diff mbox series

[17/23] xsm/dummy: Allow hwdom more - except targeting control

Message ID 20250306220343.203047-18-jason.andryuk@amd.com (mailing list archive)
State New
Headers show
Series ARM split hardware and control domains | expand

Commit Message

Jason Andryuk March 6, 2025, 10:03 p.m. UTC 
Allow hwdom all perms, except XSM_PRIV, and except commands where the
target is the control domain.  This protects the control domain from
hwdom while allowing the hardware domain to serve as the backend and
device model for other domUs.

Signed-off-by: Jason Andryuk <jason.andryuk@amd.com>
---
 xen/include/xsm/dummy.h | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index 9e6bc0ed12..294777e904 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -98,9 +98,12 @@  static always_inline int xsm_default_action(
     case XSM_HW_PRIV:
         if ( is_control_domain(src) && action != XSM_HW_PRIV )
             return 0;
-        if ( is_hardware_domain(src) &&
-             (action == XSM_HW_PRIV || action == XSM_DM_PRIV) )
+        if ( is_hardware_domain(src) && action != XSM_PRIV )
+        {
+            if ( target && is_control_domain(target) )
+                return -EPERM;
             return 0;
+        }
         return -EPERM;
     default:
         LINKER_BUG_ON(1);