From patchwork Tue Mar 3 12:23:19 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Alexandru Stefan ISAILA X-Patchwork-Id: 11417865 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BF33314BC for ; Tue, 3 Mar 2020 12:24:37 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 8F34E20863 for ; Tue, 3 Mar 2020 12:24:37 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=bitdefender.onmicrosoft.com header.i=@bitdefender.onmicrosoft.com header.b="Lqn62b+B" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 8F34E20863 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=bitdefender.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1j96a4-00048k-3w; Tue, 03 Mar 2020 12:23:24 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1j96a2-00048d-Tr for xen-devel@lists.xenproject.org; Tue, 03 Mar 2020 12:23:23 +0000 X-Inumbo-ID: c48607c2-5d49-11ea-a149-12813bfff9fa Received: from EUR03-DB5-obe.outbound.protection.outlook.com (unknown [40.107.4.97]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id c48607c2-5d49-11ea-a149-12813bfff9fa; Tue, 03 Mar 2020 12:23:21 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Z9jLCqgn3j/NMwvPurk+3BArcRaESocRgeVZ7ehm5Jh+xKiIVY+CM2wXWS+J6B2bh+W3KgZjd2Vey2nDOXJ2WWRL20l+S5Qc5LHT0HeDEB79EisUUnfV9Ker9l7lE8620BA3eZ57pzfN2rPqDSvQ/FOIAILWq0dEHvw7Y4PDR0U3CjUWsIZ+XNVnkvPQsDfa9++IVbLeYhohUAlT+Eabfa8rnDv72tVNhnWntptfg65lLdgHqxomr0OAVfuduJJXllv6LUtFk6XlPz7LXY2s59DjokY1etWo7X6gpkNAATuEQqxOe/MAdTbfZTuaJGW7Jf6Omjpil1SJmbxc6AiWiw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/trEf8H4kCCFm6RCPmV17ASER6YJOXa3ite5q56hWtM=; b=oUAAejbBLpTdpPzqp073tULLwlUY7BJxI92E7q1itUYczC5iA5IO5OFGrG3wMZHIaZSEGacAuyU7sjUEA4+4MZK7nb3yMGag3CMuzmVWLYUH/csCcMQORfskQ8/rmjieQQIUgy9cxC6AtKFP7P7mvCgb2lju0P74lVXaHMcftLXwpYOjWo1PZi7DeG2Kk8sv8inz5VMRmKf3pazkqjP4ccPJTRbIV15DagUeD+ldmwej2VgxVjUK+GCL+lqW2ioOHXrpxZBvA4uhKSbvTUsggZEnhZT72HTEQpTuv3Z8k6ECZdTq6NgPdLjJDctL3kn0E1B1IQhKm8gNdzTFaIl3WQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=bitdefender.com; dmarc=pass action=none header.from=bitdefender.com; dkim=pass header.d=bitdefender.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bitdefender.onmicrosoft.com; s=selector2-bitdefender-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/trEf8H4kCCFm6RCPmV17ASER6YJOXa3ite5q56hWtM=; b=Lqn62b+BkS1COvabGWal8A7kScFAdZ8pgFP4Op2MuM89YMk8tpzZh7prAV0CONB5noZZTvAS0N03fuJpYg75w5ahIoX6p6l8FLbMDkcxUTwlJS6rLuxEHJgE5dJcVOzcy2tIykAtPT4YFocMQ2e2uoESwimNLSz/k4J0cLE5eQ0= Received: from DB6PR02MB2999.eurprd02.prod.outlook.com (10.170.219.144) by DB6PR02MB3221.eurprd02.prod.outlook.com (10.170.220.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2772.15; Tue, 3 Mar 2020 12:23:19 +0000 Received: from DB6PR02MB2999.eurprd02.prod.outlook.com ([fe80::f87f:d4b3:234f:d43e]) by DB6PR02MB2999.eurprd02.prod.outlook.com ([fe80::f87f:d4b3:234f:d43e%4]) with mapi id 15.20.2772.019; Tue, 3 Mar 2020 12:23:19 +0000 Received: from aisaila-Latitude-E5570.dsd.bitdefender.biz (91.199.104.6) by AM4PR05CA0036.eurprd05.prod.outlook.com (2603:10a6:205::49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2772.15 via Frontend Transport; Tue, 3 Mar 2020 12:23:18 +0000 From: Alexandru Stefan ISAILA To: "xen-devel@lists.xenproject.org" Thread-Topic: [PATCH V6] x86/altp2m: Hypercall to set altp2m view visibility Thread-Index: AQHV8VaFWzT4PZYI70qii0UzQw6fbg== Date: Tue, 3 Mar 2020 12:23:19 +0000 Message-ID: <20200303122240.27013-1-aisaila@bitdefender.