From patchwork Thu Jun 17 23:39:13 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Daniel P. Smith" X-Patchwork-Id: 12329741 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5E6C1C2B9F4 for ; Thu, 17 Jun 2021 23:30:23 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id D9F836117A for ; Thu, 17 Jun 2021 23:30:22 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D9F836117A Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=apertussolutions.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.144195.265465 (Exim 4.92) (envelope-from ) id 1lu1Sh-0001c2-7k; Thu, 17 Jun 2021 23:30:15 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 144195.265465; Thu, 17 Jun 2021 23:30:15 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lu1Sh-0001bv-4N; Thu, 17 Jun 2021 23:30:15 +0000 Received: by outflank-mailman (input) for mailman id 144195; Thu, 17 Jun 2021 23:30:14 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lu1Sg-00010r-0g for xen-devel@lists.xenproject.org; Thu, 17 Jun 2021 23:30:14 +0000 Received: from sender4-of-o51.zoho.com (unknown [136.143.188.51]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 40ef623f-d304-42f1-ba20-cc0930f6336c; Thu, 17 Jun 2021 23:30:10 +0000 (UTC) Received: from sisyou.hme. (static-72-81-132-2.bltmmd.fios.verizon.net [72.81.132.2]) by mx.zohomail.com with SMTPS id 1623972573889956.4417367035688; Thu, 17 Jun 2021 16:29:33 -0700 (PDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 40ef623f-d304-42f1-ba20-cc0930f6336c ARC-Seal: i=1; a=rsa-sha256; t=1623972575; cv=none; d=zohomail.com; s=zohoarc; b=VDKBwQj1nBzvqtW2U2T2yODFSh19+L7TNYnUcxqns/QuplbzvW7nIDrbYXQgy7M91qcLWPbJk6BEFZIPml78757s0m8aEYgJTT5tuhC32L91UqceBmLI3UJFkXAgIPMQMcnPN8b7EBkMBoYrexquS8zNDwKSt3t/lFlvLzTp9aw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1623972575; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=fWqFbTBqMZZzOoUgYd44Oj5rLniCHoQ0vcCj6pqgPxc=; b=MaY4qcskFZUZlhXJgduggXnSC0ghPNgOGTbIsKKf46uIrBFueWmCl6CYfLB/Vf3lLt+99loQntPcMlgnfvB6u0JhUA6goPnR9oLfd0A9/dj434dsR5VLomAPBPIi34grMh+Zw6kL4RSpPzeNoZUgeQuoneauTf1qgmpg0ujHpBs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@apertussolutions.com; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1623972575; s=zoho; d=apertussolutions.com; i=dpsmith@apertussolutions.com; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding; bh=fWqFbTBqMZZzOoUgYd44Oj5rLniCHoQ0vcCj6pqgPxc=; b=S3z/HflOTs1iefs2tCSSlgFxak5hHmUP9Y4UI15vvY+pTCWIsOSyQKXnOTzDmpZC TaCMr48D4YFMgM2Bc6aDabniZnrJzOVMCUo0PUe6VtscyCNB47bOBXMN0Ys3UU/zULt FzUre7lguw/7AIKMOC5I5N45CskbMKOqDnTYDThk= From: "Daniel P. Smith" To: xen-devel@lists.xenproject.org Cc: Stefano Stabellini , Julien Grall , Volodymyr Babchuk , Andrew Cooper , George Dunlap , Ian Jackson , Jan Beulich , Wei Liu , =?utf-8?q?Roger_Pau_?= =?utf-8?q?Monn=C3=A9?= , Tamas K Lengyel , Tim Deegan , Juergen Gross , Alexandru Isaila , Petre Pircalabu , Dario Faggioli , Paul Durrant , Daniel De Graaf , persaur@gmail.com, christopher.w.clark@gmail.com, adam.schwalm@starlab.io, scott.davis@starlab.io Subject: [PATCH 1/6] xsm: refactor xsm_ops handling Date: Thu, 17 Jun 2021 19:39:13 -0400 Message-Id: <20210617233918.10095-2-dpsmith@apertussolutions.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210617233918.10095-1-dpsmith@apertussolutions.com> References: <20210617233918.10095-1-dpsmith@apertussolutions.com> MIME-Version: 1.0 X-ZohoMailClient: External The assignment and setup of xsm_ops structure was refactored to make it a one-time assignment. The calling of the xsm_ops were refactored to use the alternate_call framework to reduce the need for retpolines. Signed-off-by: Daniel P. Smith --- xen/include/xsm/xsm.h | 206 ++++++++++++++++++++------------------- xen/xsm/dummy.c | 2 - xen/xsm/flask/flask_op.c | 21 +--- xen/xsm/xsm_core.c | 50 ++++++---- 4 files changed, 138 insertions(+), 141 deletions(-) diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index ad3cddbf7d..86ca045e74 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -15,6 +15,9 @@ #ifndef __XSM_H__ #define __XSM_H__ +#ifdef CONFIG_XSM +#include +#endif #include #include @@ -191,295 +194,295 @@ struct xsm_operations { #ifdef CONFIG_XSM -extern struct xsm_operations *xsm_ops; +extern struct xsm_operations xsm_ops; #ifndef XSM_NO_WRAPPERS static inline void xsm_security_domaininfo (struct domain *d, struct xen_domctl_getdomaininfo *info) { - xsm_ops->security_domaininfo(d, info); + alternative_vcall(xsm_ops.security_domaininfo, d, info); } static inline int xsm_domain_create (xsm_default_t def, struct domain *d, u32 ssidref) { - return xsm_ops->domain_create(d, ssidref); + return alternative_call(xsm_ops.domain_create, d, ssidref); } static inline int xsm_getdomaininfo (xsm_default_t def, struct domain *d) { - return xsm_ops->getdomaininfo(d); + return alternative_call(xsm_ops.getdomaininfo, d); } static inline int xsm_domctl_scheduler_op (xsm_default_t def, struct domain *d, int cmd) { - return xsm_ops->domctl_scheduler_op(d, cmd); + return alternative_call(xsm_ops.domctl_scheduler_op, d, cmd); } static inline int xsm_sysctl_scheduler_op (xsm_default_t def, int cmd) { - return xsm_ops->sysctl_scheduler_op(cmd); + return alternative_call(xsm_ops.sysctl_scheduler_op, cmd); } static inline int xsm_set_target (xsm_default_t def, struct domain *d, struct domain *e) { - return xsm_ops->set_target(d, e); + return alternative_call(xsm_ops.set_target, d, e); } static inline int xsm_domctl (xsm_default_t def, struct domain *d, int cmd) { - return xsm_ops->domctl(d, cmd); + return alternative_call(xsm_ops.domctl, d, cmd); } static inline int xsm_sysctl (xsm_default_t def, int cmd) { - return xsm_ops->sysctl(cmd); + return alternative_call(xsm_ops.sysctl, cmd); } static inline int xsm_readconsole (xsm_default_t def, uint32_t clear) { - return xsm_ops->readconsole(clear); + return alternative_call(xsm_ops.readconsole, clear); } static inline int xsm_evtchn_unbound (xsm_default_t def, struct domain *d1, struct evtchn *chn, domid_t id2) { - return xsm_ops->evtchn_unbound(d1, chn, id2); + return alternative_call(xsm_ops.evtchn_unbound, d1, chn, id2); } static inline int xsm_evtchn_interdomain (xsm_default_t def, struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { - return xsm_ops->evtchn_interdomain(d1, chan1, d2, chan2); + return alternative_call(xsm_ops.evtchn_interdomain, d1, chan1, d2, chan2); } static inline void xsm_evtchn_close_post (struct evtchn *chn) { - xsm_ops->evtchn_close_post(chn); + alternative_vcall(xsm_ops.evtchn_close_post, chn); } static inline int xsm_evtchn_send (xsm_default_t def, struct domain *d, struct evtchn *chn) { - return xsm_ops->evtchn_send(d, chn); + return alternative_call(xsm_ops.evtchn_send, d, chn); } static inline int xsm_evtchn_status (xsm_default_t def, struct domain *d, struct evtchn *chn) { - return xsm_ops->evtchn_status(d, chn); + return alternative_call(xsm_ops.evtchn_status, d, chn); } static inline int xsm_evtchn_reset (xsm_default_t def, struct domain *d1, struct domain *d2) { - return xsm_ops->evtchn_reset(d1, d2); + return alternative_call(xsm_ops.evtchn_reset, d1, d2); } static inline int xsm_grant_mapref (xsm_default_t def, struct domain *d1, struct domain *d2, uint32_t flags) { - return xsm_ops->grant_mapref(d1, d2, flags); + return alternative_call(xsm_ops.grant_mapref, d1, d2, flags); } static inline int xsm_grant_unmapref (xsm_default_t def, struct domain *d1, struct domain *d2) { - return xsm_ops->grant_unmapref(d1, d2); + return alternative_call(xsm_ops.grant_unmapref, d1, d2); } static inline int xsm_grant_setup (xsm_default_t def, struct domain *d1, struct domain *d2) { - return xsm_ops->grant_setup(d1, d2); + return alternative_call(xsm_ops.grant_setup, d1, d2); } static inline int xsm_grant_transfer (xsm_default_t def, struct domain *d1, struct domain *d2) { - return xsm_ops->grant_transfer(d1, d2); + return alternative_call(xsm_ops.grant_transfer, d1, d2); } static inline int xsm_grant_copy (xsm_default_t def, struct domain *d1, struct domain *d2) { - return xsm_ops->grant_copy(d1, d2); + return alternative_call(xsm_ops.grant_copy, d1, d2); } static inline int xsm_grant_query_size (xsm_default_t def, struct domain *d1, struct domain *d2) { - return xsm_ops->grant_query_size(d1, d2); + return alternative_call(xsm_ops.grant_query_size, d1, d2); } static inline int xsm_alloc_security_domain (struct domain *d) { - return xsm_ops->alloc_security_domain(d); + return alternative_call(xsm_ops.alloc_security_domain, d); } static inline void xsm_free_security_domain (struct domain *d) { - xsm_ops->free_security_domain(d); + alternative_vcall(xsm_ops.free_security_domain, d); } static inline int xsm_alloc_security_evtchns( struct evtchn chn[], unsigned int nr) { - return xsm_ops->alloc_security_evtchns(chn, nr); + return alternative_call(xsm_ops.alloc_security_evtchns, chn, nr); } static inline void xsm_free_security_evtchns( struct evtchn chn[], unsigned int nr) { - xsm_ops->free_security_evtchns(chn, nr); + alternative_vcall(xsm_ops.free_security_evtchns, chn, nr); } static inline char *xsm_show_security_evtchn (struct domain *d, const struct evtchn *chn) { - return xsm_ops->show_security_evtchn(d, chn); + return alternative_call(xsm_ops.show_security_evtchn, d, chn); } static inline int xsm_init_hardware_domain (xsm_default_t def, struct domain *d) { - return xsm_ops->init_hardware_domain(d); + return alternative_call(xsm_ops.init_hardware_domain, d); } static inline int xsm_get_pod_target (xsm_default_t def, struct domain *d) { - return xsm_ops->get_pod_target(d); + return alternative_call(xsm_ops.get_pod_target, d); } static inline int xsm_set_pod_target (xsm_default_t def, struct domain *d) { - return xsm_ops->set_pod_target(d); + return alternative_call(xsm_ops.set_pod_target, d); } static inline int xsm_memory_exchange (xsm_default_t def, struct domain *d) { - return xsm_ops->memory_exchange(d); + return alternative_call(xsm_ops.memory_exchange, d); } static inline int xsm_memory_adjust_reservation (xsm_default_t def, struct domain *d1, struct domain *d2) { - return xsm_ops->memory_adjust_reservation(d1, d2); + return alternative_call(xsm_ops.memory_adjust_reservation, d1, d2); } static inline int xsm_memory_stat_reservation (xsm_default_t def, struct domain *d1, struct domain *d2) { - return xsm_ops->memory_stat_reservation(d1, d2); + return alternative_call(xsm_ops.memory_stat_reservation, d1, d2); } static inline int xsm_memory_pin_page(xsm_default_t def, struct domain *d1, struct domain *d2, struct page_info *page) { - return xsm_ops->memory_pin_page(d1, d2, page); + return alternative_call(xsm_ops.memory_pin_page, d1, d2, page); } static inline int xsm_add_to_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) { - return xsm_ops->add_to_physmap(d1, d2); + return alternative_call(xsm_ops.add_to_physmap, d1, d2); } static inline int xsm_remove_from_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) { - return xsm_ops->remove_from_physmap(d1, d2); + return alternative_call(xsm_ops.remove_from_physmap, d1, d2); } static inline int xsm_map_gmfn_foreign (xsm_default_t def, struct domain *d, struct domain *t) { - return xsm_ops->map_gmfn_foreign(d, t); + return alternative_call(xsm_ops.map_gmfn_foreign, d, t); } static inline int xsm_claim_pages(xsm_default_t def, struct domain *d) { - return xsm_ops->claim_pages(d); + return alternative_call(xsm_ops.claim_pages, d); } static inline int xsm_console_io (xsm_default_t def, struct domain *d, int cmd) { - return xsm_ops->console_io(d, cmd); + return alternative_call(xsm_ops.console_io, d, cmd); } static inline int xsm_profile (xsm_default_t def, struct domain *d, int op) { - return xsm_ops->profile(d, op); + return alternative_call(xsm_ops.profile, d, op); } static inline int xsm_kexec (xsm_default_t def) { - return xsm_ops->kexec(); + return alternative_call(xsm_ops.kexec); } static inline int xsm_schedop_shutdown (xsm_default_t def, struct domain *d1, struct domain *d2) { - return xsm_ops->schedop_shutdown(d1, d2); + return alternative_call(xsm_ops.schedop_shutdown, d1, d2); } static inline char *xsm_show_irq_sid (int irq) { - return xsm_ops->show_irq_sid(irq); + return alternative_call(xsm_ops.show_irq_sid, irq); } static inline int xsm_map_domain_pirq (xsm_default_t def, struct domain *d) { - return xsm_ops->map_domain_pirq(d); + return alternative_call(xsm_ops.map_domain_pirq, d); } static inline int xsm_map_domain_irq (xsm_default_t def, struct domain *d, int irq, void *data) { - return xsm_ops->map_domain_irq(d, irq, data); + return alternative_call(xsm_ops.map_domain_irq, d, irq, data); } static inline int xsm_unmap_domain_pirq (xsm_default_t def, struct domain *d) { - return xsm_ops->unmap_domain_pirq(d); + return alternative_call(xsm_ops.unmap_domain_pirq, d); } static inline int xsm_unmap_domain_irq (xsm_default_t def, struct domain *d, int irq, void *data) { - return xsm_ops->unmap_domain_irq(d, irq, data); + return alternative_call(xsm_ops.unmap_domain_irq, d, irq, data); } static inline int xsm_bind_pt_irq(xsm_default_t def, struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return xsm_ops->bind_pt_irq(d, bind); + return alternative_call(xsm_ops.bind_pt_irq, d, bind); } static inline int xsm_unbind_pt_irq(xsm_default_t def, struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return xsm_ops->unbind_pt_irq(d, bind); + return alternative_call(xsm_ops.unbind_pt_irq, d, bind); } static inline int xsm_irq_permission (xsm_default_t def, struct domain *d, int pirq, uint8_t allow) { - return xsm_ops->irq_permission(d, pirq, allow); + return alternative_call(xsm_ops.irq_permission, d, pirq, allow); } static inline int xsm_iomem_permission (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - return xsm_ops->iomem_permission(d, s, e, allow); + return alternative_call(xsm_ops.iomem_permission, d, s, e, allow); } static inline int xsm_iomem_mapping (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - return xsm_ops->iomem_mapping(d, s, e, allow); + return alternative_call(xsm_ops.iomem_mapping, d, s, e, allow); } static inline int xsm_pci_config_permission (xsm_default_t def, struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { - return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access); + return