From patchwork Tue Jan 10 07:42:21 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yi Sun X-Patchwork-Id: 9506633 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 2B52D606E1 for ; Tue, 10 Jan 2017 07:45:41 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1C26E28156 for ; Tue, 10 Jan 2017 07:45:41 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 0F5E228485; Tue, 10 Jan 2017 07:45:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 2877128156 for ; Tue, 10 Jan 2017 07:45:40 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cQr5W-0003nw-LP; Tue, 10 Jan 2017 07:43:22 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1cQr5U-0003n8-LV for xen-devel@lists.xenproject.org; Tue, 10 Jan 2017 07:43:20 +0000 Received: from [85.158.137.68] by server-6.bemta-3.messagelabs.com id 5C/86-02804-79094785; Tue, 10 Jan 2017 07:43:19 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrDLMWRWlGSWpSXmKPExsVywNykWHfahJI Ig98/bSy+b5nM5MDocfjDFZYAxijWzLyk/IoE1ox3/+6yF/ztZKx48m85UwPjqeQuRk4OIYFK iet377KC2BICvBJHls2Asv0lum71M3cxcgHVNDBKnHy0kBkkwSagLvH4aw8TiC0ioCRxb9VkJ pAiZoH9jBLzjx8HKxIWiJDYtGYuWBGLgKrEzOWvGEFsXgF3iXuH5zNBbJCTOHlsMtg2TgEPiZ ar6xghLnKXaH57n3ECI+8CRoZVjBrFqUVlqUW6RpZ6SUWZ6RkluYmZObqGBsZ6uanFxYnpqTm JScV6yfm5mxiBIVHPwMC4g7Fpr98hRkkOJiVR3hTdkgghvqT8lMqMxOKM+KLSnNTiQ4wyHBxK ErxV/UA5waLU9NSKtMwcYHDCpCU4eJREeLeDpHmLCxJzizPTIVKnGHU5pj1b/JRJiCUvPy9VS pw3EKRIAKQoozQPbgQsUi4xykoJ8zIyMDAI8RSkFuVmlqDKv2IU52BUEuZtBpnCk5lXArfpFd ARTEBHRNoVgxxRkoiQkmpg9JwUacwlPeVyZ1T2HOETfIErd8rM4MsTuLnF/1Db4bZ3Tx/f3Ww UmPZOn+uJdtm24515v6uLLuzn3m75eclJTcNZOm+f3uKJTQ/+4BBzVdW9cKXrRY7br8sV/E99 yZa+G7BtlYxk5Z1QptxUrtqNS9nW3X79lTXwId9ZX93Sm7bh+htVL+3OU2Ipzkg01GIuKk4EA CLiZHWPAgAA X-Env-Sender: yi.y.sun@linux.intel.com X-Msg-Ref: server-11.tower-31.messagelabs.com!1484034191!48884458!3 X-Originating-IP: [192.55.52.115] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 9.1.1; banners=-,-,- X-VirusChecked: Checked Received: (qmail 6616 invoked from network); 10 Jan 2017 07:43:18 -0000 Received: from mga14.intel.com (HELO mga14.intel.com) (192.55.52.115) by server-11.tower-31.messagelabs.com with DHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 10 Jan 2017 07:43:18 -0000 Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga103.fm.intel.com with ESMTP; 09 Jan 2017 23:43:17 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,343,1477983600"; d="scan'208";a="211582966" Received: from vmmmba-s2600wft.bj.intel.com ([10.240.193.63]) by fmsmga004.fm.intel.com with ESMTP; 09 Jan 2017 23:43:15 -0800 From: Yi Sun To: xen-devel@lists.xenproject.org Date: Tue, 10 Jan 2017 15:42:21 +0800 Message-Id: <1484034155-4521-3-git-send-email-yi.y.sun@linux.intel.