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: AM4PR05CA0036.eurprd05.prod.outlook.com (2603:10a6:205::49) To DB6PR02MB2999.eurprd02.prod.outlook.com (2603:10a6:6:17::16) authentication-results: spf=none (sender IP is ) smtp.mailfrom=aisaila@bitdefender.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.17.1 x-originating-ip: [91.199.104.6] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: ab4ac315-b00a-4cee-2fa6-08d7bf6da847 x-ms-traffictypediagnostic: DB6PR02MB3221:|DB6PR02MB3221: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:265; x-forefront-prvs: 03319F6FEF x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(39860400002)(376002)(366004)(136003)(396003)(199004)(189003)(186003)(36756003)(16526019)(6512007)(6486002)(956004)(6916009)(2616005)(1076003)(478600001)(52116002)(81156014)(81166006)(8676002)(66946007)(8936002)(86362001)(6506007)(7416002)(54906003)(66476007)(66556008)(64756008)(66446008)(4326008)(2906002)(316002)(5660300002)(71200400001)(30864003)(26005); DIR:OUT; SFP:1102; SCL:1; SRVR:DB6PR02MB3221; H:DB6PR02MB2999.eurprd02.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: bitdefender.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: pIxXOypAW2VkeDAWYaksB1jEM95+XLRF+Ku46z0vHuYw88UPjEMSyQyreNVoO+fF0I4NMm0FWRsF13u/1WyY4eGPOrl6vn7obWYxlvrpeGCSqpJyAsuNjbWMI5NlVcdmh2Zd6mWyMlkIbaXSkYSapQyJ/b5rSygW2zBLT+wlQzitAcFHnSss8ZZKNC1Ih8Ki7y/ghk/vW6DjKxOCgOulLyZLHtAB8yWwStdTrpIzeX4Ow6Ixlvs5/82XIMoToB9OeTYHBP2ZEchbxkPbbajP+RFZDj1ZGmbt+HCdWHOe8btqaGxksR7+OkZdtrb2/cgh7+xy+aXKZlwmJXqFDFqA48RFgwtrTQW5eWgCcJl8Pc/HyyjkuohU+LC59E2w+WEogAUhSTlt6ItIeq3neQC++X4hN1eJdw4lNB9WzhvlbJF1DxYoZe7tY0v6Wj3ukgda x-ms-exchange-antispam-messagedata: wm3RzfXCqjXy7y/xYbUzDvNmYSmS8/Ck06rPPBYfgTt5Zr2B32n3V7oQtI2Wm3lREUTN2y8xZXlGtMKXzS9zpDJbrx5IbGFhKVDtWzjrC993kpbNskznYl+WBg6CWDDyrjo37284lQNIavLbtf69hg== Content-ID: <224795E3A9B1824C9622BBD51FBFEDB3@eurprd02.prod.outlook.com> MIME-Version: 1.0 X-OriginatorOrg: bitdefender.com X-MS-Exchange-CrossTenant-Network-Message-Id: ab4ac315-b00a-4cee-2fa6-08d7bf6da847 X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Mar 2020 12:23:19.4670 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 487baf29-f1da-469a-9221-243f830c36f3 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: C/PFhTPjYBJgx2RaW2Kv7Ny75to4h9yLIhDojhmXfz63ar6qxkLES9dvAtHNRWSgJienXUkXKQub0SVaq8LAHTaGd5DhQA0fczqzIs4K0Ww= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR02MB3221 Subject: [Xen-devel] [PATCH V6] x86/altp2m: Hypercall to set altp2m view visibility X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Kevin Tian , Stefano Stabellini , Julien Grall , Jun Nakajima , Wei Liu , Konrad Rzeszutek Wilk , George Dunlap , Andrew Cooper , Ian Jackson , Jan Beulich , Alexandru Stefan ISAILA , =?utf-8?q?Roger_Pau_Monn?= =?utf-8?q?