alternative_call(xsm_ops.pci_config_permission, d, machine_bdf, start, end, access); } #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) static inline int xsm_get_device_group(xsm_default_t def, uint32_t machine_bdf) { - return xsm_ops->get_device_group(machine_bdf); + return alternative_call(xsm_ops.get_device_group, machine_bdf); } static inline int xsm_assign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) { - return xsm_ops->assign_device(d, machine_bdf); + return alternative_call(xsm_ops.assign_device, d, machine_bdf); } static inline int xsm_deassign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) { - return xsm_ops->deassign_device(d, machine_bdf); + return alternative_call(xsm_ops.deassign_device, d, machine_bdf); } #endif /* HAS_PASSTHROUGH && HAS_PCI) */ @@ -487,240 +490,243 @@ static inline int xsm_deassign_device(xsm_default_t def, struct domain *d, uint3 static inline int xsm_assign_dtdevice(xsm_default_t def, struct domain *d, const char *dtpath) { - return xsm_ops->assign_dtdevice(d, dtpath); + return alternative_call(xsm_ops.assign_dtdevice, d, dtpath); } static inline int xsm_deassign_dtdevice(xsm_default_t def, struct domain *d, const char *dtpath) { - return xsm_ops->deassign_dtdevice(d, dtpath); + return alternative_call(xsm_ops.deassign_dtdevice, d, dtpath); } #endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE */ static inline int xsm_resource_plug_pci (xsm_default_t def, uint32_t machine_bdf) { - return xsm_ops->resource_plug_pci(machine_bdf); + return alternative_call(xsm_ops.resource_plug_pci, machine_bdf); } static inline int xsm_resource_unplug_pci (xsm_default_t def, uint32_t machine_bdf) { - return xsm_ops->resource_unplug_pci(machine_bdf); + return alternative_call(xsm_ops.resource_unplug_pci, machine_bdf); } static inline int xsm_resource_plug_core (xsm_default_t def) { - return xsm_ops->resource_plug_core(); + return alternative_call(xsm_ops.resource_plug_core); } static inline int xsm_resource_unplug_core (xsm_default_t def) { - return xsm_ops->resource_unplug_core(); + return alternative_call(xsm_ops.resource_unplug_core); } static inline int xsm_resource_setup_pci (xsm_default_t def, uint32_t machine_bdf) { - return xsm_ops->resource_setup_pci(machine_bdf); + return alternative_call(xsm_ops.resource_setup_pci, machine_bdf); } static inline int xsm_resource_setup_gsi (xsm_default_t def, int gsi) { - return xsm_ops->resource_setup_gsi(gsi); + return alternative_call(xsm_ops.resource_setup_gsi, gsi); } static inline int xsm_resource_setup_misc (xsm_default_t def) { - return xsm_ops->resource_setup_misc(); + return alternative_call(xsm_ops.resource_setup_misc); } static inline int xsm_page_offline(xsm_default_t def, uint32_t cmd) { - return xsm_ops->page_offline(cmd); + return alternative_call(xsm_ops.page_offline, cmd); } static inline int xsm_hypfs_op(xsm_default_t def) { - return xsm_ops->hypfs_op(); + return alternative_call(xsm_ops.hypfs_op); } static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { - return xsm_ops->do_xsm_op(op); + /* "op"(struct) is being passed by value, alternative_call does not support */ + return xsm_ops.do_xsm_op(op); } #ifdef CONFIG_COMPAT static inline int xsm_do_compat_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { - return xsm_ops->do_compat_op(op); + /* "op"(struct) is being passed by value, alternative_call does not support */ + return xsm_ops.do_compat_op(op); } #endif static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op) { - return xsm_ops->hvm_param(d, op); + return alternative_call(xsm_ops.hvm_param, d, op); } static inline int xsm_hvm_control(xsm_default_t def, struct domain *d, unsigned long op) { - return xsm_ops->hvm_control(d, op); + return alternative_call(xsm_ops.hvm_control, d, op); } static inline int xsm_hvm_param_altp2mhvm (xsm_default_t def, struct domain *d) { - return xsm_ops->hvm_param_altp2mhvm(d); + return alternative_call(xsm_ops.hvm_param_altp2mhvm, d); } static inline int xsm_hvm_altp2mhvm_op (xsm_default_t def, struct domain *d, uint64_t mode, uint32_t op) { - return xsm_ops->hvm_altp2mhvm_op(d, mode, op); + return alternative_call(xsm_ops.hvm_altp2mhvm_op, d, mode, op); } static inline int xsm_get_vnumainfo (xsm_default_t def, struct domain *d) { - return xsm_ops->get_vnumainfo(d); + return alternative_call(xsm_ops.get_vnumainfo, d); } static inline int xsm_vm_event_control (xsm_default_t def, struct domain *d, int mode, int op) { - return xsm_ops->vm_event_control(d, mode, op); + return alternative_call(xsm_ops.vm_event_control, d, mode, op); } #ifdef CONFIG_MEM_ACCESS static inline int xsm_mem_access (xsm_default_t def, struct domain *d) { - return xsm_ops->mem_access(d); + return alternative_call(xsm_ops.mem_access, d); } #endif #ifdef CONFIG_MEM_PAGING static inline int xsm_mem_paging (xsm_default_t def, struct domain *d) { - return xsm_ops->mem_paging(d); + return alternative_call(xsm_ops.mem_paging, d); } #endif #ifdef CONFIG_MEM_SHARING static inline int xsm_mem_sharing (xsm_default_t def, struct domain *d) { - return xsm_ops->mem_sharing(d); + return alternative_call(xsm_ops.mem_sharing, d); } #endif static inline int xsm_platform_op (xsm_default_t def, uint32_t op) { - return xsm_ops->platform_op(op); + return alternative_call(xsm_ops.platform_op, op); } #ifdef CONFIG_X86 static inline int xsm_do_mca(xsm_default_t def) { - return xsm_ops->do_mca(); + return alternative_call(xsm_ops.do_mca); } static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, uint32_t op) { - return xsm_ops->shadow_control(d, op); + return alternative_call(xsm_ops.shadow_control, d, op); } static inline int xsm_mem_sharing_op (xsm_default_t def, struct domain *d, struct domain *cd, int op) { - return xsm_ops->mem_sharing_op(d, cd, op); + return alternative_call(xsm_ops.mem_sharing_op, d, cd, op); } static inline int xsm_apic (xsm_default_t def, struct domain *d, int cmd) { - return xsm_ops->apic(d, cmd); + return alternative_call(xsm_ops.apic, d, cmd); } static inline int xsm_memtype (xsm_default_t def, uint32_t access) { - return xsm_ops->memtype(access); + return alternative_call(xsm_ops.memtype, access); } static inline int xsm_machine_memory_map(xsm_default_t def) { - return xsm_ops->machine_memory_map(); + return alternative_call(xsm_ops.machine_memory_map); } static inline int xsm_domain_memory_map(xsm_default_t def, struct domain *d) { - return xsm_ops->domain_memory_map(d); + return alternative_call(xsm_ops.domain_memory_map, d); } static inline int xsm_mmu_update (xsm_default_t def, struct domain *d, struct domain *t, struct domain *f, uint32_t flags) { - return xsm_ops->mmu_update(d, t, f, flags); + return alternative_call(xsm_ops.mmu_update, d, t, f, flags); } static inline int xsm_mmuext_op (xsm_default_t def, struct domain *d, struct domain *f) { - return xsm_ops->mmuext_op(d, f); + return alternative_call(xsm_ops.mmuext_op, d, f); } static inline int xsm_update_va_mapping(xsm_default_t def, struct domain *d, struct domain *f, l1_pgentry_t pte) { - return xsm_ops->update_va_mapping(d, f, pte); + /* pte(struct) is being passed by value, alternative_call does not support */ + return xsm_ops.update_va_mapping(d, f, pte); } static inline int xsm_priv_mapping(xsm_default_t def, struct domain *d, struct domain *t) { - return xsm_ops->priv_mapping(d, t); + return alternative_call(xsm_ops.priv_mapping, d, t); } static inline int xsm_ioport_permission (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { - return xsm_ops->ioport_permission(d, s, e, allow); + return alternative_call(xsm_ops.ioport_permission, d, s, e, allow); } static inline int xsm_ioport_mapping (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { - return xsm_ops->ioport_mapping(d, s, e, allow); + return alternative_call(xsm_ops.ioport_mapping, d, s, e, allow); } static inline int xsm_pmu_op (xsm_default_t def, struct domain *d, unsigned int op) { - return xsm_ops->pmu_op(d, op); + return alternative_call(xsm_ops.pmu_op, d, op); } #endif /* CONFIG_X86 */ static inline int xsm_dm_op(xsm_default_t def, struct domain *d) { - return xsm_ops->dm_op(d); + return alternative_call(xsm_ops.dm_op, d); } static inline int xsm_xen_version (xsm_default_t def, uint32_t op) { - return xsm_ops->xen_version(op); + return alternative_call(xsm_ops.xen_version, op); } static inline int xsm_domain_resource_map(xsm_default_t def, struct domain *d) { - return xsm_ops->domain_resource_map(d); + return alternative_call(xsm_ops.domain_resource_map, d); } #ifdef CONFIG_ARGO static inline int xsm_argo_enable(const struct domain *d) { - return xsm_ops->argo_enable(d); + return alternative_call(xsm_ops.argo_enable, d); } static inline int xsm_argo_register_single_source(const struct domain *d, const struct domain *t) { - return xsm_ops->argo_register_single_source(d, t); + return alternative_call(xsm_ops.argo_register_single_source, d, t); } static inline int xsm_argo_register_any_source(const struct domain *d) { - return xsm_ops->argo_register_any_source(d); + return alternative_call(xsm_ops.argo_register_any_source, d); } static inline int xsm_argo_send(const struct domain *d, const struct domain *t) { - return xsm_ops->argo_send(d, t); + return alternative_call(xsm_ops.argo_send, d, t); } #endif /* CONFIG_ARGO */ diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c index de44b10130..066694763a 100644 --- a/xen/xsm/dummy.c +++ b/xen/xsm/dummy.c @@ -13,8 +13,6 @@ #define XSM_NO_WRAPPERS #include -struct xsm_operations dummy_xsm_ops; - #define set_to_dummy_if_null(ops, function) \ do { \ if ( !ops->function ) \ diff --git a/xen/xsm/flask/flask_op.c b/xen/xsm/flask/flask_op.c index 01e52138a1..df9fcc1d6d 100644 --- a/xen/xsm/flask/flask_op.c +++ b/xen/xsm/flask/flask_op.c @@ -225,26 +225,7 @@ static int flask_security_sid(struct xen_flask_sid_context *arg) static int flask_disable(void) { - static int flask_disabled = 0; - - if ( ss_initialized ) - { - /* Not permitted after initial policy load. */ - return -EINVAL; - } - - if ( flask_disabled ) - { - /* Only do this once. */ - return -EINVAL; - } - - printk("Flask: Disabled at runtime.\n"); - - flask_disabled = 1; - - /* Reset xsm_ops to the original module. */ - xsm_ops = &dummy_xsm_ops; + printk("Flask: Disabling is not supported.\n"); return 0; } diff --git a/xen/xsm/xsm_core.c b/xen/xsm/xsm_core.c index 5eab21e1b1..acc1af7166 100644 --- a/xen/xsm/xsm_core.c +++ b/xen/xsm/xsm_core.c @@ -28,9 +28,17 @@ #include #endif -#define XSM_FRAMEWORK_VERSION "1.0.0" +#define XSM_FRAMEWORK_VERSION "1.0.1" -struct xsm_operations *xsm_ops; +struct xsm_operations xsm_ops; + +enum xsm_ops_state { + XSM_OPS_UNREGISTERED, + XSM_OPS_REG_FAILED, + XSM_OPS_REGISTERED, +}; + +static enum xsm_ops_state xsm_ops_registered = XSM_OPS_UNREGISTERED; enum xsm_bootparam { XSM_BOOTPARAM_DUMMY, @@ -68,15 +76,6 @@ static int __init parse_xsm_param(const char *s) } custom_param("xsm", parse_xsm_param); -static inline int verify(struct xsm_operations *ops) -{ - /* verify the security_operations structure exists */ - if ( !ops ) - return -EINVAL; - xsm_fixup_ops(ops); - return 0; -} - static int __init xsm_core_init(const void *policy_buffer, size_t policy_size) { #ifdef CONFIG_XSM_FLASK_POLICY @@ -87,17 +86,22 @@ static int __init xsm_core_init(const void *policy_buffer, size_t policy_size) } #endif - if ( verify(&dummy_xsm_ops) ) + if ( xsm_ops_registered != XSM_OPS_UNREGISTERED ) { - printk(XENLOG_ERR "Could not verify dummy_xsm_ops structure\n"); + printk(XENLOG_ERR + "Could not init XSM, xsm_ops register already attempted\n"); return -EIO; } - xsm_ops = &dummy_xsm_ops; + /* install the dummy ops as default to ensure ops + * are defined if requested policy fails init + */ + xsm_fixup_ops(&xsm_ops); switch ( xsm_bootparam ) { case XSM_BOOTPARAM_DUMMY: + xsm_ops_registered = XSM_OPS_REGISTERED; break; case XSM_BOOTPARAM_FLASK: @@ -113,6 +117,9 @@ static int __init xsm_core_init(const void *policy_buffer, size_t policy_size) break; } + if ( xsm_ops_registered != XSM_OPS_REGISTERED ) + xsm_ops_registered = XSM_OPS_REG_FAILED; + return 0; } @@ -197,16 +204,21 @@ bool __init has_xsm_magic(paddr_t start) int __init register_xsm(struct xsm_operations *ops) { - if ( verify(ops) ) + if ( xsm_ops_registered != XSM_OPS_UNREGISTERED ) + return -EAGAIN; + + if ( !ops ) { - printk(XENLOG_ERR "Could not verify xsm_operations structure\n"); + xsm_ops_registered = XSM_OPS_REG_FAILED; + printk(XENLOG_ERR "Invalid xsm_operations structure registered\n"); return -EINVAL; } - if ( xsm_ops != &dummy_xsm_ops ) - return -EAGAIN; + /* use dummy ops for any empty ops */ + xsm_fixup_ops(ops); - xsm_ops = ops; + xsm_ops = *ops; + xsm_ops_registered = XSM_OPS_REGISTERED; return 0; } From patchwork Thu Jun 17 23:39:14 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Daniel P. Smith" X-Patchwork-Id: 12329743 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 77BFDC2B9F4 for ; Thu, 17 Jun 2021 23:32:56 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1F07A61184 for ; Thu, 17 Jun 2021 23:32:56 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1F07A61184 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=apertussolutions.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.144235.265541 (Exim 4.92) (envelope-from ) id 1lu1V9-000619-Mu; Thu, 17 Jun 2021 23:32:47 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 144235.265541; Thu, 17 Jun 2021 23:32:47 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lu1V9-000612-JQ; Thu, 17 Jun 2021 23:32:47 +0000 Received: by outflank-mailman (input) for mailman id 144235; Thu, 17 Jun 2021 23:32:46 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lu1V8-00060e-Eg for xen-devel@lists.xenproject.org; Thu, 17 Jun 2021 23:32:46 +0000 Received: from sender4-of-o51.zoho.com (unknown [136.143.188.51]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 15bb2d43-5a71-4c24-a6f1-e3023f6de940; Thu, 17 Jun 2021 23:32:44 +0000 (UTC) Received: from sisyou.hme. (static-72-81-132-2.bltmmd.fios.verizon.net [72.81.132.2]) by mx.zohomail.com with SMTPS id 1623972576629514.3458375101217; Thu, 17 Jun 2021 16:29:36 -0700 (PDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 15bb2d43-5a71-4c24-a6f1-e3023f6de940 ARC-Seal: i=1; a=rsa-sha256; t=1623972579; cv=none; d=zohomail.com; s=zohoarc; b=NQqgNX9OxrUfo0glFexSXGJn9emKXMOn+AKVzJNBy8L8GSkzOXd+R4ZsUULFyK1j/9dTVLZ6ckkbbG77mVC+qIy9Dm7kH9cYTZr5k/Y55VSTd/ekZMH0AMLVSq0UGAcd0PIwAr1hokJIOpm0O/ncjP/cb/TLRTb8dqhbI+Stp/g= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1623972579; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=3mB5hO2757p/4LpDpnIePDctsNS8pYN/1zi4yPRAbnY=; b=fujkNITP9QyuBVP4iL5sg7C+yQsMbdqMIdvfgeSTheI0EB9wx+MX+RLyy0+RaP0oU9w8jLM9+aHLH+EJ79uP4abkZ7RdM62S3F7yCdQiGgqoXJgMjV5XUEJGCK5orzn8fVruus11lQjtG0T8RteVksWv/1E1c/238nSb36mzbGA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@apertussolutions.com; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1623972579; s=zoho; d=apertussolutions.com; i=dpsmith@apertussolutions.com; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding; bh=3mB5hO2757p/4LpDpnIePDctsNS8pYN/1zi4yPRAbnY=; b=rG/FbrAIkzq7xRAxDNpl6Ro2ZW/1pbT3wvD0pM7I2mKuFGqVOcnUhqnhocn+ajlC xWBsHteAvQF1cGoOtrgwPcnjKrkq5bdvWuV7938DWguUgKzfe4ZtBIHNNrACudZ62nM TJZWxcK7XoCFGqFR1XK8wngLi4JYjyLg5XUP61YA= From: "Daniel P. Smith" To: xen-devel@lists.xenproject.org Cc: Stefano Stabellini , Julien Grall , Volodymyr Babchuk , Andrew Cooper , George Dunlap , Ian Jackson , Jan Beulich , Wei Liu , =?utf-8?q?Roger_Pau_?