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1484034155-4521-1-git-send-email-yi.y.sun@linux.intel.com> References: <1484034155-4521-1-git-send-email-yi.y.sun@linux.intel.com> Cc: wei.liu2@citrix.com, he.chen@linux.intel.com, andrew.cooper3@citrix.com, ian.jackson@eu.citrix.com, Yi Sun , jbeulich@suse.com, chao.p.peng@linux.intel.com Subject: [Xen-devel] [RFC 02/16] Rename sysctl/domctl interface and xsm policy to make them general. X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP This patch renames sysctl/domctl interfaces and related xsm policy to make them general but not only for CAT. Then, we can resuse the interfaces for all allocation features. Signed-off-by: Yi Sun --- tools/flask/policy/modules/dom0.te | 4 ++-- tools/flask/policy/modules/xen.if | 2 +- tools/libxc/xc_psr.c | 34 +++++++++++++++++----------------- xen/arch/x86/domctl.c | 36 ++++++++++++++++++------------------ xen/arch/x86/sysctl.c | 30 +++++++++++++++--------------- xen/include/public/domctl.h | 12 ++++++------ xen/include/public/sysctl.h | 12 ++++++------ xen/xsm/flask/hooks.c | 8 ++++---- xen/xsm/flask/policy/access_vectors | 8 ++++---- 9 files changed, 73 insertions(+), 73 deletions(-) diff --git a/tools/flask/policy/modules/dom0.te b/tools/flask/policy/modules/dom0.te index d0a4d91..1a376ac 100644 --- a/tools/flask/policy/modules/dom0.te +++ b/tools/flask/policy/modules/dom0.te @@ -14,7 +14,7 @@ allow dom0_t xen_t:xen { tmem_control getscheduler setscheduler }; allow dom0_t xen_t:xen2 { - resource_op psr_cmt_op psr_cat_op pmu_ctrl get_symbol + resource_op psr_cmt_op psr_alloc_op pmu_ctrl get_symbol get_cpu_levelling_caps get_cpu_featureset livepatch_op gcov_op }; @@ -39,7 +39,7 @@ allow dom0_t dom0_t:domain { }; allow dom0_t dom0_t:domain2 { set_cpuid gettsc settsc setscheduler set_max_evtchn set_vnumainfo - get_vnumainfo psr_cmt_op psr_cat_op + get_vnumainfo psr_cmt_op psr_alloc_op }; allow dom0_t dom0_t:resource { add remove }; diff --git a/tools/flask/policy/modules/xen.if b/tools/flask/policy/modules/xen.if index 1aca75d..1b69b43 100644 --- a/tools/flask/policy/modules/xen.if +++ b/tools/flask/policy/modules/xen.if @@ -52,7 +52,7 @@ define(`create_domain_common', ` settime setdomainhandle getvcpucontext set_misc_info }; allow $1 $2:domain2 { set_cpuid settsc setscheduler setclaim set_max_evtchn set_vnumainfo get_vnumainfo cacheflush - psr_cmt_op psr_cat_op soft_reset }; + psr_cmt_op psr_alloc_op soft_reset }; allow $1 $2:security check_context; allow $1 $2:shadow enable; allow $1 $2:mmu { map_read map_write adjust memorymap physmap pinpage mmuext_op updatemp }; diff --git a/tools/libxc/xc_psr.c b/tools/libxc/xc_psr.c index 31c99da..0098a4d 100644 --- a/tools/libxc/xc_psr.c +++ b/tools/libxc/xc_psr.c @@ -274,11 +274,11 @@ int xc_psr_cat_set_domain_data(xc_interface *xch, uint32_t domid, return -1; } - domctl.cmd = XEN_DOMCTL_psr_cat_op; + domctl.cmd = XEN_DOMCTL_psr_alloc_op; domctl.domain = (domid_t)domid; - domctl.u.psr_cat_op.cmd = cmd; - domctl.u.psr_cat_op.target = target; - domctl.u.psr_cat_op.data = data; + domctl.u.psr_alloc_op.cmd = cmd; + domctl.u.psr_alloc_op.target = target; + domctl.u.psr_alloc_op.data = data; return do_domctl(xch, &domctl); } @@ -310,15 +310,15 @@ int xc_psr_cat_get_domain_data(xc_interface *xch, uint32_t domid, return -1; } - domctl.cmd = XEN_DOMCTL_psr_cat_op; + domctl.cmd = XEN_DOMCTL_psr_alloc_op; domctl.domain = (domid_t)domid; - domctl.u.psr_cat_op.cmd = cmd; - domctl.u.psr_cat_op.target = target; + domctl.u.psr_alloc_op.cmd = cmd; + domctl.u.psr_alloc_op.target = target; rc = do_domctl(xch, &domctl); if ( !rc ) - *data = domctl.u.psr_cat_op.data; + *data = domctl.u.psr_alloc_op.data; return rc; } @@ -329,28 +329,28 @@ int xc_psr_cat_get_info(xc_interface *xch, uint32_t socket, unsigned int lvl, int rc = -1; DECLARE_SYSCTL; - sysctl.cmd = XEN_SYSCTL_psr_cat_op; - sysctl.u.psr_cat_op.target = socket; + sysctl.cmd = XEN_SYSCTL_psr_alloc_op; + sysctl.u.psr_alloc_op.target = socket; switch ( lvl ) { case 2: - sysctl.u.psr_cat_op.cmd = XEN_SYSCTL_PSR_CAT_get_l2_info; + sysctl.u.psr_alloc_op.cmd = XEN_SYSCTL_PSR_CAT_get_l2_info; rc = xc_sysctl(xch, &sysctl); if ( !rc ) { - *cos_max = sysctl.u.psr_cat_op.u.l2_info.cos_max; - *cbm_len = sysctl.u.psr_cat_op.u.l2_info.cbm_len; + *cos_max = sysctl.u.psr_alloc_op.u.l2_info.cos_max; + *cbm_len = sysctl.u.psr_alloc_op.u.l2_info.cbm_len; *cdp_enabled = false; } break; case 3: - sysctl.u.psr_cat_op.cmd = XEN_SYSCTL_PSR_CAT_get_l3_info; + sysctl.u.psr_alloc_op.cmd = XEN_SYSCTL_PSR_CAT_get_l3_info; rc = xc_sysctl(xch, &sysctl); if ( !rc ) { - *cos_max = sysctl.u.psr_cat_op.u.l3_info.cos_max; - *cbm_len = sysctl.u.psr_cat_op.u.l3_info.cbm_len; - *cdp_enabled = sysctl.u.psr_cat_op.u.l3_info.flags & + *cos_max = sysctl.u.psr_alloc_op.u.l3_info.cos_max; + *cbm_len = sysctl.u.psr_alloc_op.u.l3_info.cbm_len; + *cdp_enabled = sysctl.u.psr_alloc_op.u.l3_info.flags & XEN_SYSCTL_PSR_CAT_L3_CDP; } break; diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c index 175350c..3b6534b 100644 --- a/xen/arch/x86/domctl.c +++ b/xen/arch/x86/domctl.c @@ -1366,57 +1366,57 @@ long arch_do_domctl( } break; - case XEN_DOMCTL_psr_cat_op: - switch ( domctl->u.psr_cat_op.cmd ) + case XEN_DOMCTL_psr_alloc_op: + switch ( domctl->u.psr_alloc_op.cmd ) { case XEN_DOMCTL_PSR_CAT_OP_SET_L3_CBM: - ret = psr_set_val(d, domctl->u.psr_cat_op.target, - domctl->u.psr_cat_op.data, + ret = psr_set_val(d, domctl->u.psr_alloc_op.target, + domctl->u.psr_alloc_op.data, PSR_CBM_TYPE_L3); break; case XEN_DOMCTL_PSR_CAT_OP_SET_L3_CODE: - ret = psr_set_val(d, domctl->u.psr_cat_op.target, - domctl->u.psr_cat_op.data, + ret = psr_set_val(d, domctl->u.psr_alloc_op.target, + domctl->u.psr_alloc_op.data, PSR_CBM_TYPE_L3_CODE); break; case XEN_DOMCTL_PSR_CAT_OP_SET_L3_DATA: - ret = psr_set_val(d, domctl->u.psr_cat_op.target, - domctl->u.psr_cat_op.data, + ret = psr_set_val(d, domctl->u.psr_alloc_op.target, + domctl->u.psr_alloc_op.data, PSR_CBM_TYPE_L3_DATA); break; case XEN_DOMCTL_PSR_CAT_OP_SET_L2_CBM: - ret = psr_set_val(d, domctl->u.psr_cat_op.target, - domctl->u.psr_cat_op.data, + ret = psr_set_val(d, domctl->u.psr_alloc_op.target, + domctl->u.psr_alloc_op.data, PSR_CBM_TYPE_L2); break; case XEN_DOMCTL_PSR_CAT_OP_GET_L3_CBM: - ret = psr_get_val(d, domctl->u.psr_cat_op.target, - &domctl->u.psr_cat_op.data, + ret = psr_get_val(d, domctl->u.psr_alloc_op.target, + &domctl->u.psr_alloc_op.data, PSR_CBM_TYPE_L3); copyback = 1; break; case XEN_DOMCTL_PSR_CAT_OP_GET_L3_CODE: - ret = psr_get_val(d, domctl->u.psr_cat_op.target, - &domctl->u.psr_cat_op.data, + ret = psr_get_val(d, domctl->u.psr_alloc_op.target, + &domctl->u.psr_alloc_op.data, PSR_CBM_TYPE_L3_CODE); copyback = 1; break; case XEN_DOMCTL_PSR_CAT_OP_GET_L3_DATA: - ret = psr_get_val(d, domctl->u.psr_cat_op.target, - &domctl->u.psr_cat_op.data, + ret = psr_get_val(d, domctl->u.psr_alloc_op.target, + &domctl->u.psr_alloc_op.data, PSR_CBM_TYPE_L3_DATA); copyback = 1; break; case XEN_DOMCTL_PSR_CAT_OP_GET_L2_CBM: - ret = psr_get_val(d, domctl->u.psr_cat_op.target, - &domctl->u.psr_cat_op.data, + ret = psr_get_val(d, domctl->u.psr_alloc_op.target, + &domctl->u.psr_alloc_op.data, PSR_CBM_TYPE_L2); copyback = 1; break; diff --git a/xen/arch/x86/sysctl.c b/xen/arch/x86/sysctl.c index dede62c..cff56bb 100644 --- a/xen/arch/x86/sysctl.c +++ b/xen/arch/x86/sysctl.c @@ -172,20 +172,20 @@ long arch_do_sysctl( break; - case XEN_SYSCTL_psr_cat_op: - switch ( sysctl->u.psr_cat_op.cmd ) + case XEN_SYSCTL_psr_alloc_op: + switch ( sysctl->u.psr_alloc_op.cmd ) { case XEN_SYSCTL_PSR_CAT_get_l3_info: { uint32_t dat[3]; - ret = psr_get_info(sysctl->u.psr_cat_op.target, + ret = psr_get_info(sysctl->u.psr_alloc_op.target, PSR_CBM_TYPE_L3, dat, 3); if ( !ret ) { - sysctl->u.psr_cat_op.u.l3_info.cbm_len = dat[CBM_LEN]; - sysctl->u.psr_cat_op.u.l3_info.cos_max = dat[COS_MAX]; - sysctl->u.psr_cat_op.u.l3_info.flags = dat[CDP_FLAG]; + sysctl->u.psr_alloc_op.u.l3_info.cbm_len = dat[CBM_LEN]; + sysctl->u.psr_alloc_op.u.l3_info.cos_max = dat[COS_MAX]; + sysctl->u.psr_alloc_op.u.l3_info.flags = dat[CDP_FLAG]; } else { /* * Check if CDP is enabled. @@ -193,32 +193,32 @@ long arch_do_sysctl( * Per spec, L3 CAT and CDP cannot co-exist. So, we need replace * output values to CDP's if it is enabled. */ - ret = psr_get_info(sysctl->u.psr_cat_op.target, + ret = psr_get_info(sysctl->u.psr_alloc_op.target, PSR_CBM_TYPE_L3_CODE, dat, 3); if ( !ret ) { - sysctl->u.psr_cat_op.u.l3_info.cbm_len = dat[CBM_LEN]; - sysctl->u.psr_cat_op.u.l3_info.cos_max = dat[COS_MAX]; - sysctl->u.psr_cat_op.u.l3_info.flags = dat[CDP_FLAG]; + sysctl->u.psr_alloc_op.u.l3_info.cbm_len = dat[CBM_LEN]; + sysctl->u.psr_alloc_op.u.l3_info.cos_max = dat[COS_MAX]; + sysctl->u.psr_alloc_op.u.l3_info.flags = dat[CDP_FLAG]; } } - if ( !ret && __copy_field_to_guest(u_sysctl, sysctl, u.psr_cat_op) ) + if ( !ret && __copy_field_to_guest(u_sysctl, sysctl, u.psr_alloc_op) ) ret = -EFAULT; break; } case XEN_SYSCTL_PSR_CAT_get_l2_info: { uint32_t dat[2]; - ret = psr_get_info(sysctl->u.psr_cat_op.target, + ret = psr_get_info(sysctl->u.psr_alloc_op.target, PSR_CBM_TYPE_L2, dat, 2); if ( ret ) break; - sysctl->u.psr_cat_op.u.l2_info.cbm_len = dat[CBM_LEN]; - sysctl->u.psr_cat_op.u.l2_info.cos_max = dat[COS_MAX]; + sysctl->u.psr_alloc_op.u.l2_info.cbm_len = dat[CBM_LEN]; + sysctl->u.psr_alloc_op.u.l2_info.cos_max = dat[COS_MAX]; - if ( !ret && __copy_field_to_guest(u_sysctl, sysctl, u.psr_cat_op) ) + if ( !ret && __copy_field_to_guest(u_sysctl, sysctl, u.psr_alloc_op) ) ret = -EFAULT; break; } diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h index 523a2cd..f5b1466 100644 --- a/xen/include/public/domctl.h +++ b/xen/include/public/domctl.h @@ -1131,7 +1131,7 @@ struct xen_domctl_monitor_op { typedef struct xen_domctl_monitor_op xen_domctl_monitor_op_t; DEFINE_XEN_GUEST_HANDLE(xen_domctl_monitor_op_t); -struct xen_domctl_psr_cat_op { +struct xen_domctl_psr_alloc_op { #define XEN_DOMCTL_PSR_CAT_OP_SET_L3_CBM 0 #define XEN_DOMCTL_PSR_CAT_OP_GET_L3_CBM 1 #define XEN_DOMCTL_PSR_CAT_OP_SET_L3_CODE 2 @@ -1140,12 +1140,12 @@ struct xen_domctl_psr_cat_op { #define XEN_DOMCTL_PSR_CAT_OP_GET_L3_DATA 5 #define XEN_DOMCTL_PSR_CAT_OP_SET_L2_CBM 6 #define XEN_DOMCTL_PSR_CAT_OP_GET_L2_CBM 7 - uint32_t cmd; /* IN: XEN_DOMCTL_PSR_CAT_OP_* */ + uint32_t cmd; /* IN: XEN_DOMCTL_PSR_*_OP_* */ uint32_t target; /* IN */ uint64_t data; /* IN/OUT */ }; -typedef struct xen_domctl_psr_cat_op xen_domctl_psr_cat_op_t; -DEFINE_XEN_GUEST_HANDLE(xen_domctl_psr_cat_op_t); +typedef struct xen_domctl_psr_alloc_op xen_domctl_psr_alloc_op_t; +DEFINE_XEN_GUEST_HANDLE(xen_domctl_psr_alloc_op_t); struct xen_domctl { uint32_t cmd; @@ -1222,7 +1222,7 @@ struct xen_domctl { #define XEN_DOMCTL_setvnumainfo 74 #define XEN_DOMCTL_psr_cmt_op 75 #define XEN_DOMCTL_monitor_op 77 -#define XEN_DOMCTL_psr_cat_op 78 +#define XEN_DOMCTL_psr_alloc_op 78 #define XEN_DOMCTL_soft_reset 79 #define XEN_DOMCTL_gdbsx_guestmemio 1000 #define XEN_DOMCTL_gdbsx_pausevcpu 1001 @@ -1285,7 +1285,7 @@ struct xen_domctl { struct xen_domctl_vnuma vnuma; struct xen_domctl_psr_cmt_op psr_cmt_op; struct xen_domctl_monitor_op monitor_op; - struct xen_domctl_psr_cat_op psr_cat_op; + struct xen_domctl_psr_alloc_op psr_alloc_op; uint8_t pad[128]; } u; }; diff --git a/xen/include/public/sysctl.h b/xen/include/public/sysctl.h index cbf5372..71edcf0 100644 --- a/xen/include/public/sysctl.h +++ b/xen/include/public/sysctl.h @@ -745,8 +745,8 @@ DEFINE_XEN_GUEST_HANDLE(xen_sysctl_pcitopoinfo_t); #define XEN_SYSCTL_PSR_CAT_get_l3_info 0 #define XEN_SYSCTL_PSR_CAT_get_l2_info 1 -struct xen_sysctl_psr_cat_op { - uint32_t cmd; /* IN: XEN_SYSCTL_PSR_CAT_* */ +struct xen_sysctl_psr_alloc_op { + uint32_t cmd; /* IN: XEN_SYSCTL_PSR_* */ uint32_t target; /* IN */ union { struct { @@ -762,8 +762,8 @@ struct xen_sysctl_psr_cat_op { } l2_info; } u; }; -typedef struct xen_sysctl_psr_cat_op xen_sysctl_psr_cat_op_t; -DEFINE_XEN_GUEST_HANDLE(xen_sysctl_psr_cat_op_t); +typedef struct xen_sysctl_psr_alloc_op xen_sysctl_psr_alloc_op_t; +DEFINE_XEN_GUEST_HANDLE(xen_sysctl_psr_alloc_op_t); #define XEN_SYSCTL_TMEM_OP_ALL_CLIENTS 0xFFFFU @@ -1117,7 +1117,7 @@ struct xen_sysctl { #define XEN_SYSCTL_gcov_op 20 #define XEN_SYSCTL_psr_cmt_op 21 #define XEN_SYSCTL_pcitopoinfo 22 -#define XEN_SYSCTL_psr_cat_op 23 +#define XEN_SYSCTL_psr_alloc_op 23 #define XEN_SYSCTL_tmem_op 24 #define XEN_SYSCTL_get_cpu_levelling_caps 25 #define XEN_SYSCTL_get_cpu_featureset 26 @@ -1145,7 +1145,7 @@ struct xen_sysctl { struct xen_sysctl_scheduler_op scheduler_op; struct xen_sysctl_gcov_op gcov_op; struct xen_sysctl_psr_cmt_op psr_cmt_op; - struct xen_sysctl_psr_cat_op psr_cat_op; + struct xen_sysctl_psr_alloc_op psr_alloc_op; struct xen_sysctl_tmem_op tmem_op; struct xen_sysctl_cpu_levelling_caps cpu_levelling_caps; struct xen_sysctl_cpu_featureset cpu_featureset; diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index 040a251..2c2ae86 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -742,8 +742,8 @@ static int flask_domctl(struct domain *d, int cmd) case XEN_DOMCTL_psr_cmt_op: return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__PSR_CMT_OP); - case XEN_DOMCTL_psr_cat_op: - return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__PSR_CAT_OP); + case XEN_DOMCTL_psr_alloc_op: + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__PSR_ALLOC_OP); case XEN_DOMCTL_soft_reset: return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SOFT_RESET); @@ -806,9 +806,9 @@ static int flask_sysctl(int cmd) case XEN_SYSCTL_psr_cmt_op: return avc_current_has_perm(SECINITSID_XEN, SECCLASS_XEN2, XEN2__PSR_CMT_OP, NULL); - case XEN_SYSCTL_psr_cat_op: + case XEN_SYSCTL_psr_alloc_op: return avc_current_has_perm(SECINITSID_XEN, SECCLASS_XEN2, - XEN2__PSR_CAT_OP, NULL); + XEN2__PSR_ALLOC_OP, NULL); case XEN_SYSCTL_tmem_op: return domain_has_xen(current->domain, XEN__TMEM_CONTROL); diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/access_vectors index 92e6da9..14772f4 100644 --- a/xen/xsm/flask/policy/access_vectors +++ b/xen/xsm/flask/policy/access_vectors @@ -85,8 +85,8 @@ class xen2 resource_op # XEN_SYSCTL_psr_cmt_op psr_cmt_op -# XEN_SYSCTL_psr_cat_op - psr_cat_op +# XEN_SYSCTL_psr_alloc_op + psr_alloc_op # XENPF_get_symbol get_symbol # PMU control @@ -244,8 +244,8 @@ class domain2 mem_paging # XENMEM_sharing_op mem_sharing -# XEN_DOMCTL_psr_cat_op - psr_cat_op +# XEN_DOMCTL_psr_alloc_op + psr_alloc_op } # Similar to class domain, but primarily contains domctls related to HVM domains