=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" At this moment a guest can call vmfunc to change the altp2m view. This should be limited in order to avoid any unwanted view switch. The new xc_altp2m_set_visibility() solves this by making views invisible to vmfunc. This is done by having a separate arch.altp2m_working_eptp that is populated and made invalid in the same places as altp2m_eptp. This is written to EPTP_LIST_ADDR. The views are made in/visible by marking them with INVALID_MFN or copying them back from altp2m_eptp. To have consistency the visibility also applies to p2m_switch_domain_altp2m_by_id(). Note: If altp2m mode is set to mixed the guest is able to change the view visibility and then call vmfunc. Signed-off-by: Alexandru Isaila Reviewed-by: Jan Beulich --- CC: Ian Jackson CC: Wei Liu CC: Andrew Cooper CC: George Dunlap CC: Jan Beulich CC: Julien Grall CC: Konrad Rzeszutek Wilk CC: Stefano Stabellini CC: "Roger Pau Monné" CC: Jun Nakajima CC: Kevin Tian --- Changes since V5: - Change idx type from uint16_t to unsigned int - Add rc var and dropped the err return from p2m_get_suppress_ve(). Changes since V4: - Move p2m specific things from hvm to p2m.c - Add comment for altp2m_idx bounds check - Add altp2m_list_lock/unlock(). Changes since V3: - Change var name form altp2m_idx to idx to shorten line length - Add bounds check for idx - Update commit message - Add comment in xenctrl.h. Changes since V2: - Drop hap_enabled() check - Reduce the indentation depth in hvm.c - Fix assignment indentation - Drop pad2. Changes since V1: - Drop double view from title. --- tools/libxc/include/xenctrl.h | 7 +++++++ tools/libxc/xc_altp2m.c | 24 +++++++++++++++++++++++ xen/arch/x86/hvm/hvm.c | 14 ++++++++++++++ xen/arch/x86/hvm/vmx/vmx.c | 2 +- xen/arch/x86/mm/hap/hap.c | 15 +++++++++++++++ xen/arch/x86/mm/p2m-ept.c | 1 + xen/arch/x86/mm/p2m.c | 34 +++++++++++++++++++++++++++++++-- xen/include/asm-x86/domain.h | 1 + xen/include/asm-x86/p2m.h | 4 ++++ xen/include/public/hvm/hvm_op.h | 9 +++++++++ 10 files changed, 108 insertions(+), 3 deletions(-) diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h index fc6e57a1a0..2e6e652678 100644 --- a/tools/libxc/include/xenctrl.h +++ b/tools/libxc/include/xenctrl.h @@ -1943,6 +1943,13 @@ int xc_altp2m_change_gfn(xc_interface *handle, uint32_t domid, xen_pfn_t new_gfn); int xc_altp2m_get_vcpu_p2m_idx(xc_interface *handle, uint32_t domid, uint32_t vcpuid, uint16_t *p2midx); +/* + * Set view visibility for xc_altp2m_switch_to_view and vmfunc. + * Note: If altp2m mode is set to mixed the guest is able to change the view + * visibility and then call vmfunc. + */ +int xc_altp2m_set_visibility(xc_interface *handle, uint32_t domid, + uint16_t view_id, bool visible); /** * Mem paging operations. diff --git a/tools/libxc/xc_altp2m.c b/tools/libxc/xc_altp2m.c index 46fb725806..6987c9541f 100644 --- a/tools/libxc/xc_altp2m.c +++ b/tools/libxc/xc_altp2m.c @@ -410,3 +410,27 @@ int xc_altp2m_get_vcpu_p2m_idx(xc_interface *handle, uint32_t domid, xc_hypercall_buffer_free(handle, arg); return rc; } + +int xc_altp2m_set_visibility(xc_interface *handle, uint32_t domid, + uint16_t view_id, bool visible) +{ + int rc; + + DECLARE_HYPERCALL_BUFFER(xen_hvm_altp2m_op_t, arg); + + arg = xc_hypercall_buffer_alloc(handle, arg, sizeof(*arg)); + if ( arg == NULL ) + return -1; + + arg->version = HVMOP_ALTP2M_INTERFACE_VERSION; + arg->cmd = HVMOP_altp2m_set_visibility; + arg->domain = domid; + arg->u.set_visibility.altp2m_idx = view_id; + arg->u.set_visibility.visible = visible; + + rc = xencall2(handle->xcall, __HYPERVISOR_hvm_op, HVMOP_altp2m, + HYPERCALL_BUFFER_AS_ARG(arg)); + + xc_hypercall_buffer_free(handle, arg); + return