= =?utf-8?q?Monn=C3=A9?= , Tamas K Lengyel , Tim Deegan , Juergen Gross , Alexandru Isaila , Petre Pircalabu , Dario Faggioli , Paul Durrant , Daniel De Graaf , persaur@gmail.com, christopher.w.clark@gmail.com, adam.schwalm@starlab.io, scott.davis@starlab.io Subject: [PATCH 2/6] xsm: decouple xsm header inclusion selection Date: Thu, 17 Jun 2021 19:39:14 -0400 Message-Id: <20210617233918.10095-3-dpsmith@apertussolutions.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210617233918.10095-1-dpsmith@apertussolutions.com> References: <20210617233918.10095-1-dpsmith@apertussolutions.com> MIME-Version: 1.0 X-ZohoMailClient: External Multiple preprocessor defines were used as a mechanism to selective include parts of the xsm.h header file. This makes it difficult to know which portion is being included at anyone time. This commit works to simplify this by separating the core structure and functions of XSM into xsm-core.h away from the wrapper functions which remain in xsm.h and dummy.h. Signed-off-by: Daniel P. Smith --- xen/include/xsm/dummy.h | 2 +- xen/include/xsm/xsm-core.h | 262 +++++++++++++++++++++++++++++++++++++ xen/include/xsm/xsm.h | 240 +-------------------------------- xen/xsm/dummy.c | 1 - xen/xsm/silo.c | 1 - 5 files changed, 264 insertions(+), 242 deletions(-) create mode 100644 xen/include/xsm/xsm-core.h diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index 363c6d7798..c445c5681b 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -16,7 +16,7 @@ */ #include -#include +#include #include /* Cannot use BUILD_BUG_ON here because the expressions we check are not diff --git a/xen/include/xsm/xsm-core.h b/xen/include/xsm/xsm-core.h new file mode 100644 index 0000000000..5297c73fe6 --- /dev/null +++ b/xen/include/xsm/xsm-core.h @@ -0,0 +1,262 @@ +/* + * This file contains the XSM hook definitions for Xen. + * + * This work is based on the LSM implementation in Linux 2.6.13.4. + * + * Author: George Coker, + * + * Contributors: Michael LeMay, + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * as published by the Free Software Foundation. + */ + +#ifndef __XSM_CORE_H__ +#define __XSM_CORE_H__ + +#include +#include + +typedef void xsm_op_t; +DEFINE_XEN_GUEST_HANDLE(xsm_op_t); + +/* policy magic number (defined by XSM_MAGIC) */ +typedef u32 xsm_magic_t; + +#ifdef CONFIG_XSM_FLASK +#define XSM_MAGIC 0xf97cff8c +#else +#define XSM_MAGIC 0x0 +#endif + +/* These annotations are used by callers and in dummy.h to document the + * default actions of XSM hooks. They should be compiled out otherwise. + */ +enum xsm_default { + XSM_HOOK, /* Guests can normally access the hypercall */ + XSM_DM_PRIV, /* Device model can perform on its target domain */ + XSM_TARGET, /* Can perform on self or your target domain */ + XSM_PRIV, /* Privileged - normally restricted to dom0 */ + XSM_XS_PRIV, /* Xenstore domain - can do some privileged operations */ + XSM_OTHER /* Something more complex */ +}; +typedef enum xsm_default xsm_default_t; + +struct xsm_operations { + void (*security_domaininfo) (struct domain *d, + struct xen_domctl_getdomaininfo *info); + int (*domain_create) (struct domain *d, u32 ssidref); + int (*getdomaininfo) (struct domain *d); + int (*domctl_scheduler_op) (struct domain *d, int op); + int (*sysctl_scheduler_op) (int op); + int (*set_target) (struct domain *d, struct domain *e); + int (*domctl) (struct domain *d, int cmd); + int (*sysctl) (int cmd); + int (*readconsole) (uint32_t clear); + + int (*evtchn_unbound) (struct domain *d, struct evtchn *chn, domid_t id2); + int (*evtchn_interdomain) (struct domain *d1, struct evtchn *chn1, + struct domain *d2, struct evtchn *chn2); + void (*evtchn_close_post) (struct evtchn *chn); + int (*evtchn_send) (struct domain *d, struct evtchn *chn); + int (*evtchn_status) (struct domain *d, struct evtchn *chn); + int (*evtchn_reset) (struct domain *d1, struct domain *d2); + + int (*grant_mapref) (struct domain *d1, struct domain *d2, uint32_t flags); + int (*grant_unmapref) (struct domain *d1, struct domain *d2); + int (*grant_setup) (struct domain *d1, struct domain *d2); + int (*grant_transfer) (struct domain *d1, struct domain *d2); + int (*grant_copy) (struct domain *d1, struct domain *d2); + int (*grant_query_size) (struct domain *d1, struct domain *d2); + + int (*alloc_security_domain) (struct domain *d); + void (*free_security_domain) (struct domain *d); + int (*alloc_security_evtchns) (struct evtchn chn[], unsigned int nr); + void (*free_security_evtchns) (struct evtchn chn[], unsigned int nr); + char *(*show_security_evtchn) (struct domain *d, const struct evtchn *chn); + int (*init_hardware_domain) (struct domain *d); + + int (*get_pod_target) (struct domain *d); + int (*set_pod_target) (struct domain *d); + int (*memory_exchange) (struct domain *d); + int (*memory_adjust_reservation) (struct domain *d1, struct domain *d2); + int (*memory_stat_reservation) (struct domain *d1, struct domain *d2); + int (*memory_pin_page) (struct domain *d1, struct domain *d2, struct page_info *page); + int (*add_to_physmap) (struct domain *d1, struct domain *d2); + int (*remove_from_physmap) (struct domain *d1, struct domain *d2); + int (*map_gmfn_foreign) (struct domain *d, struct domain *t); + int (*claim_pages) (struct domain *d); + + int (*console_io) (struct domain *d, int cmd); + + int (*profile) (struct domain *d, int op); + + int (*kexec) (void); + int (*schedop_shutdown) (struct domain *d1, struct domain *d2); + + char *(*show_irq_sid) (int irq); + int (*map_domain_pirq) (struct domain *d); + int (*map_domain_irq) (struct domain *d, int irq, const void *data); + int (*unmap_domain_pirq) (struct domain *d); + int (*unmap_domain_irq) (struct domain *d, int irq, const void *data); + int (*bind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); + int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); + int (*irq_permission) (struct domain *d, int pirq, uint8_t allow); + int (*iomem_permission) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow); + int (*iomem_mapping) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow); + int (*pci_config_permission) (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access); + +#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) + int (*get_device_group) (uint32_t machine_bdf); + int (*assign_device) (struct domain *d, uint32_t machine_bdf); + int (*deassign_device) (struct domain *d, uint32_t machine_bdf); +#endif + +#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE) + int (*assign_dtdevice) (struct domain *d, const char *dtpath); + int (*deassign_dtdevice) (struct domain *d, const char *dtpath); +#endif + + int (*resource_plug_core) (void); + int (*resource_unplug_core) (void); + int (*resource_plug_pci) (uint32_t machine_bdf); + int (*resource_unplug_pci) (uint32_t machine_bdf); + int (*resource_setup_pci) (uint32_t machine_bdf); + int (*resource_setup_gsi) (int gsi); + int (*resource_setup_misc) (void); + + int (*page_offline)(uint32_t cmd); + int (*hypfs_op)(void); + + long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); +#ifdef CONFIG_COMPAT + int (*do_compat_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); +#endif + + int (*hvm_param) (struct domain *d, unsigned long op); + int (*hvm_control) (struct domain *d, unsigned long op); + int (*hvm_param_altp2mhvm) (struct domain *d); + int (*hvm_altp2mhvm_op) (struct domain *d, uint64_t mode, uint32_t op); + int (*get_vnumainfo) (struct domain *d); + + int (*vm_event_control) (struct domain *d, int mode, int op); + +#ifdef CONFIG_MEM_ACCESS + int (*mem_access) (struct domain *d); +#endif + +#ifdef CONFIG_MEM_PAGING + int (*mem_paging) (struct domain *d); +#endif + +#ifdef CONFIG_MEM_SHARING + int (*mem_sharing) (struct domain *d); +#endif + + int (*platform_op) (uint32_t cmd); + +#ifdef CONFIG_X86 + int (*do_mca) (void); + int (*shadow_control) (struct domain *d, uint32_t op); + int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op); + int (*apic) (struct domain *d, int cmd); + int (*memtype) (uint32_t access); + int (*machine_memory_map) (void); + int (*domain_memory_map) (struct domain *d); +#define XSM_MMU_UPDATE_READ 1 +#define XSM_MMU_UPDATE_WRITE 2 +#define XSM_MMU_NORMAL_UPDATE 4 +#define XSM_MMU_MACHPHYS_UPDATE 8 + int (*mmu_update) (struct domain *d, struct domain *t, + struct domain *f, uint32_t flags); + int (*mmuext_op) (struct domain *d, struct domain *f); + int (*update_va_mapping) (struct domain *d, struct domain *f, l1_pgentry_t pte); + int (*priv_mapping) (struct domain *d, struct domain *t); + int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); + int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); + int (*pmu_op) (struct domain *d, unsigned int op); +#endif + int (*dm_op) (struct domain *d); + int (*xen_version) (uint32_t cmd); + int (*domain_resource_map) (struct domain *d); +#ifdef CONFIG_ARGO + int (*argo_enable) (const struct domain *d); + int (*argo_register_single_source) (const struct domain *d, + const struct domain *t); + int (*argo_register_any_source) (const struct domain *d); + int (*argo_send) (const struct domain *d, const struct domain *t); +#endif +}; + +#ifdef CONFIG_XSM + +#ifdef CONFIG_MULTIBOOT +extern int xsm_multiboot_init(unsigned long *module_map, + const multiboot_info_t *mbi); +extern int xsm_multiboot_policy_init(unsigned long *module_map, + const multiboot_info_t *mbi, + void **policy_buffer, + size_t *policy_size); +#endif + +#ifdef CONFIG_HAS_DEVICE_TREE +/* + * Initialize XSM + * + * On success, return 1 if using SILO mode else 0. + */ +extern int xsm_dt_init(void); +extern int xsm_dt_policy_init(void **policy_buffer, size_t *policy_size); +extern bool has_xsm_magic(paddr_t); +#endif + +extern int register_xsm(struct xsm_operations *ops); + +extern struct xsm_operations dummy_xsm_ops; +extern void xsm_fixup_ops(struct xsm_operations *ops); + +#ifdef CONFIG_XSM_FLASK +extern void flask_init(const void *policy_buffer, size_t policy_size); +#else +static inline void flask_init(const void *policy_buffer, size_t policy_size) +{ +} +#endif + +#ifdef CONFIG_XSM_FLASK_POLICY +extern const unsigned char xsm_flask_init_policy[]; +extern const unsigned int xsm_flask_init_policy_size; +#endif + +#ifdef CONFIG_XSM_SILO +extern void silo_init(void); +#else +static inline void silo_init(void) {} +#endif + +#else /* CONFIG_XSM */ + +#ifdef CONFIG_MULTIBOOT +static inline int xsm_multiboot_init (unsigned long *module_map, + const multiboot_info_t *mbi) +{ + return 0; +} +#endif + +#ifdef CONFIG_HAS_DEVICE_TREE +static inline int xsm_dt_init(void) +{ + return 0; +} + +static inline bool has_xsm_magic(paddr_t start) +{ + return false; +} +#endif /* CONFIG_HAS_DEVICE_TREE */ + +#endif /* CONFIG_XSM */ + +#endif /* __XSM_CORE_H */ diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index 86ca045e74..ecbdee2c7d 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -20,184 +20,12 @@ #endif #include #include - -typedef void xsm_op_t; -DEFINE_XEN_GUEST_HANDLE(xsm_op_t); - -/* policy magic number (defined by XSM_MAGIC) */ -typedef u32 xsm_magic_t; - -#ifdef CONFIG_XSM_FLASK -#define XSM_MAGIC 0xf97cff8c -#else -#define XSM_MAGIC 0x0 -#endif - -/* These annotations are used by callers and in dummy.h to document the - * default actions of XSM hooks. They should be compiled out otherwise. - */ -enum xsm_default { - XSM_HOOK, /* Guests can normally access the hypercall */ - XSM_DM_PRIV, /* Device model can perform on its target domain */ - XSM_TARGET, /* Can perform on self or your target domain */ - XSM_PRIV, /* Privileged - normally restricted to dom0 */ - XSM_XS_PRIV, /* Xenstore domain - can do some privileged operations */ - XSM_OTHER /* Something more complex */ -}; -typedef enum xsm_default xsm_default_t; - -struct xsm_operations { - void (*security_domaininfo) (struct domain *d, - struct xen_domctl_getdomaininfo *info); - int (*domain_create) (struct domain *d, u32 ssidref); - int (*getdomaininfo) (struct domain *d); - int (*domctl_scheduler_op) (struct domain *d, int op); - int (*sysctl_scheduler_op) (int op); - int (*set_target) (struct domain *d, struct domain *e); - int (*domctl) (struct domain *d, int cmd); - int (*sysctl) (int cmd); - int (*readconsole) (uint32_t clear); - - int (*evtchn_unbound) (struct domain *d, struct evtchn *chn, domid_t id2); - int (*evtchn_interdomain) (struct domain *d1, struct evtchn *chn1, - struct domain *d2, struct evtchn *chn2); - void (*evtchn_close_post) (struct evtchn *chn); - int (*evtchn_send) (struct domain *d, struct evtchn *chn); - int (*evtchn_status) (struct domain *d, struct evtchn *chn); - int (*evtchn_reset) (struct domain *d1, struct domain *d2); - - int (*grant_mapref) (struct domain *d1, struct domain *d2, uint32_t flags); - int (*grant_unmapref) (struct domain *d1, struct domain *d2); - int (*grant_setup) (struct domain *d1, struct domain *d2); - int (*grant_transfer) (struct domain *d1, struct domain *d2); - int (*grant_copy) (struct domain *d1, struct domain *d2); - int (*grant_query_size) (struct domain *d1, struct domain *d2); - - int (*alloc_security_domain) (struct domain *d); - void (*free_security_domain) (struct