
*	rangesets: add function to query for overlaps	Keir Fraser	2010-09-20	1	-0/+16
\| \| \| \|	Signed-off-by: Jan Beulich <jbeulich@novell.com>
*	x86: improve reporting through XENMEM_machine_memory_map	Keir Fraser	2009-11-03	1	-0/+18
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Since Dom0 derives machine address ranges usable for assigning PCI device resources from the output of this sub-hypercall, Xen should make sure it properly reports all ranges not suitable for this (as either reserved or unusable): - RAM regions excluded via command line option - memory regions used by Xen itself (LAPIC, IOAPICs) While the latter should generally already be excluded by the BIOS provided E820 table, this apparently isn't always the case at least for IOAPICs, and with Linux having got changed to account for this it seems to make sense to also do so in Xen. Generally the HPET range should also be excluded here, but since it isn't being reflected in Dom0's iomem_caps (and can't be, as it's a sub-page range) I wasn't sure whether adding explicit code for doing so would be reasonable. Signed-off-by: Jan Beulich <jbeulich@novell.com>
*	xsm: refactor IO hooks/sysctl hooks	Keir Fraser	2008-09-04	1	-0/+9
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	- The patch refactors the IO resource checks into the rangeset add/del code. This produces a much more architecture friendly implementation and ensures that HVM and paravirtualized guests are checked consistently. - The patch removes the following hooks in support of the refactoring of the IO resource checks: - xsm_irq_permission - xsm_iomem_permission - xsm_ioport_permission - The patch adds the following hooks in support of the refactoring of the IO resource checks: - xsm_add_range - xsm_remove_range - These IO refactoring changes are transparent to any pre-existing Flask policies. - The patch adds also adds hooks for sysctl functionality that was added since the last major XSM patch. The following hooks were added: - xsm_set_target - xsm_debug_keys - xsm_getcpuinfo - xsm_availheap - xsm_firmware_info - xsm_acpi_sleep - xsm_change_freq - xsm_getidletime - xsm_sendtrigger - xsm_test_assign_device - xsm_assign_device - xsm_deassign_device - xsm_bind_pt_irq - xsm_pin_mem_cacheattr - xsm_ext_vcpucontext Signed-off-by: George Coker <gscoker@alpha.ncsc.mil>
*	x86: Fix get_page_from_l1e() and avoid host crash on 'xm save'.	Keir Fraser	2007-10-19	1	-1/+1
\| \| \| \|	Signed-off-by: Keir Fraser <keir@xensource.com>
*	Remove uses of strcpy and strncpy from common and x86 code.	kfraser@localhost.localdomain	2007-01-29	1	-1/+1
\| \| \| \| \| \| \| \|	Retain safe_strcpy(). It can hide the third argument to strlcpy() in most cases. Based on patches from Christoph Egger <Christoph.Egger@amd.com> Signed-off-by: Keir Fraser <keir@xensource.com>
*	Replace sprintf with snprintf and strncpy with strlcpy.	kfraser@localhost.localdomain	2007-01-29	1	-3/+2
\| \| \| \| \| \| \| \|	There are various cases where no NULL-terminated strings are guaranteed and eventual possible overflows. This patch fixes them. From: Christoph Egger <Christoph.Egger@amd.com> Signed-off-by: Keir Fraser <keir@xensource.com>
*	[XEN] Make some implicit header includes explicit.	kaf24@localhost.localdomain	2006-08-19	1	-0/+1
\| \| \| \|	Signed-off-by: Tristan Gingold <tristan.gingold@bull.net>
*	Add argument-checking assertions to rangeset interfaces.	kaf24@firebug.cl.cam.ac.uk	2006-02-02	1	-0/+6
\| \| \| \| \| \|	Signed-off-by: Keir Fraser <keir@xensource.com>
*	Clean up 'q' debug key output.	kaf24@firebug.cl.cam.ac.uk	2005-12-31	1	-1/+1
\| \| \| \| \| \|	Signed-off-by: Keir Fraser <keir@xensource.com>
*	Allow non-privileged domains restricted access to	kaf24@firebug.cl.cam.ac.uk	2005-12-31	1	-0/+6
\| \| \| \| \| \| \| \| \| \| \|	I/O memory and physical interrupts, under control of domain0. Capabilities are maintained as rangesets in Xen. Signed-off-by: Ryan Wilson <hap9@epoch.ncsc.mil> Signed-off-by: Keir Fraser <keir@xensource.com>
*	Store admin-specified ioport capabilities in a rangeset	kaf24@firebug.cl.cam.ac.uk	2005-12-31	1	-1/+1
\| \| \| \| \| \| \| \| \|	rather than a bitmap. arch_do_createdomain() can now fail and the caller will clean up. Signed-off-by: Keir Fraser <keir@xensource.com>
*	Extend the range abstraction by adding an internal	kaf24@firebug.cl.cam.ac.uk	2005-12-29	1	-5/+25
\| \| \| \| \| \| \| \| \| \|	insert_range() helper function. Pretty printer uses the internal abstractions rather than accessing the linked list directly. Signed-off-by: Keir Fraser <keir@xensource.com>
*	Add a little more internal abstraction to the rangeset	kaf24@firebug.cl.cam.ac.uk	2005-12-29	1	-14/+31
\| \| \| \| \| \| \| \| \|	library, avoiding direct interaction with the linked-list structure. Signed-off-by: Keir Fraser <keir@xensource.com>
*	Add auto-destructing per-domain rangeset data structure,	kaf24@firebug.cl.cam.ac.uk	2005-12-29	1	-0/+356
	for representing sets of contiguous numeric ranges. This will be used for representing permissions lists (e.g., io memory, io ports, irqs). Signed-off-by: Keir Fraser <keir@xensource.com>