rc; +} diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index db5d7b4d30..7e631e30dd 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -4564,6 +4564,7 @@ static int do_altp2m_op( case HVMOP_altp2m_get_mem_access: case HVMOP_altp2m_change_gfn: case HVMOP_altp2m_get_p2m_idx: + case HVMOP_altp2m_set_visibility: break; default: @@ -4841,6 +4842,19 @@ static int do_altp2m_op( break; } + case HVMOP_altp2m_set_visibility: + { + unsigned int idx = a.u.set_visibility.altp2m_idx; + + if ( a.u.set_visibility.pad ) + rc = -EINVAL; + else if ( !altp2m_active(d) ) + rc = -EOPNOTSUPP; + else + rc = p2m_set_altp2m_view_visibility(d, idx, + a.u.set_visibility.visible); + } + default: ASSERT_UNREACHABLE(); } diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index d265ed46ad..bb44ef39a1 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -2140,7 +2140,7 @@ static void vmx_vcpu_update_vmfunc_ve(struct vcpu *v) { v->arch.hvm.vmx.secondary_exec_control |= mask; __vmwrite(VM_FUNCTION_CONTROL, VMX_VMFUNC_EPTP_SWITCHING); - __vmwrite(EPTP_LIST_ADDR, virt_to_maddr(d->arch.altp2m_eptp)); + __vmwrite(EPTP_LIST_ADDR, virt_to_maddr(d->arch.altp2m_working_eptp)); if ( cpu_has_vmx_virt_exceptions ) { diff --git a/xen/arch/x86/mm/hap/hap.c b/xen/arch/x86/mm/hap/hap.c index 3d93f3451c..5969ec8922 100644 --- a/xen/arch/x86/mm/hap/hap.c +++ b/xen/arch/x86/mm/hap/hap.c @@ -488,8 +488,17 @@ int hap_enable(struct domain *d, u32 mode) goto out; } + if ( (d->arch.altp2m_working_eptp = alloc_xenheap_page()) == NULL ) + { + rv = -ENOMEM; + goto out; + } + for ( i = 0; i < MAX_EPTP; i++ ) + { d->arch.altp2m_eptp[i] = mfn_x(INVALID_MFN); + d->arch.altp2m_working_eptp[i] = mfn_x(INVALID_MFN); + } for ( i = 0; i < MAX_ALTP2M; i++ ) { @@ -523,6 +532,12 @@ void hap_final_teardown(struct domain *d) d->arch.altp2m_eptp = NULL; } + if ( d->arch.altp2m_working_eptp ) + { + free_xenheap_page(d->arch.altp2m_working_eptp); + d->arch.altp2m_working_eptp = NULL; + } + for ( i = 0; i < MAX_ALTP2M; i++ ) p2m_teardown(d->arch.altp2m_p2m[i]); } diff --git a/xen/arch/x86/mm/p2m-ept.c b/xen/arch/x86/mm/p2m-ept.c index eb0f0edfef..6539ca619b 100644 --- a/xen/arch/x86/mm/p2m-ept.c +++ b/xen/arch/x86/mm/p2m-ept.c @@ -1368,6 +1368,7 @@ void p2m_init_altp2m_ept(struct domain *d, unsigned int i) ept = &p2m->ept; ept->mfn = pagetable_get_pfn(p2m_get_pagetable(p2m)); d->arch.altp2m_eptp[array_index_nospec(i, MAX_EPTP)] = ept->eptp; + d->arch.altp2m_working_eptp[array_index_nospec(i, MAX_EPTP)] = ept->eptp; } unsigned int p2m_find_altp2m_by_eptp(struct domain *d, uint64_t eptp) diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c index 3719deae77..0677691783 100644 --- a/xen/arch/x86/mm/p2m.c +++ b/xen/arch/x86/mm/p2m.c @@ -2516,6 +2516,7 @@ void p2m_flush_altp2m(struct domain *d) { p2m_reset_altp2m(d, i, ALTP2M_DEACTIVATE); d->arch.altp2m_eptp[i] = mfn_x(INVALID_MFN); + d->arch.altp2m_working_eptp[i] = mfn_x(INVALID_MFN); } altp2m_list_unlock(d); @@ -2635,7 +2636,9 @@ int p2m_destroy_altp2m_by_id(struct domain *d, unsigned int idx) { p2m_reset_altp2m(d, idx, ALTP2M_DEACTIVATE); d->arch.altp2m_eptp[array_index_nospec(idx, MAX_EPTP)] = - mfn_x(INVALID_MFN); + mfn_x(INVALID_MFN); + d->arch.altp2m_working_eptp[array_index_nospec(idx, MAX_EPTP)] = + mfn_x(INVALID_MFN); rc = 