domain *d); - int (*alloc_security_evtchns) (struct evtchn chn[], unsigned int nr); - void (*free_security_evtchns) (struct evtchn chn[], unsigned int nr); - char *(*show_security_evtchn) (struct domain *d, const struct evtchn *chn); - int (*init_hardware_domain) (struct domain *d); - - int (*get_pod_target) (struct domain *d); - int (*set_pod_target) (struct domain *d); - int (*memory_exchange) (struct domain *d); - int (*memory_adjust_reservation) (struct domain *d1, struct domain *d2); - int (*memory_stat_reservation) (struct domain *d1, struct domain *d2); - int (*memory_pin_page) (struct domain *d1, struct domain *d2, struct page_info *page); - int (*add_to_physmap) (struct domain *d1, struct domain *d2); - int (*remove_from_physmap) (struct domain *d1, struct domain *d2); - int (*map_gmfn_foreign) (struct domain *d, struct domain *t); - int (*claim_pages) (struct domain *d); - - int (*console_io) (struct domain *d, int cmd); - - int (*profile) (struct domain *d, int op); - - int (*kexec) (void); - int (*schedop_shutdown) (struct domain *d1, struct domain *d2); - - char *(*show_irq_sid) (int irq); - int (*map_domain_pirq) (struct domain *d); - int (*map_domain_irq) (struct domain *d, int irq, const void *data); - int (*unmap_domain_pirq) (struct domain *d); - int (*unmap_domain_irq) (struct domain *d, int irq, const void *data); - int (*bind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); - int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); - int (*irq_permission) (struct domain *d, int pirq, uint8_t allow); - int (*iomem_permission) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow); - int (*iomem_mapping) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow); - int (*pci_config_permission) (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access); - -#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) - int (*get_device_group) (uint32_t machine_bdf); - int (*assign_device) (struct domain *d, uint32_t machine_bdf); - int (*deassign_device) (struct domain *d, uint32_t machine_bdf); -#endif - -#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE) - int (*assign_dtdevice) (struct domain *d, const char *dtpath); - int (*deassign_dtdevice) (struct domain *d, const char *dtpath); -#endif - - int (*resource_plug_core) (void); - int (*resource_unplug_core) (void); - int (*resource_plug_pci) (uint32_t machine_bdf); - int (*resource_unplug_pci) (uint32_t machine_bdf); - int (*resource_setup_pci) (uint32_t machine_bdf); - int (*resource_setup_gsi) (int gsi); - int (*resource_setup_misc) (void); - - int (*page_offline)(uint32_t cmd); - int (*hypfs_op)(void); - - long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); -#ifdef CONFIG_COMPAT - int (*do_compat_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); -#endif - - int (*hvm_param) (struct domain *d, unsigned long op); - int (*hvm_control) (struct domain *d, unsigned long op); - int (*hvm_param_altp2mhvm) (struct domain *d); - int (*hvm_altp2mhvm_op) (struct domain *d, uint64_t mode, uint32_t op); - int (*get_vnumainfo) (struct domain *d); - - int (*vm_event_control) (struct domain *d, int mode, int op); - -#ifdef CONFIG_MEM_ACCESS - int (*mem_access) (struct domain *d); -#endif - -#ifdef CONFIG_MEM_PAGING - int (*mem_paging) (struct domain *d); -#endif - -#ifdef CONFIG_MEM_SHARING - int (*mem_sharing) (struct domain *d); -#endif - - int (*platform_op) (uint32_t cmd); - -#ifdef CONFIG_X86 - int (*do_mca) (void); - int (*shadow_control) (struct domain *d, uint32_t op); - int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op); - int (*apic) (struct domain *d, int cmd); - int (*memtype) (uint32_t access); - int (*machine_memory_map) (void); - int (*domain_memory_map) (struct domain *d); -#define XSM_MMU_UPDATE_READ 1 -#define XSM_MMU_UPDATE_WRITE 2 -#define XSM_MMU_NORMAL_UPDATE 4 -#define XSM_MMU_MACHPHYS_UPDATE 8 - int (*mmu_update) (struct domain *d, struct domain *t, - struct domain *f, uint32_t flags); - int (*mmuext_op) (struct domain *d, struct domain *f); - int (*update_va_mapping) (struct domain *d, struct domain *f, l1_pgentry_t pte); - int (*priv_mapping) (struct domain *d, struct domain *t); - int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); - int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); - int (*pmu_op) (struct domain *d, unsigned int op); -#endif - int (*dm_op) (struct domain *d); - int (*xen_version) (uint32_t cmd); - int (*domain_resource_map) (struct domain *d); -#ifdef CONFIG_ARGO - int (*argo_enable) (const struct domain *d); - int (*argo_register_single_source) (const struct domain *d, - const struct domain *t); - int (*argo_register_any_source) (const struct domain *d); - int (*argo_send) (const struct domain *d, const struct domain *t); -#endif -}; +#include #ifdef CONFIG_XSM extern struct xsm_operations xsm_ops; -#ifndef XSM_NO_WRAPPERS - static inline void xsm_security_domaininfo (struct domain *d, struct xen_domctl_getdomaininfo *info) { @@ -731,76 +559,10 @@ static inline int xsm_argo_send(const struct domain *d, const struct domain *t) #endif /* CONFIG_ARGO */ -#endif /* XSM_NO_WRAPPERS */ - -#ifdef CONFIG_MULTIBOOT -extern int xsm_multiboot_init(unsigned long *module_map, - const multiboot_info_t *mbi); -extern int xsm_multiboot_policy_init(unsigned long *module_map, - const multiboot_info_t *mbi, - void **policy_buffer, - size_t *policy_size); -#endif - -#ifdef CONFIG_HAS_DEVICE_TREE -/* - * Initialize XSM - * - * On success, return 1 if using SILO mode else 0. - */ -extern int xsm_dt_init(void); -extern int xsm_dt_policy_init(void **policy_buffer, size_t *policy_size); -extern bool has_xsm_magic(paddr_t); -#endif - -extern int register_xsm(struct xsm_operations *ops); - -extern struct xsm_operations dummy_xsm_ops; -extern void xsm_fixup_ops(struct xsm_operations *ops); - -#ifdef CONFIG_XSM_FLASK -extern void flask_init(const void *policy_buffer, size_t policy_size); -#else -static inline void flask_init(const void *policy_buffer, size_t policy_size) -{ -} -#endif - -#ifdef CONFIG_XSM_FLASK_POLICY -extern const unsigned char xsm_flask_init_policy[]; -extern const unsigned int xsm_flask_init_policy_size; -#endif - -#ifdef CONFIG_XSM_SILO -extern void silo_init(void); -#else -static inline void silo_init(void) {} -#endif - #else /* CONFIG_XSM */ #include -#ifdef CONFIG_MULTIBOOT -static inline int xsm_multiboot_init (unsigned long *module_map, - const multiboot_info_t *mbi) -{ - return 0; -} -#endif - -#ifdef CONFIG_HAS_DEVICE_TREE -static inline int xsm_dt_init(void) -{ - return 0; -} - -static inline bool has_xsm_magic(paddr_t start) -{ - return false; -} -#endif /* CONFIG_HAS_DEVICE_TREE */ - #endif /* CONFIG_XSM */ #endif /* __XSM_H */ diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c index 066694763a..de4d6cf2cf 100644 --- a/xen/xsm/dummy.c +++ b/xen/xsm/dummy.c @@ -10,7 +10,6 @@ * as published by the Free Software Foundation. */ -#define XSM_NO_WRAPPERS #include #define set_to_dummy_if_null(ops, function) \ diff --git a/xen/xsm/silo.c b/xen/xsm/silo.c index fc2ca5cd2d..b96dacd181 100644 --- a/xen/xsm/silo.c +++ b/xen/xsm/silo.c @@ -17,7 +17,6 @@ * You should have received a copy of the GNU General Public License along with * this program; If not, see . */ -#define XSM_NO_WRAPPERS #include /* From patchwork Thu Jun 17 23:39:15 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Daniel P. Smith" X-Patchwork-Id: 12329745 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1175FC2B9F4 for ; Thu, 17 Jun 2021 23:35:16 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9C7AF61249 for ; Thu, 17 Jun 2021 23:35:15 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9C7AF61249 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=apertussolutions.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.144244.265553 (Exim 4.92) (envelope-from ) id 1lu1XM-0006oW-8F; Thu, 17 Jun 2021 23:35:04 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 144244.265553; Thu, 17 Jun 2021 23:35:04 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lu1XM-0006oP-53; Thu, 17 Jun 2021 23:35:04 +0000 Received: by outflank-mailman (input) for mailman id 144244; Thu, 17 Jun 2021 23:35:02 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lu1XK-0006oF-Ab for xen-devel@lists.xenproject.org; Thu, 17 Jun 2021 23:35:02 +0000 Received: from sender4-of-o51.zoho.com (unknown [136.143.188.51]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 5185c99c-f8e0-46e3-bf11-24af8bc8a451; Thu, 17 Jun 2021 23:34:59 +0000 (UTC) Received: from sisyou.hme. (static-72-81-132-2.bltmmd.fios.verizon.net [72.81.132.2]) by mx.zohomail.com with SMTPS id 1623972579340440.46145847027356; Thu, 17 Jun 2021 16:29:39 -0700 (PDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 5185c99c-f8e0-46e3-bf11-24af8bc8a451 ARC-Seal: i=1; a=rsa-sha256; t=1623972581; cv=none; d=zohomail.com; s=zohoarc; b=JGIPK+loENL3gc2sisv/9P2ZWHcI/9TKvMcOT2By6qbjMqoxlbj4XZDqPqxvrablqk/2jR2N+g2fwrYA5f0Sf6t01vP3pthcZbxEAzLUMa5FlVpzWBY2gsPl0IKmHIA0tzlIPAKd7J85YQWusY07kLkzGgs9FZaIicBqhTXzbmw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1623972581; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=Ws54z3pzlC/09NQsHviuPwGiXz3verlYYxDyxYgoCQg=; b=FuDY/Zhrieenj6FWF1vF1ndAKH+8r/9vL9hZcGlU4Kx+BYq3nO41u7wRhjQzxOJASMUm3rVozkVycb/OwQUFrzCPkmerMTvfmmu+gD1grEXLXF/Q8xhwYiU1m6XqrTerdoGaysH3qGW4f7xA6h3oDwi118c3WjTaBeh9Qo2nTq4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@apertussolutions.com; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1623972581; s=zoho; d=apertussolutions.com; i=dpsmith@apertussolutions.com; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding; bh=Ws54z3pzlC/09NQsHviuPwGiXz3verlYYxDyxYgoCQg=; b=bUFSVtr+adxQN7bFBNMNvm2AHEihwqH2q7chdhKwvE9Atm87n8Yi3CzL9WPchI+y hQKHFo7JOsNXYyIgbIGc5VnLkeFUuZclmmgpnjIO+1KglsFxz7irz5/E0m/FGbNgB/K 2g0fSvP9ctzivFhwe18gvyCsh+ut77UGAgFQlxak= From: "Daniel P. Smith" To: xen-devel@lists.xenproject.org Cc: Stefano Stabellini , Julien Grall , Volodymyr Babchuk , Andrew Cooper , George Dunlap , Ian Jackson , Jan Beulich , Wei Liu , =?utf-8?q?Roger_Pau_?= =?utf-8?q?Monn=C3=A9?= , Tamas K Lengyel , Tim Deegan , Juergen Gross , Alexandru Isaila , Petre Pircalabu , Dario Faggioli , Paul Durrant , Daniel De Graaf , persaur@gmail.com, christopher.w.clark@gmail.com, adam.schwalm@starlab.io, scott.davis@starlab.io Subject: [PATCH 3/6] xsm: enabling xsm to always be included Date: Thu, 17 Jun 2021 19:39:15 -0400 Message-Id: <20210617233918.10095-4-dpsmith@apertussolutions.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210617233918.10095-1-dpsmith@apertussolutions.com> References: <20210617233918.10095-1-dpsmith@apertussolutions.com> MIME-Version: 1.0 X-ZohoMailClient: External The only difference between !CONFIG_XSM and CONFIG_XSM with !CONFIG_XSM_SILO and !CONFIG_XSM_FLASK is whether the XSM hooks in dummy.h are called as static inline functions or as function pointers to static functions. As such this commit, * eliminates CONFIG_XSM * introduces CONFIG_XSM_EVTCHN_LABELING as replacement for enabling event channel labels * makes CONFIG_XSM_SILO AND CONFIG_XSM_FLASK default to no Signed-off-by: Daniel P. Smith --- xen/common/Kconfig | 55 ++++----- xen/include/xen/sched.h | 2 +- xen/include/xsm/xsm-core.h | 26 ---- xen/include/xsm/xsm.h | 8 -- xen/xsm/Makefile | 4 +- xen/xsm/dummy.c | 4 +- xen/{include => }/xsm/dummy.h | 220 ++++++++++++++++------------------ xen/xsm/silo.c | 17 +-- xen/xsm/xsm_core.c | 4 - 9 files changed, 142 insertions(+), 198 deletions(-) rename xen/{include => }/xsm/dummy.h (63%) diff --git a/xen/common/Kconfig b/xen/common/Kconfig index 0ddd18e11a..203ad7ea23 100644 --- a/xen/common/Kconfig +++ b/xen/common/Kconfig @@ -197,22 +197,33 @@ config XENOPROF If unsure, say Y. -config XSM - bool "Xen Security Modules support" - default ARM - ---help--- - Enables the security framework known as Xen Security Modules which - allows administrators fine-grained control over a Xen domain and - its capabilities by defining permissible interactions between domains, - the hypervisor itself, and related resources such as memory and - devices. +menu "Xen Security Modules" - If unsure, say N. +choice + prompt "Default XSM module" + default XSM_SILO_DEFAULT if XSM_SILO && ARM + default XSM_FLASK_DEFAULT if XSM_FLASK + default XSM_SILO_DEFAULT if XSM_SILO + default XSM_DUMMY_DEFAULT + config XSM_DUMMY_DEFAULT + bool "Match non-XSM behavior" + config XSM_FLASK_DEFAULT + bool "FLux Advanced Security Kernel" if XSM_FLASK + config XSM_SILO_DEFAULT + bool "SILO" if XSM_SILO +endchoice + +config XSM_EVTCHN_LABELING + bool "Enables security labeling of event channels" + default n + ---help--- + This enables an XSM module to label and enforce access control over + event channels. config XSM_FLASK - def_bool y + def_bool n prompt "FLux Advanced Security Kernel support" - depends on XSM + select XSM_EVTCHN_LABELING ---help--- Enables FLASK (FLux Advanced Security Kernel) as the access control mechanism used by the XSM framework. This provides a mandatory access @@ -250,9 +261,8 @@ config XSM_FLASK_POLICY If unsure, say Y. config XSM_SILO - def_bool y + def_bool n prompt "SILO support" - depends on XSM ---help--- Enables SILO as the access control mechanism used by the XSM framework. This is not the default module, add boot parameter xsm=silo to choose @@ -261,25 +271,12 @@ config XSM_SILO If unsure, say Y. -choice - prompt "Default XSM implementation" - depends on XSM - default XSM_SILO_DEFAULT if XSM_SILO && ARM - default XSM_FLASK_DEFAULT if XSM_FLASK - default XSM_SILO_DEFAULT if XSM_SILO - default XSM_DUMMY_DEFAULT - config XSM_DUMMY_DEFAULT - bool "Match non-XSM behavior" - config XSM_FLASK_DEFAULT - bool "FLux Advanced Security Kernel" if XSM_FLASK - config XSM_SILO_DEFAULT - bool "SILO" if XSM_SILO -endchoice +endmenu config LATE_HWDOM bool "Dedicated hardware domain" default n - depends on XSM && X86 + depends on XSM_FLASK && X86 ---help--- Allows the creation of a dedicated hardware domain distinct from domain 0 that manages devices without needing access to other diff --git a/xen/include/xen/sched.h b/xen/include/xen/sched.h index 3982167144..e92d2cdeab 100644 --- a/xen/include/xen/sched.h +++ b/xen/include/xen/sched.h @@ -120,7 +120,7 @@ struct evtchn unsigned short notify_vcpu_id; /* VCPU for local delivery notification */ uint32_t fifo_lastq; /* Data for identifying last queue. */ -#ifdef CONFIG_XSM +#ifdef CONFIG_XSM_EVTCHN_LABELING union { #ifdef XSM_NEED_GENERIC_EVTCHN_SSID /* diff --git a/xen/include/xsm/xsm-core.h b/xen/include/xsm/xsm-core.h index 5297c73fe6..e3718bc62d 100644 --- a/xen/include/xsm/xsm-core.h +++ b/xen/include/xsm/xsm-core.h @@ -189,8 +189,6 @@ struct xsm_operations { #endif }; -#ifdef CONFIG_XSM - #ifdef CONFIG_MULTIBOOT extern int xsm_multiboot_init(unsigned long *module_map, const multiboot_info_t *mbi); @@ -235,28 +233,4 @@ extern void silo_init(void); static inline void silo_init(void) {} #endif -#else /* CONFIG_XSM */ - -#ifdef CONFIG_MULTIBOOT -static inline int xsm_multiboot_init (unsigned long *module_map, - const multiboot_info_t *mbi) -{ - return 0; -} -#endif - -#ifdef CONFIG_HAS_DEVICE_TREE -static inline int xsm_dt_init(void) -{ - return 0; -} - -static inline bool has_xsm_magic(paddr_t start) -{ - return false; -} -#endif /* CONFIG_HAS_DEVICE_TREE */ - -#endif /* CONFIG_XSM */ - #endif /* __XSM_CORE_H */ diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index ecbdee2c7d..69f68300e2 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -22,8 +22,6 @@ #include #include -#ifdef CONFIG_XSM - extern struct xsm_operations xsm_ops; static inline void xsm_security_domaininfo (struct domain *d, @@ -559,10 +557,4 @@ static inline int xsm_argo_send(const struct domain *d, const struct domain *t) #endif /* CONFIG_ARGO */ -#else /* CONFIG_XSM */ - -#include - -#endif /* CONFIG_XSM */ - #endif /* __XSM_H */ diff --git a/xen/xsm/Makefile b/xen/xsm/Makefile index cf0a728f1c..0059794dd5 100644 --- a/xen/xsm/Makefile +++ b/xen/xsm/Makefile @@ -1,6 +1,6 @@ obj-y += xsm_core.o -obj-$(CONFIG_XSM) += xsm_policy.o -obj-$(CONFIG_XSM) += dummy.o +obj-y += xsm_policy.o +obj-y += dummy.o obj-$(CONFIG_XSM_SILO) += silo.o obj-$(CONFIG_XSM_FLASK) += flask/ diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c index de4d6cf2cf..bfd8b96f08 100644 --- a/xen/xsm/dummy.c +++ b/xen/xsm/dummy.c @@ -10,12 +10,12 @@ * as published by the Free Software Foundation. */ -#include +#include "dummy.h" #define set_to_dummy_if_null(ops, function) \ do { \ if ( !ops->function ) \ - ops->function = xsm_##function; \ + ops->function = dummy_##function; \ } while (0) void __init xsm_fixup_ops (struct xsm_operations *ops) diff --git a/xen/include/xsm/dummy.h b/xen/xsm/dummy.h similarity index 63% rename from xen/include/xsm/dummy.h rename to xen/xsm/dummy.h index c445c5681b..7e2bb09dac 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/xsm/dummy.h @@ -42,12 +42,10 @@ static inline void __xsm_action_mismatch_detected(void) void __xsm_action_mismatch_detected(void); #endif -#ifdef CONFIG_XSM - -/* In CONFIG_XSM builds, this header file is included from xsm/dummy.c, and - * contains static (not inline) functions compiled to the dummy XSM module. - * There is no xsm_default_t argument available, so the value from the assertion - * is used to initialize the variable. +/* This header file is included from xsm/dummy.c, and contains static (not + * inline) functions compiled to the dummy XSM module. There is no + * xsm_default_t argument available, so the value from the assertion is used to + * initialize the variable. */ #define XSM_INLINE __maybe_unused @@ -55,20 +53,6 @@ void __xsm_action_mismatch_detected(void); #define XSM_DEFAULT_VOID void #define XSM_ASSERT_ACTION(def) xsm_default_t action = def; (void)action -#else /* CONFIG_XSM */ - -/* In !CONFIG_XSM builds, this header file is included from xsm/xsm.h, and - * contains inline functions for each XSM hook. These functions also perform - * compile-time checks on the xsm_default_t argument to ensure that the behavior - * of the dummy XSM module is the same as the behavior with XSM disabled. - */ -#define XSM_INLINE always_inline -#define XSM_DEFAULT_ARG xsm_default_t action, -#define XSM_DEFAULT_VOID xsm_default_t action -#define XSM_ASSERT_ACTION(def) LINKER_BUG_ON(def != action) - -#endif /* CONFIG_XSM */ - static always_inline int xsm_default_action( xsm_default_t action, struct domain *src, struct domain *target) { @@ -98,43 +82,43 @@ static always_inline int xsm_default_action( } } -static XSM_INLINE void xsm_security_domaininfo(struct domain *d, +static XSM_INLINE void dummy_security_domaininfo(struct domain *d, struct xen_domctl_getdomaininfo *info) { return; } -static XSM_INLINE int xsm_domain_create(XSM_DEFAULT_ARG struct domain *d, u32 ssidref) +static XSM_INLINE int dummy_domain_create(XSM_DEFAULT_ARG struct domain *d, u32 ssidref) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_getdomaininfo(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_getdomaininfo(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_domctl_scheduler_op(XSM_DEFAULT_ARG struct domain *d, int cmd) +static XSM_INLINE int dummy_domctl_scheduler_op(XSM_DEFAULT_ARG struct domain *d, int cmd) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_sysctl_scheduler_op(XSM_DEFAULT_ARG int cmd) +static XSM_INLINE int dummy_sysctl_scheduler_op(XSM_DEFAULT_ARG int cmd) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_set_target(XSM_DEFAULT_ARG struct domain *d, struct domain *e) +static XSM_INLINE int dummy_set_target(XSM_DEFAULT_ARG struct domain *d, struct domain *e) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_domctl(XSM_DEFAULT_ARG struct domain *d, int cmd) +static XSM_INLINE int dummy_domctl(XSM_DEFAULT_ARG struct domain *d, int cmd) { XSM_ASSERT_ACTION(XSM_OTHER); switch ( cmd ) @@ -151,85 +135,85 @@ static XSM_INLINE int xsm_domctl(XSM_DEFAULT_ARG struct domain *d, int cmd) } } -static XSM_INLINE int xsm_sysctl(XSM_DEFAULT_ARG int cmd) +static XSM_INLINE int dummy_sysctl(XSM_DEFAULT_ARG int cmd) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_readconsole(XSM_DEFAULT_ARG uint32_t clear) +static XSM_INLINE int dummy_readconsole(XSM_DEFAULT_ARG uint32_t clear) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_alloc_security_domain(struct domain *d) +static XSM_INLINE int dummy_alloc_security_domain(struct domain *d) { return 0; } -static XSM_INLINE void xsm_free_security_domain(struct domain *d) +static XSM_INLINE void dummy_free_security_domain(struct domain *d) { return; } -static XSM_INLINE int xsm_grant_mapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, +static XSM_INLINE int dummy_grant_mapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, uint32_t flags) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_unmapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static XSM_INLINE int dummy_grant_unmapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_setup(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static XSM_INLINE int dummy_grant_setup(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_transfer(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static XSM_INLINE int dummy_grant_transfer(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_copy(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static XSM_INLINE int dummy_grant_copy(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_query_size(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static XSM_INLINE int dummy_grant_query_size(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_exchange(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_memory_exchange(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_memory_adjust_reservation(XSM_DEFAULT_ARG struct domain *d1, +static XSM_INLINE int dummy_memory_adjust_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_stat_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static XSM_INLINE int dummy_memory_stat_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd) +static XSM_INLINE int dummy_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd) { XSM_ASSERT_ACTION(XSM_OTHER); if ( d->is_console ) @@ -241,129 +225,129 @@ static XSM_INLINE int xsm_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd) return xsm_default_action(XSM_PRIV, d, NULL); } -static XSM_INLINE int xsm_profile(XSM_DEFAULT_ARG struct domain *d, int op) +static XSM_INLINE int dummy_profile(XSM_DEFAULT_ARG struct domain *d, int op) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d, NULL); } -static XSM_INLINE int xsm_kexec(XSM_DEFAULT_VOID) +static XSM_INLINE int dummy_kexec(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_schedop_shutdown(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static XSM_INLINE int dummy_schedop_shutdown(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_pin_page(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, +static XSM_INLINE int dummy_memory_pin_page(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, struct page_info *page) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_claim_pages(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_claim_pages(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_evtchn_unbound(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn, +static XSM_INLINE int dummy_evtchn_unbound(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn, domid_t id2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_evtchn_interdomain(XSM_DEFAULT_ARG struct domain *d1, struct evtchn +static XSM_INLINE int dummy_evtchn_interdomain(XSM_DEFAULT_ARG struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d1, d2); } -static XSM_INLINE void xsm_evtchn_close_post(struct evtchn *chn) +static XSM_INLINE void dummy_evtchn_close_post(struct evtchn *chn) { return; } -static XSM_INLINE int xsm_evtchn_send(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) +static XSM_INLINE int dummy_evtchn_send(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d, NULL); } -static XSM_INLINE int xsm_evtchn_status(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) +static XSM_INLINE int dummy_evtchn_status(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_evtchn_reset(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static XSM_INLINE int dummy_evtchn_reset(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_alloc_security_evtchns( +static XSM_INLINE int dummy_alloc_security_evtchns( struct evtchn chn[], unsigned int nr) { return 0; } -static XSM_INLINE void xsm_free_security_evtchns( +static XSM_INLINE void dummy_free_security_evtchns( struct evtchn chn[], unsigned int nr) { return; } -static XSM_INLINE char *xsm_show_security_evtchn(struct domain *d, const struct evtchn *chn) +static XSM_INLINE char *dummy_show_security_evtchn(struct domain *d, const struct evtchn *chn) { return NULL; } -static XSM_INLINE int xsm_init_hardware_domain(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_init_hardware_domain(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_get_pod_target(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_get_pod_target(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_set_pod_target(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_set_pod_target(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_get_vnumainfo(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_get_vnumainfo(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, current->domain, d); } #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) -static XSM_INLINE int xsm_get_device_group(XSM_DEFAULT_ARG uint32_t machine_bdf) +static XSM_INLINE int dummy_get_device_group(XSM_DEFAULT_ARG uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_assign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) +static XSM_INLINE int dummy_assign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_deassign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) +static XSM_INLINE int dummy_deassign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); @@ -372,14 +356,14 @@ static XSM_INLINE int xsm_deassign_device(XSM_DEFAULT_ARG struct domain *d, uint #endif /* HAS_PASSTHROUGH && HAS_PCI */ #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE) -static XSM_INLINE int xsm_assign_dtdevice(XSM_DEFAULT_ARG struct domain *d, +static XSM_INLINE int dummy_assign_dtdevice(XSM_DEFAULT_ARG struct domain *d, const char *dtpath) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_deassign_dtdevice(XSM_DEFAULT_ARG struct domain *d, +static XSM_INLINE int dummy_deassign_dtdevice(XSM_DEFAULT_ARG struct domain *d, const char *dtpath) { XSM_ASSERT_ACTION(XSM_HOOK); @@ -388,134 +372,134 @@ static XSM_INLINE int xsm_deassign_dtdevice(XSM_DEFAULT_ARG struct domain *d, #endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE */ -static XSM_INLINE int xsm_resource_plug_core(XSM_DEFAULT_VOID) +static XSM_INLINE int dummy_resource_plug_core(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_unplug_core(XSM_DEFAULT_VOID) +static XSM_INLINE int dummy_resource_unplug_core(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_plug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) +static XSM_INLINE int dummy_resource_plug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_unplug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) +static XSM_INLINE int dummy_resource_unplug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) +static XSM_INLINE int dummy_resource_setup_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_gsi(XSM_DEFAULT_ARG int gsi) +static XSM_INLINE int dummy_resource_setup_gsi(XSM_DEFAULT_ARG int gsi) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_misc(XSM_DEFAULT_VOID) +static XSM_INLINE int dummy_resource_setup_misc(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_page_offline(XSM_DEFAULT_ARG uint32_t cmd) +static XSM_INLINE int dummy_page_offline(XSM_DEFAULT_ARG uint32_t cmd) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_hypfs_op(XSM_DEFAULT_VOID) +static XSM_INLINE int dummy_hypfs_op(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) +static XSM_INLINE long dummy_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return -ENOSYS; } #ifdef CONFIG_COMPAT -static XSM_INLINE int xsm_do_compat_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) +static XSM_INLINE int dummy_do_compat_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return -ENOSYS; } #endif -static XSM_INLINE char *xsm_show_irq_sid(int irq) +static XSM_INLINE char *dummy_show_irq_sid(int irq) { return NULL; } -static XSM_INLINE int