0; } } @@ -2662,7 +2665,7 @@ int p2m_switch_domain_altp2m_by_id(struct domain *d, unsigned int idx) rc = -EINVAL; altp2m_list_lock(d); - if ( d->arch.altp2m_eptp[idx] != mfn_x(INVALID_MFN) ) + if ( d->arch.altp2m_working_eptp[idx] != mfn_x(INVALID_MFN) ) { for_each_vcpu( d, v ) if ( idx != vcpu_altp2m(v).p2midx ) @@ -3146,6 +3149,33 @@ int p2m_get_suppress_ve(struct domain *d, gfn_t gfn, bool *suppress_ve, return rc; } + +int p2m_set_altp2m_view_visibility(struct domain *d, unsigned int altp2m_idx, + uint8_t visible) +{ + int rc = 0; + + altp2m_list_lock(d); + + /* + * Eptp index is correlated with altp2m index and should not exceed + * min(MAX_ALTP2M, MAX_EPTP). + */ + if ( altp2m_idx >= min(ARRAY_SIZE(d->arch.altp2m_p2m), MAX_EPTP) || + d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_EPTP)] == + mfn_x(INVALID_MFN) ) + rc = -EINVAL; + else if ( visible ) + d->arch.altp2m_working_eptp[array_index_nospec(altp2m_idx, MAX_EPTP)] = + d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_EPTP)]; + else + d->arch.altp2m_working_eptp[array_index_nospec(altp2m_idx, MAX_EPTP)] = + mfn_x(INVALID_MFN); + + altp2m_list_unlock(d); + + return rc; +} #endif /* diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h index 105adf96eb..800e12eae5 100644 --- a/xen/include/asm-x86/domain.h +++ b/xen/include/asm-x86/domain.h @@ -327,6 +327,7 @@ struct arch_domain struct p2m_domain *altp2m_p2m[MAX_ALTP2M]; mm_lock_t altp2m_list_lock; uint64_t *altp2m_eptp; + uint64_t *altp2m_working_eptp; #endif /* NB. protected by d->event_lock and by irq_desc[irq].lock */ diff --git a/xen/include/asm-x86/p2m.h b/xen/include/asm-x86/p2m.h index 0cf531abb7..0f7ec4a9f6 100644 --- a/xen/include/asm-x86/p2m.h +++ b/xen/include/asm-x86/p2m.h @@ -897,6 +897,10 @@ int p2m_change_altp2m_gfn(struct domain *d, unsigned int idx, int p2m_altp2m_propagate_change(struct domain *d, gfn_t gfn, mfn_t mfn, unsigned int page_order, p2m_type_t p2mt, p2m_access_t p2ma); + +/* Set a specific p2m view visibility */ +int p2m_set_altp2m_view_visibility(struct domain *d, unsigned int idx, + uint8_t visible); #else struct p2m_domain *p2m_get_altp2m(struct vcpu *v); static inline void p2m_altp2m_check(struct vcpu *v, uint16_t idx) {} diff --git a/xen/include/public/hvm/hvm_op.h b/xen/include/public/hvm/hvm_op.h index b599d3cbd0..870ec52060 100644 --- a/xen/include/public/hvm/hvm_op.h +++ b/xen/include/public/hvm/hvm_op.h @@ -318,6 +318,12 @@ struct xen_hvm_altp2m_get_vcpu_p2m_idx { uint16_t altp2m_idx; }; +struct xen_hvm_altp2m_set_visibility { + uint16_t altp2m_idx; + uint8_t visible; + uint8_t pad; +}; + struct xen_hvm_altp2m_op { uint32_t version; /* HVMOP_ALTP2M_INTERFACE_VERSION */ uint32_t cmd; @@ -350,6 +356,8 @@ struct xen_hvm_altp2m_op { #define HVMOP_altp2m_get_p2m_idx 14 /* Set the "Supress #VE" bit for a range of pages */ #define HVMOP_altp2m_set_suppress_ve_multi 15 +/* Set visibility for a given altp2m view */ +#define HVMOP_altp2m_set_visibility 16 domid_t domain; uint16_t pad1; uint32_t pad2; @@ -367,6 +375,7 @@ struct xen_hvm_altp2m_op { struct xen_hvm_altp2m_suppress_ve_multi suppress_ve_multi; struct xen_hvm_altp2m_vcpu_disable_notify disable_notify; struct xen_hvm_altp2m_get_vcpu_p2m_idx get_vcpu_p2m_idx; + struct xen_hvm_altp2m_set_visibility set_visibility; uint8_t pad[64]; } u; };