xsm_map_domain_pirq(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_map_domain_pirq(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_map_domain_irq(XSM_DEFAULT_ARG struct domain *d, +static XSM_INLINE int dummy_map_domain_irq(XSM_DEFAULT_ARG struct domain *d, int irq, const void *data) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_unmap_domain_pirq(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_unmap_domain_pirq(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_bind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) +static XSM_INLINE int dummy_bind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_unbind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) +static XSM_INLINE int dummy_unbind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_unmap_domain_irq(XSM_DEFAULT_ARG struct domain *d, +static XSM_INLINE int dummy_unmap_domain_irq(XSM_DEFAULT_ARG struct domain *d, int irq, const void *data) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_irq_permission(XSM_DEFAULT_ARG struct domain *d, int pirq, uint8_t allow) +static XSM_INLINE int dummy_irq_permission(XSM_DEFAULT_ARG struct domain *d, int pirq, uint8_t allow) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_iomem_permission(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static XSM_INLINE int dummy_iomem_permission(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_iomem_mapping(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static XSM_INLINE int dummy_iomem_mapping(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_pci_config_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf, +static XSM_INLINE int dummy_pci_config_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { @@ -523,43 +507,43 @@ static XSM_INLINE int xsm_pci_config_permission(XSM_DEFAULT_ARG struct domain *d return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_add_to_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static XSM_INLINE int dummy_add_to_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static XSM_INLINE int dummy_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_map_gmfn_foreign(XSM_DEFAULT_ARG struct domain *d, struct domain *t) +static XSM_INLINE int dummy_map_gmfn_foreign(XSM_DEFAULT_ARG struct domain *d, struct domain *t) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d, t); } -static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned long op) +static XSM_INLINE int dummy_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned long op) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_control(XSM_DEFAULT_ARG struct domain *d, unsigned long op) +static XSM_INLINE int dummy_hvm_control(XSM_DEFAULT_ARG struct domain *d, unsigned long op) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_param_altp2mhvm(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_hvm_param_altp2mhvm(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_altp2mhvm_op(XSM_DEFAULT_ARG struct domain *d, uint64_t mode, uint32_t op) +static XSM_INLINE int dummy_hvm_altp2mhvm_op(XSM_DEFAULT_ARG struct domain *d, uint64_t mode, uint32_t op) { XSM_ASSERT_ACTION(XSM_OTHER); @@ -578,14 +562,14 @@ static XSM_INLINE int xsm_hvm_altp2mhvm_op(XSM_DEFAULT_ARG struct domain *d, uin } } -static XSM_INLINE int xsm_vm_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op) +static XSM_INLINE int dummy_vm_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, d); } #ifdef CONFIG_MEM_ACCESS -static XSM_INLINE int xsm_mem_access(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_mem_access(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); @@ -593,7 +577,7 @@ static XSM_INLINE int xsm_mem_access(XSM_DEFAULT_ARG struct domain *d) #endif #ifdef CONFIG_MEM_PAGING -static XSM_INLINE int xsm_mem_paging(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_mem_paging(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); @@ -601,57 +585,57 @@ static XSM_INLINE int xsm_mem_paging(XSM_DEFAULT_ARG struct domain *d) #endif #ifdef CONFIG_MEM_SHARING -static XSM_INLINE int xsm_mem_sharing(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_mem_sharing(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); } #endif -static XSM_INLINE int xsm_platform_op(XSM_DEFAULT_ARG uint32_t op) +static XSM_INLINE int dummy_platform_op(XSM_DEFAULT_ARG uint32_t op) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } #ifdef CONFIG_X86 -static XSM_INLINE int xsm_do_mca(XSM_DEFAULT_VOID) +static XSM_INLINE int dummy_do_mca(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op) +static XSM_INLINE int dummy_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_mem_sharing_op(XSM_DEFAULT_ARG struct domain *d, struct domain *cd, int op) +static XSM_INLINE int dummy_mem_sharing_op(XSM_DEFAULT_ARG struct domain *d, struct domain *cd, int op) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, cd); } -static XSM_INLINE int xsm_apic(XSM_DEFAULT_ARG struct domain *d, int cmd) +static XSM_INLINE int dummy_apic(XSM_DEFAULT_ARG struct domain *d, int cmd) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, d, NULL); } -static XSM_INLINE int xsm_machine_memory_map(XSM_DEFAULT_VOID) +static XSM_INLINE int dummy_machine_memory_map(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_domain_memory_map(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_domain_memory_map(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct domain *t, +static XSM_INLINE int dummy_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct domain *t, struct domain *f, uint32_t flags) { int rc = 0; @@ -663,38 +647,38 @@ static XSM_INLINE int xsm_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct do return rc; } -static XSM_INLINE int xsm_mmuext_op(XSM_DEFAULT_ARG struct domain *d, struct domain *f) +static XSM_INLINE int dummy_mmuext_op(XSM_DEFAULT_ARG struct domain *d, struct domain *f) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_update_va_mapping(XSM_DEFAULT_ARG struct domain *d, struct domain *f, +static XSM_INLINE int dummy_update_va_mapping(XSM_DEFAULT_ARG struct domain *d, struct domain *f, l1_pgentry_t pte) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_priv_mapping(XSM_DEFAULT_ARG struct domain *d, struct domain *t) +static XSM_INLINE int dummy_priv_mapping(XSM_DEFAULT_ARG struct domain *d, struct domain *t) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d, t); } -static XSM_INLINE int xsm_ioport_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static XSM_INLINE int dummy_ioport_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_ioport_mapping(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static XSM_INLINE int dummy_ioport_mapping(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_pmu_op (XSM_DEFAULT_ARG struct domain *d, unsigned int op) +static XSM_INLINE int dummy_pmu_op (XSM_DEFAULT_ARG struct domain *d, unsigned int op) { XSM_ASSERT_ACTION(XSM_OTHER); switch ( op ) @@ -711,30 +695,30 @@ static XSM_INLINE int xsm_pmu_op (XSM_DEFAULT_ARG struct domain *d, unsigned int #endif /* CONFIG_X86 */ -static XSM_INLINE int xsm_dm_op(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_dm_op(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); } #ifdef CONFIG_ARGO -static XSM_INLINE int xsm_argo_enable(const struct domain *d) +static XSM_INLINE int dummy_argo_enable(const struct domain *d) { return 0; } -static XSM_INLINE int xsm_argo_register_single_source(const struct domain *d, +static XSM_INLINE int dummy_argo_register_single_source(const struct domain *d, const struct domain *t) { return 0; } -static XSM_INLINE int xsm_argo_register_any_source(const struct domain *d) +static XSM_INLINE int dummy_argo_register_any_source(const struct domain *d) { return 0; } -static XSM_INLINE int xsm_argo_send(const struct domain *d, +static XSM_INLINE int dummy_argo_send(const struct domain *d, const struct domain *t) { return 0; @@ -743,7 +727,7 @@ static XSM_INLINE int xsm_argo_send(const struct domain *d, #endif /* CONFIG_ARGO */ #include -static XSM_INLINE int xsm_xen_version (XSM_DEFAULT_ARG uint32_t op) +static XSM_INLINE int dummy_xen_version (XSM_DEFAULT_ARG uint32_t op) { XSM_ASSERT_ACTION(XSM_OTHER); switch ( op ) @@ -767,7 +751,7 @@ static XSM_INLINE int xsm_xen_version (XSM_DEFAULT_ARG uint32_t op) } } -static XSM_INLINE int xsm_domain_resource_map(XSM_DEFAULT_ARG struct domain *d) +static XSM_INLINE int dummy_domain_resource_map(XSM_DEFAULT_ARG struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); diff --git a/xen/xsm/silo.c b/xen/xsm/silo.c index b96dacd181..ebe5814efc 100644 --- a/xen/xsm/silo.c +++ b/xen/xsm/silo.c @@ -17,7 +17,8 @@ * You should have received a copy of the GNU General Public License along with * this program; If not, see . */ -#include +#include +#include "dummy.h" /* * Check if inter-domain communication is allowed. @@ -43,7 +44,7 @@ static int silo_evtchn_unbound(struct domain *d1, struct evtchn *chn, else { if ( silo_mode_dom_check(d1, d2) ) - rc = xsm_evtchn_unbound(d1, chn, id2); + rc = dummy_evtchn_unbound(d1, chn, id2); rcu_unlock_domain(d2); } @@ -54,7 +55,7 @@ static int silo_evtchn_interdomain(struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { if ( silo_mode_dom_check(d1, d2) ) - return xsm_evtchn_interdomain(d1, chan1, d2, chan2); + return dummy_evtchn_interdomain(d1, chan1, d2, chan2); return -EPERM; } @@ -62,21 +63,21 @@ static int silo_grant_mapref(struct domain *d1, struct domain *d2, uint32_t flags) { if ( silo_mode_dom_check(d1, d2) ) - return xsm_grant_mapref(d1, d2, flags); + return dummy_grant_mapref(d1, d2, flags); return -EPERM; } static int silo_grant_transfer(struct domain *d1, struct domain *d2) { if ( silo_mode_dom_check(d1, d2) ) - return xsm_grant_transfer(d1, d2); + return dummy_grant_transfer(d1, d2); return -EPERM; } static int silo_grant_copy(struct domain *d1, struct domain *d2) { if ( silo_mode_dom_check(d1, d2) ) - return xsm_grant_copy(d1, d2); + return dummy_grant_copy(d1, d2); return -EPERM; } @@ -86,14 +87,14 @@ static int silo_argo_register_single_source(const struct domain *d1, const struct domain *d2) { if ( silo_mode_dom_check(d1, d2) ) - return xsm_argo_register_single_source(d1, d2); + return dummy_argo_register_single_source(d1, d2); return -EPERM; } static int silo_argo_send(const struct domain *d1, const struct domain *d2) { if ( silo_mode_dom_check(d1, d2) ) - return xsm_argo_send(d1, d2); + return dummy_argo_send(d1, d2); return -EPERM; } diff --git a/xen/xsm/xsm_core.c b/xen/xsm/xsm_core.c index acc1af7166..a51dc6f7dd 100644 --- a/xen/xsm/xsm_core.c +++ b/xen/xsm/xsm_core.c @@ -18,8 +18,6 @@ #include #include -#ifdef CONFIG_XSM - #ifdef CONFIG_MULTIBOOT #include #endif @@ -223,8 +221,6 @@ int __init register_xsm(struct xsm_operations *ops) return 0; } -#endif - long do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return xsm_do_xsm_op(op); From patchwork Thu Jun 17 23:39:16 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Daniel P. Smith" X-Patchwork-Id: 12329747 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5D55EC2B9F4 for ; Thu, 17 Jun 2021 23:35:53 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id EDA2A61263 for ; Thu, 17 Jun 2021 23:35:52 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org EDA2A61263 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=apertussolutions.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.144250.265564 (Exim 4.92) (envelope-from ) id 1lu1Xz-0007Ru-LX; Thu, 17 Jun 2021 23:35:43 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 144250.265564; Thu, 17 Jun 2021 23:35:43 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lu1Xz-0007Rn-Hr; Thu, 17 Jun 2021 23:35:43 +0000 Received: by outflank-mailman (input) for mailman id 144250; Thu, 17 Jun 2021 23:35:42 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lu1Xy-0007Re-2F for xen-devel@lists.xenproject.org; Thu, 17 Jun 2021 23:35:42 +0000 Received: from sender4-of-o51.zoho.com (unknown [136.143.188.51]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 96190fc1-2305-488a-a97f-897775c10852; Thu, 17 Jun 2021 23:35:38 +0000 (UTC) Received: from sisyou.hme. (static-72-81-132-2.bltmmd.fios.verizon.net [72.81.132.2]) by mx.zohomail.com with SMTPS id 1623972581937325.8350726165488; Thu, 17 Jun 2021 16:29:41 -0700 (PDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 96190fc1-2305-488a-a97f-897775c10852 ARC-Seal: i=1; a=rsa-sha256; t=1623972583; cv=none; d=zohomail.com; s=zohoarc; b=gwGd/SJGF+vjh/MKS4pCKD08SH1QXWzt3Ra7lskWXhk41FhKSGGlO2WwlO6nW7XixMbDIRDxOhE9zsIRL3rj3HHEr+nPOzoN8hiBRPcyoCZtTu/T6V/MtrDWvy65YONJ4EWK7Jd0fmNZRZU6yTHNvJYCvWZ5MZlzR9wp9nqZyNQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1623972583; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=NN+fLziBRzBtkvPvDF6TDsmdflwA5o0WlqND7Rn5lLE=; b=YbyWxcfgydQ/fARBxlYK+NN2A7RKd6HNhHmNM3JSfMtfQhgFcBsjdTpyLnJFaM4dSpktg5VmWgsMC3reUUXUIiEllH8nSHrPX0G/LRlX9bcc6gmzILZmKNrYbex0pcWBX/Q6bYUQGeR9aoy8ff4t3nHOXGtnTSKPvliW4SrQ4j4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@apertussolutions.com; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1623972583; s=zoho; d=apertussolutions.com; i=dpsmith@apertussolutions.com; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding; bh=NN+fLziBRzBtkvPvDF6TDsmdflwA5o0WlqND7Rn5lLE=; b=qilEQ+rOIUXXV1erY0KUuwX1qYsRoKC3PgH69GxjXli7bk0cg3uTWqC4xhqxe1XU ScRBzVQBpiFYfFPu0mgKQjTwA4pnE013ejJlNX166DVuHhxqv704R1vmNVlED2Bugbn RJLfzLx6IhHw0cgSxaArGLhm8OpTjerxu7FDvVF4= From: "Daniel P. Smith" To: xen-devel@lists.xenproject.org Cc: Stefano Stabellini , Julien Grall , Volodymyr Babchuk , Andrew Cooper , George Dunlap , Ian Jackson , Jan Beulich , Wei Liu , =?utf-8?q?Roger_Pau_?= =?utf-8?q?Monn=C3=A9?= , Tamas K Lengyel , Tim Deegan , Juergen Gross , Alexandru Isaila , Petre Pircalabu , Dario Faggioli , Paul Durrant , Daniel De Graaf , persaur@gmail.com, christopher.w.clark@gmail.com, adam.schwalm@starlab.io, scott.davis@starlab.io Subject: [PATCH 4/6] xsm: remove xen_defualt_t from hook definitions Date: Thu, 17 Jun 2021 19:39:16 -0400 Message-Id: <20210617233918.10095-5-dpsmith@apertussolutions.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210617233918.10095-1-dpsmith@apertussolutions.com> References: <20210617233918.10095-1-dpsmith@apertussolutions.com> MIME-Version: 1.0 X-ZohoMailClient: External With the conversion of making XSM always enabled even the dummy XSM module is being invoked through the xsm_ops dispatch which does not use passing of the default privilege. This commit removes the xen_default_t parameter from the hook definitions and all the respective call sites. Signed-off-by: Daniel P. Smith --- xen/arch/arm/dm.c | 2 +- xen/arch/arm/domctl.c | 6 +- xen/arch/arm/hvm.c | 2 +- xen/arch/arm/mm.c | 2 +- xen/arch/arm/platform_hypercall.c | 2 +- xen/arch/x86/cpu/mcheck/mce.c | 2 +- xen/arch/x86/cpu/vpmu.c | 2 +- xen/arch/x86/domctl.c | 8 +- xen/arch/x86/hvm/dm.c | 2 +- xen/arch/x86/hvm/hvm.c | 12 +- xen/arch/x86/irq.c | 5 +- xen/arch/x86/mm.c | 20 +-- xen/arch/x86/mm/mem_paging.c | 2 +- xen/arch/x86/mm/mem_sharing.c | 9 +- xen/arch/x86/mm/p2m.c | 2 +- xen/arch/x86/mm/paging.c | 4 +- xen/arch/x86/mm/shadow/set.c | 2 +- xen/arch/x86/msi.c | 3 +- xen/arch/x86/pci.c | 2 +- xen/arch/x86/physdev.c | 17 ++- xen/arch/x86/platform_hypercall.c | 10 +- xen/arch/x86/pv/emul-priv-op.c | 2 +- xen/arch/x86/sysctl.c | 4 +- xen/common/domain.c | 4 +- xen/common/domctl.c | 12 +- xen/common/event_channel.c | 12 +- xen/common/grant_table.c | 16 +-- xen/common/hypfs.c | 2 +- xen/common/kernel.c | 2 +- xen/common/kexec.c | 2 +- xen/common/mem_access.c | 2 +- xen/common/memory.c | 16 +-- xen/common/monitor.c | 2 +- xen/common/sched/core.c | 6 +- xen/common/sysctl.c | 8 +- xen/common/vm_event.c | 2 +- xen/common/xenoprof.c | 2 +- xen/drivers/char/console.c | 2 +- xen/drivers/passthrough/device_tree.c | 4 +- xen/drivers/passthrough/pci.c | 12 +- xen/include/xsm/xsm.h | 172 +++++++++++++------------- 41 files changed, 197 insertions(+), 203 deletions(-) diff --git a/xen/arch/arm/dm.c b/xen/arch/arm/dm.c index 1b3fd6bc7d..c8b89c8f47 100644 --- a/xen/arch/arm/dm.c +++ b/xen/arch/arm/dm.c @@ -45,7 +45,7 @@ int dm_op(const struct dmop_args *op_args) if ( rc ) return rc; - rc = xsm_dm_op(XSM_DM_PRIV, d); + rc = xsm_dm_op(d); if ( rc ) goto out; diff --git a/xen/arch/arm/domctl.c b/xen/arch/arm/domctl.c index b7d27f37df..e7202703ee 100644 --- a/xen/arch/arm/domctl.c +++ b/xen/arch/arm/domctl.c @@ -95,11 +95,11 @@ long arch_do_domctl(struct xen_domctl *domctl, struct domain *d, * done by the 2 hypercalls for consistency with other * architectures. */ - rc = xsm_map_domain_irq(XSM_HOOK, d, irq, NULL); + rc = xsm_map_domain_irq(d, irq, NULL); if ( rc ) return rc; - rc = xsm_bind_pt_irq(XSM_HOOK, d, bind); + rc = xsm_bind_pt_irq(d, bind); if ( rc ) return rc; @@ -130,7 +130,7 @@ long arch_do_domctl(struct xen_domctl *domctl, struct domain *d, if ( irq != virq ) return -EINVAL; - rc = xsm_unbind_pt_irq(XSM_HOOK, d, bind); + rc = xsm_unbind_pt_irq(d, bind); if ( rc ) return rc; diff --git a/xen/arch/arm/hvm.c b/xen/arch/arm/hvm.c index 8951b34086..cf4bd9ae09 100644 --- a/xen/arch/arm/hvm.c +++ b/xen/arch/arm/hvm.c @@ -101,7 +101,7 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg) if ( d == NULL ) return -ESRCH; - rc = xsm_hvm_param(XSM_TARGET, d, op); + rc = xsm_hvm_param(d, op); if ( rc ) goto param_fail; diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index 0e07335291..a256c89b62 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -1446,7 +1446,7 @@ int xenmem_add_to_physmap_one( return -EINVAL; } - rc = xsm_map_gmfn_foreign(XSM_TARGET, d, od); + rc = xsm_map_gmfn_foreign(d, od); if ( rc ) { put_pg_owner(od); diff --git a/xen/arch/arm/platform_hypercall.c b/xen/arch/arm/platform_hypercall.c index 8efac7ee60..52985f8a51 100644 --- a/xen/arch/arm/platform_hypercall.c +++ b/xen/arch/arm/platform_hypercall.c @@ -33,7 +33,7 @@ long do_platform_op(XEN_GUEST_HANDLE_PARAM(xen_platform_op_t) u_xenpf_op) if ( d == NULL ) return -ESRCH; - ret = xsm_platform_op(XSM_PRIV, op->cmd); + ret = xsm_platform_op(op->cmd); if ( ret ) return ret; diff --git a/xen/arch/x86/cpu/mcheck/mce.c b/xen/arch/x86/cpu/mcheck/mce.c index 7f433343bc..58beb96663 100644 --- a/xen/arch/x86/cpu/mcheck/mce.c +++ b/xen/arch/x86/cpu/mcheck/mce.c @@ -1376,7 +1376,7 @@ long do_mca(XEN_GUEST_HANDLE_PARAM(xen_mc_t) u_xen_mc) struct xen_mc_msrinject *mc_msrinject; struct xen_mc_mceinject *mc_mceinject; - ret = xsm_do_mca(XSM_PRIV); + ret = xsm_do_mca(); if ( ret ) return x86_mcerr("", ret); diff --git a/xen/arch/x86/cpu/vpmu.c b/xen/arch/x86/cpu/vpmu.c index 16e91a3694..34b536417b 100644 --- a/xen/arch/x86/cpu/vpmu.c +++ b/xen/arch/x86/cpu/vpmu.c @@ -706,7 +706,7 @@ long do_xenpmu_op(unsigned int op, XEN_GUEST_HANDLE_PARAM(xen_pmu_params_t) arg) if ( !opt_vpmu_enabled || has_vlapic(current->domain) ) return -EOPNOTSUPP; - ret = xsm_pmu_op(XSM_OTHER, current->domain, op); + ret = xsm_pmu_op(current->domain, op); if ( ret ) return ret; diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c index 26a76d2be9..8343c59e83 100644 --- a/xen/arch/x86/domctl.c +++ b/xen/arch/x86/domctl.c @@ -234,7 +234,7 @@ long arch_do_domctl( if ( (fp + np) <= fp || (fp + np) > MAX_IOPORTS ) ret = -EINVAL; else if ( !ioports_access_permitted(currd, fp, fp + np - 1) || - xsm_ioport_permission(XSM_HOOK, d, fp, fp + np - 1, allow) ) + xsm_ioport_permission(d, fp, fp + np - 1, allow) ) ret = -EPERM; else if ( allow ) ret = ioports_permit_access(d, fp, fp + np - 1); @@ -534,7 +534,7 @@ long arch_do_domctl( if ( !is_hvm_domain(d) ) break; - ret = xsm_bind_pt_irq(XSM_HOOK, d, bind); + ret = xsm_bind_pt_irq(d, bind); if ( ret ) break; @@ -569,7 +569,7 @@ long arch_do_domctl( if ( irq <= 0 || !irq_access_permitted(currd, irq) ) break; - ret = xsm_unbind_pt_irq(XSM_HOOK, d, bind); + ret = xsm_unbind_pt_irq(d, bind); if ( ret ) break; @@ -616,7 +616,7 @@ long arch_do_domctl( if ( !ioports_access_permitted(currd, fmp, fmp + np - 1) ) break; - ret = xsm_ioport_mapping(XSM_HOOK, d, fmp, fmp + np - 1, add); + ret = xsm_ioport_mapping(d, fmp, fmp + np - 1, add); if ( ret ) break; diff --git a/xen/arch/x86/hvm/dm.c b/xen/arch/x86/hvm/dm.c index b60b9f3364..6f996371b9 100644 --- a/xen/arch/x86/hvm/dm.c +++ b/xen/arch/x86/hvm/dm.c @@ -370,7 +370,7 @@ int dm_op(const struct dmop_args *op_args) if ( !is_hvm_domain(d) ) goto out; - rc = xsm_dm_op(XSM_DM_PRIV, d); + rc = xsm_dm_op(d); if ( rc ) goto out; diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 5086773e5c..c1b0d6fca8 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -4080,7 +4080,7 @@ static int hvm_allow_set_param(struct domain *d, uint64_t value; int rc; - rc = xsm_hvm_param(XSM_TARGET, d, HVMOP_set_param); + rc = xsm_hvm_param(d, HVMOP_set_param); if ( rc ) return rc; @@ -4227,7 +4227,7 @@ static int hvm_set_param(struct domain *d, uint32_t index, uint64_t value) rc = pmtimer_change_ioport(d, value); break; case HVM_PARAM_ALTP2M: - rc = xsm_hvm_param_altp2mhvm(XSM_PRIV, d); + rc = xsm_hvm_param_altp2mhvm(d); if ( rc ) break; if ( (value > XEN_ALTP2M_limited) || @@ -4356,7 +4356,7 @@ static int hvm_allow_get_param(struct domain *d, { int rc; - rc = xsm_hvm_param(XSM_TARGET, d, HVMOP_get_param); + rc = xsm_hvm_param(d, HVMOP_get_param); if ( rc ) return rc; @@ -4566,7 +4566,7 @@ static int do_altp2m_op( goto out; } - if ( (rc = xsm_hvm_altp2mhvm_op(XSM_OTHER, d, mode, a.cmd)) ) + if ( (rc = xsm_hvm_altp2mhvm_op(d, mode, a.cmd)) ) goto out; switch ( a.cmd ) @@ -4947,7 +4947,7 @@ static int hvmop_get_mem_type( if ( d == NULL ) return -ESRCH; - rc = xsm_hvm_param(XSM_TARGET, d, HVMOP_get_mem_type); + rc = xsm_hvm_param(d, HVMOP_get_mem_type); if ( rc ) goto out; @@ -5040,7 +5040,7 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg) if ( unlikely(d != current->domain) ) rc = -EOPNOTSUPP; else if ( is_hvm_domain(d) && paging_mode_shadow(d) ) - rc = xsm_hvm_param(XSM_TARGET, d, op); + rc = xsm_hvm_param(d, op); if ( !rc ) pagetable_dying(a.gpa); diff --git a/xen/arch/x86/irq.c b/xen/arch/x86/irq.c index a1693f92dd..9f79ec1b86 100644 --- a/xen/arch/x86/irq.c +++ b/xen/arch/x86/irq.c @@ -2122,7 +2122,7 @@ int map_domain_pirq( return 0; } - ret = xsm_map_domain_irq(XSM_HOOK, d, irq, data); + ret = xsm_map_domain_irq(d, irq, data); if ( ret ) { dprintk(XENLOG_G_ERR, "dom%d: could not permit access to irq %d mapping to pirq %d\n", @@ -2342,8 +2342,7 @@ int unmap_domain_pirq(struct domain *d, int pirq) nr = msi_desc->msi.nvec; } - ret = xsm_unmap_domain_irq(XSM_HOOK, d, irq, - msi_desc ? msi_desc->dev : NULL); + ret = xsm_unmap_domain_irq(d, irq, msi_desc ? msi_desc->dev : NULL); if ( ret ) goto done; diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c index 4d799032dc..33d0aa8d4b 100644 --- a/xen/arch/x86/mm.c +++ b/xen/arch/x86/mm.c @@ -977,7 +977,7 @@ get_page_from_l1e( * minor hack can go away. */ if ( (real_pg_owner == NULL) || (pg_owner == l1e_owner) || - xsm_priv_mapping(XSM_TARGET, pg_owner, real_pg_owner) ) + xsm_priv_mapping(pg_owner, real_pg_owner) ) { gdprintk(XENLOG_WARNING, "pg_owner d%d l1e_owner d%d, but real_pg_owner d%d\n", @@ -3407,7 +3407,7 @@ long do_mmuext_op( return -EINVAL; } - rc = xsm_mmuext_op(XSM_TARGET, currd, pg_owner); + rc = xsm_mmuext_op(currd, pg_owner); if ( rc ) { put_pg_owner(pg_owner); @@ -3497,7 +3497,7 @@ long do_mmuext_op( break; } - rc = xsm_memory_pin_page(XSM_HOOK, currd, pg_owner, page); + rc = xsm_memory_pin_page(currd, pg_owner, page); if ( !rc && unlikely(test_and_set_bit(_PGT_pinned, &page->u.inuse.type_info)) ) { @@ -4006,7 +4006,7 @@ long do_mmu_update( } if ( xsm_needed != xsm_checked ) { - rc = xsm_mmu_update(XSM_TARGET, d, pt_owner, pg_owner, xsm_needed); + rc = xsm_mmu_update(d, pt_owner, pg_owner, xsm_needed); if ( rc ) break; xsm_checked = xsm_needed; @@ -4142,7 +4142,7 @@ long do_mmu_update( xsm_needed |= XSM_MMU_MACHPHYS_UPDATE; if ( xsm_needed != xsm_checked ) { - rc = xsm_mmu_update(XSM_TARGET, d, NULL, pg_owner, xsm_needed); + rc = xsm_mmu_update(d, NULL, pg_owner, xsm_needed); if ( rc ) break; xsm_checked = xsm_needed; @@ -4391,7 +4391,7 @@ static int __do_update_va_mapping( perfc_incr(calls_to_update_va); - rc = xsm_update_va_mapping(XSM_TARGET, d, pg_owner, val); + rc = xsm_update_va_mapping(d, pg_owner, val); if ( rc ) return rc; @@ -4630,7 +4630,7 @@ long arch_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg) if ( d == NULL ) return -ESRCH; - rc = xsm_domain_memory_map(XSM_TARGET, d); + rc = xsm_domain_memory_map(d); if ( rc ) { rcu_unlock_domain(d); @@ -4697,7 +4697,7 @@ long arch_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg) unsigned int i; bool store; - rc = xsm_machine_memory_map(XSM_PRIV); + rc = xsm_machine_memory_map(); if ( rc ) return rc; @@ -4787,9 +4787,9 @@ long arch_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg) return -ESRCH; if ( cmd == XENMEM_set_pod_target ) - rc = xsm_set_pod_target(XSM_PRIV, d); + rc = xsm_set_pod_target(d); else - rc = xsm_get_pod_target(XSM_PRIV, d); + rc = xsm_get_pod_target(d); if ( rc != 0 ) goto pod_target_out_unlock; diff --git a/xen/arch/x86/mm/mem_paging.c b/xen/arch/x86/mm/mem_paging.c index 01281f786e..073edb9499 100644 --- a/xen/arch/x86/mm/mem_paging.c +++ b/xen/arch/x86/mm/mem_paging.c @@ -452,7 +452,7 @@ int mem_paging_memop(XEN_GUEST_HANDLE_PARAM(xen_mem_paging_op_t) arg) if ( rc ) return rc; - rc = xsm_mem_paging(XSM_DM_PRIV, d); + rc = xsm_mem_paging(d); if ( rc ) goto out; diff --git a/xen/arch/x86/mm/mem_sharing.c b/xen/arch/x86/mm/mem_sharing.c index 98b14f7b0a..db5f5ce8b5 100644 --- a/xen/arch/x86/mm/mem_sharing.c +++ b/xen/arch/x86/mm/mem_sharing.c @@ -1883,7 +1883,7 @@ int mem_sharing_memop(XEN_GUEST_HANDLE_PARAM(xen_mem_sharing_op_t) arg) if ( rc ) return rc; - rc = xsm_mem_sharing(XSM_DM_PRIV, d); + rc = xsm_mem_sharing(d); if ( rc ) goto out; @@ -1928,7 +1928,7 @@ int mem_sharing_memop(XEN_GUEST_HANDLE_PARAM(xen_mem_sharing_op_t) arg) if ( rc ) goto out; - rc = xsm_mem_sharing_op(XSM_DM_PRIV, d, cd, mso.op); + rc = xsm_mem_sharing_op(d, cd, mso.op); if ( rc ) { rcu_unlock_domain(cd); @@ -1994,7 +1994,7 @@ int mem_sharing_memop(XEN_GUEST_HANDLE_PARAM(xen_mem_sharing_op_t) arg) if ( rc ) goto out; - rc = xsm_mem_sharing_op(XSM_DM_PRIV, d, cd, mso.op); + rc = xsm_mem_sharing_op(d, cd, mso.op); if ( rc ) { rcu_unlock_domain(cd); @@ -2056,8 +2056,7 @@ int mem_sharing_memop(XEN_GUEST_HANDLE_PARAM(xen_mem_sharing_op_t) arg) * We reuse XENMEM_sharing_op_share XSM check here as this is * essentially the same concept repeated over multiple pages. */ - rc = xsm_mem_sharing_op(XSM_DM_PRIV, d, cd, - XENMEM_sharing_op_share); + rc = xsm_mem_sharing_op(d, cd, XENMEM_sharing_op_share); if ( rc ) { rcu_unlock_domain(cd); diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c index dbb1cbeb59..5cee9f5a1d 100644 --- a/xen/arch/x86/mm/p2m.c +++ b/xen/arch/x86/mm/p2m.c @@ -2637,7 +2637,7 @@ static int p2m_add_foreign(struct domain *tdom, unsigned long fgfn, goto out; } - rc = xsm_map_gmfn_foreign(XSM_TARGET, tdom, fdom); + rc = xsm_map_gmfn_foreign(tdom, fdom); if ( rc ) goto out; diff --git a/xen/arch/x86/mm/paging.c b/xen/arch/x86/mm/paging.c index c304c24526..86a1ec5b80 100644 --- a/xen/arch/x86/mm/paging.c +++ b/xen/arch/x86/mm/paging.c @@ -714,7 +714,7 @@ int paging_domctl(struct domain *d, struct xen_domctl_shadow_op *sc, return -EBUSY; } - rc = xsm_shadow_control(XSM_HOOK, d, sc->op); + rc = xsm_shadow_control(d, sc->op); if ( rc ) return rc; @@ -771,7 +771,7 @@ long paging_domctl_continuation(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) if ( d == NULL ) return -ESRCH; - ret = xsm_domctl(XSM_OTHER, d, op.cmd); + ret = xsm_domctl(d, op.cmd); if ( !ret ) { if ( domctl_lock_acquire() ) diff --git a/xen/arch/x86/mm/shadow/set.c b/xen/arch/x86/mm/shadow/set.c index 87e9c6eeb2..e7433ac81b 100644 --- a/xen/arch/x86/mm/shadow/set.c +++ b/xen/arch/x86/mm/shadow/set.c @@ -117,7 +117,7 @@ shadow_get_page_from_l1e(shadow_l1e_t sl1e, struct domain *d, p2m_type_t type) * not own, we let it succeed anyway. */ if ( owner && (d != owner) && - !(res = xsm_priv_mapping(XSM_TARGET, d, owner)) ) + !(res = xsm_priv_mapping(d, owner)) ) { res = get_page_from_l1e(sl1e, d, owner); SHADOW_PRINTK("privileged %pd installs map of %pd's mfn %"PRI_mfn": %s\n", diff --git a/xen/arch/x86/msi.c b/xen/arch/x86/msi.c index 5febc0ea4b..f821d145e5 100644 --- a/xen/arch/x86/msi.c +++ b/xen/arch/x86/msi.c @@ -1310,8 +1310,7 @@ int pci_restore_msi_state(struct pci_dev *pdev) if ( !use_msi ) return -EOPNOTSUPP; - ret = xsm_resource_setup_pci(XSM_PRIV, - (pdev->seg << 16) | (pdev->bus << 8) | + ret = xsm_resource_setup_pci((pdev->seg << 16) | (pdev->bus << 8) | pdev->devfn); if ( ret ) return ret; diff --git a/xen/arch/x86/pci.c b/xen/arch/x86/pci.c index a9decd4f33..d5886c59e6 100644 --- a/xen/arch/x86/pci.c +++ b/xen/arch/x86/pci.c @@ -74,7 +74,7 @@ int pci_conf_write_intercept(unsigned int seg, unsigned int bdf, uint32_t *data) { struct pci_dev *pdev; - int rc = xsm_pci_config_permission(XSM_HOOK, current->domain, bdf, + int rc = xsm_pci_config_permission(current->domain, bdf, reg, reg + size - 1, 1); if ( rc < 0 ) diff --git a/xen/arch/x86/physdev.c b/xen/arch/x86/physdev.c index 23465bcd00..3f2a2035c5 100644 --- a/xen/arch/x86/physdev.c +++ b/xen/arch/x86/physdev.c @@ -110,7 +110,7 @@ int physdev_map_pirq(domid_t domid, int type, int *index, int *pirq_p, if ( d == NULL ) return -ESRCH; - ret = xsm_map_domain_pirq(XSM_DM_PRIV, d); + ret = xsm_map_domain_pirq(d); if ( ret ) goto free_domain; @@ -148,7 +148,7 @@ int physdev_unmap_pirq(domid_t domid, int pirq) return -ESRCH; if ( domid != DOMID_SELF || !is_hvm_domain(d) || !has_pirq(d) ) - ret = xsm_unmap_domain_pirq(XSM_DM_PRIV, d); + ret = xsm_unmap_domain_pirq(d); if ( ret ) goto free_domain; @@ -355,7 +355,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg) ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = xsm_apic(XSM_PRIV, currd, cmd); + ret = xsm_apic(currd, cmd); if ( ret ) break; ret = ioapic_guest_read(apic.apic_physbase, apic.reg, &apic.value); @@ -369,7 +369,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg) ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = xsm_apic(XSM_PRIV, currd, cmd); + ret = xsm_apic(currd, cmd); if ( ret ) break; ret = ioapic_guest_write(apic.apic_physbase, apic.reg, apic.value); @@ -385,7 +385,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg) /* Use the APIC check since this dummy hypercall should still only * be called by the domain with access to program the ioapic */ - ret = xsm_apic(XSM_PRIV, currd, cmd); + ret = xsm_apic(currd, cmd); if ( ret ) break; @@ -535,8 +535,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg) if ( copy_from_guest(&dev, arg, 1) ) ret = -EFAULT; else - ret = xsm_resource_setup_pci(XSM_PRIV, - (dev.seg << 16) | (dev.bus << 8) | + ret = xsm_resource_setup_pci((dev.seg << 16) | (dev.bus << 8) | dev.devfn) ?: pci_prepare_msix(dev.seg, dev.bus, dev.devfn, cmd != PHYSDEVOP_prepare_msix); @@ -546,7 +545,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg) case PHYSDEVOP_pci_mmcfg_reserved: { struct physdev_pci_mmcfg_reserved info; - ret = xsm_resource_setup_misc(XSM_PRIV); + ret = xsm_resource_setup_misc(); if ( ret ) break; @@ -611,7 +610,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg) if ( setup_gsi.gsi < 0 || setup_gsi.gsi >= nr_irqs_gsi ) break; - ret = xsm_resource_setup_gsi(XSM_PRIV, setup_gsi.gsi); + ret = xsm_resource_setup_gsi(setup_gsi.gsi); if ( ret ) break; diff --git a/xen/arch/x86/platform_hypercall.c b/xen/arch/x86/platform_hypercall.c index 23fadbc782..afa97f74fd 100644 --- a/xen/arch/x86/platform_hypercall.c +++ b/xen/arch/x86/platform_hypercall.c @@ -196,7 +196,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PARAM(xen_platform_op_t) u_xenpf_op) if ( op->interface_version != XENPF_INTERFACE_VERSION ) return -EACCES; - ret = xsm_platform_op(XSM_PRIV, op->cmd); + ret = xsm_platform_op(op->cmd); if ( ret ) return ret; @@ -614,7 +614,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PARAM(xen_platform_op_t) u_xenpf_op) { int cpu = op->u.cpu_ol.cpuid; - ret = xsm_resource_plug_core(XSM_HOOK); + ret = xsm_resource_plug_core(); if ( ret ) break; @@ -640,7 +640,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PARAM(xen_platform_op_t) u_xenpf_op) { int cpu = op->u.cpu_ol.cpuid; - ret = xsm_resource_unplug_core(XSM_HOOK); + ret = xsm_resource_unplug_core(); if ( ret ) break; @@ -669,7 +669,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PARAM(xen_platform_op_t) u_xenpf_op) break; case XENPF_cpu_hotadd: - ret = xsm_resource_plug_core(XSM_HOOK); + ret = xsm_resource_plug_core(); if ( ret ) break; @@ -679,7 +679,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PARAM(xen_platform_op_t) u_xenpf_op) break; case XENPF_mem_hotadd: - ret = xsm_resource_plug_core(XSM_HOOK); + ret = xsm_resource_plug_core(); if ( ret ) break; diff --git a/xen/arch/x86/pv/emul-priv-op.c b/xen/arch/x86/pv/emul-priv-op.c index 8889509d2a..d833b8e2e6 100644 --- a/xen/arch/x86/pv/emul-priv-op.c +++ b/xen/arch/x86/pv/emul-priv-op.c @@ -250,7 +250,7 @@ static bool pci_cfg_ok(struct domain *currd, unsigned int start, } return !write ? - xsm_pci_config_permission(XSM_HOOK, currd, machine_bdf, + xsm_pci_config_permission(currd, machine_bdf, start, start + size - 1, 0) == 0 : pci_conf_write_intercept(0, machine_bdf, start, size, write) >= 0; } diff --git a/xen/arch/x86/sysctl.c b/xen/arch/x86/sysctl.c index aff52a13f3..975672360b 100644 --- a/xen/arch/x86/sysctl.c +++ b/xen/arch/x86/sysctl.c @@ -190,8 +190,8 @@ long arch_do_sysctl( } if ( !ret ) - ret = plug ? xsm_resource_plug_core(XSM_HOOK) - : xsm_resource_unplug_core(XSM_HOOK); + ret = plug ? xsm_resource_plug_core() + : xsm_resource_unplug_core(); if ( !ret ) ret = continue_hypercall_on_cpu(0, fn, hcpu); diff --git a/xen/common/domain.c b/xen/common/domain.c index 6b71c6d6a9..392865f0f1 100644 --- a/xen/common/domain.c +++ b/xen/common/domain.c @@ -311,7 +311,7 @@ static int late_hwdom_init(struct domain *d) if ( d != hardware_domain || d->domain_id == 0 ) return 0; - rv = xsm_init_hardware_domain(XSM_HOOK, d); + rv = xsm_init_hardware_domain(d); if ( rv ) return rv; @@ -649,7 +649,7 @@ struct domain *domain_create(domid_t domid, if ( !d->iomem_caps || !d->irq_caps ) goto fail; - if ( (err = xsm_domain_create(XSM_HOOK, d, config->ssidref)) != 0 ) + if ( (err = xsm_domain_create(d, config->ssidref)) != 0 ) goto fail; d->controller_pause_count = 1; diff --git a/xen/common/domctl.c b/xen/common/domctl.c index ef202c2b8c..de258ab7f7 100644 --- a/xen/common/domctl.c +++ b/xen/common/domctl.c @@ -314,7 +314,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) return -ESRCH; } - ret = xsm_domctl(XSM_OTHER, d, op->cmd); + ret = xsm_domctl(d, op->cmd); if ( ret ) goto domctl_out_unlock_domonly; @@ -553,7 +553,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) if ( d == NULL ) goto getdomaininfo_out; - ret = xsm_getdomaininfo(XSM_HOOK, d); + ret = xsm_getdomaininfo(d); if ( ret ) goto getdomaininfo_out; @@ -688,7 +688,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) break; } irq = pirq_access_permitted(current->domain, pirq); - if ( !irq || xsm_irq_permission(XSM_HOOK, d, irq, allow) ) + if ( !irq || xsm_irq_permission(d, irq, allow) ) ret = -EPERM; else if ( allow ) ret = irq_permit_access(d, irq); @@ -709,7 +709,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) if ( !iomem_access_permitted(current->domain, mfn, mfn + nr_mfns - 1) || - xsm_iomem_permission(XSM_HOOK, d, mfn, mfn + nr_mfns - 1, allow) ) + xsm_iomem_permission(d, mfn, mfn + nr_mfns - 1, allow) ) ret = -EPERM; else if ( allow ) ret = iomem_permit_access(d, mfn, mfn + nr_mfns - 1); @@ -746,7 +746,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) !iomem_access_permitted(d, mfn, mfn_end) ) break; - ret = xsm_iomem_mapping(XSM_HOOK, d, mfn, mfn_end, add); + ret = xsm_iomem_mapping(d, mfn, mfn_end, add); if ( ret ) break; @@ -804,7 +804,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) ret = -EOPNOTSUPP; if ( is_hvm_domain(e) ) - ret = xsm_set_target(XSM_HOOK, d, e); + ret = xsm_set_target(d, e); if ( ret ) { put_domain(e); diff --git a/xen/common/event_channel.c b/xen/common/event_channel.c index 5479315aae..21e7b496ef 100644 --- a/xen/common/event_channel.c +++ b/xen/common/event_channel.c @@ -296,7 +296,7 @@ static long evtchn_alloc_unbound(evtchn_alloc_unbound_t *alloc) ERROR_EXIT_DOM(port, d); chn = evtchn_from_port(d, port); - rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, alloc->remote_dom); + rc = xsm_evtchn_unbound(d, chn, alloc->remote_dom); if ( rc ) goto out; @@ -372,7 +372,7 @@ static long evtchn_bind_interdomain(evtchn_bind_interdomain_t *bind) (rchn->u.unbound.remote_domid != ld->domain_id) ) ERROR_EXIT_DOM(-EINVAL, rd); - rc = xsm_evtchn_interdomain(XSM_HOOK, ld, lchn, rd, rchn); + rc = xsm_evtchn_interdomain(ld, lchn, rd, rchn); if ( rc ) goto out; @@ -760,7 +760,7 @@ int evtchn_send(struct domain *ld, unsigned int lport) goto out; } - ret = xsm_evtchn_send(XSM_HOOK, ld, lchn); + ret = xsm_evtchn_send(ld, lchn); if ( ret ) goto out; @@ -985,7 +985,7 @@ int evtchn_status(evtchn_status_t *status) goto out; } - rc = xsm_evtchn_status(XSM_TARGET, d, chn); + rc = xsm_evtchn_status(d, chn); if ( rc ) goto out; @@ -1310,7 +1310,7 @@ long do_event_channel_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg) if ( d == NULL ) return -ESRCH; - rc = xsm_evtchn_reset(XSM_TARGET, current->domain, d); + rc = xsm_evtchn_reset(current->domain, d); if ( !rc ) rc = evtchn_reset(d, cmd == EVTCHNOP_reset_cont); @@ -1371,7 +1371,7 @@ int alloc_unbound_xen_event_channel( goto out; chn = evtchn_from_port(ld, port); - rc = xsm_evtchn_unbound(XSM_TARGET, ld, chn, remote_domid); + rc = xsm_evtchn_unbound(ld, chn, remote_domid); if ( rc ) goto out; diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c index ab30e2e8cf..df516f6340 100644 --- a/xen/common/grant_table.c +++ b/xen/common/grant_table.c @@ -1063,7 +1063,7 @@ map_grant_ref( return; } - rc = xsm_grant_mapref(XSM_HOOK, ld, rd, op->flags); + rc = xsm_grant_mapref(ld, rd, op->flags); if ( rc ) { rcu_unlock_domain(rd); @@ -1403,7 +1403,7 @@ unmap_common( return; } - rc = xsm_grant_unmapref(XSM_HOOK, ld, rd); + rc = xsm_grant_unmapref(ld, rd); if ( rc ) { rcu_unlock_domain(rd); @@ -2021,7 +2021,7 @@ gnttab_setup_table( goto out; } - if ( xsm_grant_setup(XSM_TARGET, curr->domain, d) ) + if ( xsm_grant_setup(curr->domain, d) ) { op.status = GNTST_permission_denied; goto out; @@ -2103,7 +2103,7 @@ gnttab_query_size( goto out; } - if ( xsm_grant_query_size(XSM_TARGET, current->domain, d) ) + if ( xsm_grant_query_size(current->domain, d) ) { op.status = GNTST_permission_denied; goto out; @@ -2274,7 +2274,7 @@ gnttab_transfer( goto put_gfn_and_copyback; } - if ( xsm_grant_transfer(XSM_HOOK, d, e) ) + if ( xsm_grant_transfer(d, e) ) { gop.status = GNTST_permission_denied; unlock_and_copyback: @@ -2812,7 +2812,7 @@ static int gnttab_copy_lock_domains(const struct gnttab_copy *op, if ( rc < 0 ) goto error; - rc = xsm_grant_copy(XSM_HOOK, src->domain, dest->domain); + rc = xsm_grant_copy(src->domain, dest->domain); if ( rc < 0 ) { rc = GNTST_permission_denied; @@ -3231,7 +3231,7 @@ gnttab_get_status_frames(XEN_GUEST_HANDLE_PARAM(gnttab_get_status_frames_t) uop, op.status = GNTST_bad_domain; goto out1; } - rc = xsm_grant_setup(XSM_TARGET, current->domain, d); + rc = xsm_grant_setup(current->domain, d); if ( rc ) { op.status = GNTST_permission_denied; @@ -3295,7 +3295,7 @@ gnttab_get_version(XEN_GUEST_HANDLE_PARAM(gnttab_get_version_t) uop) if ( d == NULL ) return -ESRCH; - rc = xsm_grant_query_size(XSM_TARGET, current->domain, d); + rc = xsm_grant_query_size(current->domain, d); if ( rc ) { rcu_unlock_domain(d); diff --git a/xen/common/hypfs.c b/xen/common/hypfs.c index e71f7df479..052f3d472a 100644 --- a/xen/common/hypfs.c +++ b/xen/common/hypfs.c @@ -679,7 +679,7 @@ long do_hypfs_op(unsigned int cmd, struct hypfs_entry *entry; static char path[XEN_HYPFS_MAX_PATHLEN]; - if ( xsm_hypfs_op(XSM_PRIV) ) + if ( xsm_hypfs_op() ) return -EPERM; if ( cmd == XEN_HYPFS_OP_get_version ) diff --git a/xen/common/kernel.c b/xen/common/kernel.c index d77756a81e..89e01e908c 100644 --- a/xen/common/kernel.c +++ b/xen/common/kernel.c @@ -459,7 +459,7 @@ __initcall(param_init); DO(xen_version)(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg) { - bool_t deny = !!xsm_xen_version(XSM_OTHER, cmd); + bool_t deny = !!xsm_xen_version(cmd); switch ( cmd ) { diff --git a/xen/common/kexec.c b/xen/common/kexec.c index ebeee6405a..a0d2858cd8 100644 --- a/xen/common/kexec.c +++ b/xen/common/kexec.c @@ -1219,7 +1219,7 @@ static int do_kexec_op_internal(unsigned long op, { int ret = -EINVAL; - ret = xsm_kexec(XSM_PRIV); + ret = xsm_kexec(); if ( ret ) return ret; diff --git a/xen/common/mem_access.c b/xen/common/mem_access.c index 010e6f8dbf..2066510d3b 100644 --- a/xen/common/mem_access.c +++ b/xen/common/mem_access.c @@ -47,7 +47,7 @@ int mem_access_memop(unsigned long cmd, if ( !p2m_mem_access_sanity_check(d) ) goto out; - rc = xsm_mem_access(XSM_DM_PRIV, d); + rc = xsm_mem_access(d); if ( rc ) goto out; diff --git a/xen/common/memory.c b/xen/common/memory.c index 72a6b70cb5..d2621bbb47 100644 --- a/xen/common/memory.c +++ b/xen/common/memory.c @@ -609,7 +609,7 @@ static long memory_exchange(XEN_GUEST_HANDLE_PARAM(xen_memory_exchange_t) arg) goto fail_early; } - rc = xsm_memory_exchange(XSM_TARGET, d); + rc = xsm_memory_exchange(d); if ( rc ) { rcu_unlock_domain(d); @@ -1072,7 +1072,7 @@ static long xatp_permission_check(struct domain *d, unsigned int space) (!is_hardware_domain(d) || (d != current->domain)) ) return -EACCES; - return xsm_add_to_physmap(XSM_TARGET, current->domain, d); + return xsm_add_to_physmap(current->domain, d); } unsigned int ioreq_server_max_frames(const struct domain *d) @@ -1232,7 +1232,7 @@ static int acquire_resource( if ( rc ) return rc; - rc = xsm_domain_resource_map(XSM_DM_PRIV, d); + rc = xsm_domain_resource_map(d); if ( rc ) goto out; @@ -1388,7 +1388,7 @@ long do_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg) && (reservation.mem_flags & XENMEMF_populate_on_demand) ) args.memflags |= MEMF_populate_on_demand; - if ( xsm_memory_adjust_reservation(XSM_TARGET, curr_d, d) ) + if ( xsm_memory_adjust_reservation(curr_d, d) ) { rcu_unlock_domain(d); return start_extent; @@ -1462,7 +1462,7 @@ long do_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg) if ( d == NULL ) return -ESRCH; - rc = xsm_memory_stat_reservation(XSM_TARGET, curr_d, d); + rc = xsm_memory_stat_reservation(curr_d, d); if ( rc ) { rcu_unlock_domain(d); @@ -1584,7 +1584,7 @@ long do_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg) return -ESRCH; rc = paging_mode_translate(d) - ? xsm_remove_from_physmap(XSM_TARGET, curr_d, d) + ? xsm_remove_from_physmap(curr_d, d) : -EACCES; if ( rc ) { @@ -1631,7 +1631,7 @@ long do_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg) if ( d == NULL ) return -EINVAL; - rc = xsm_claim_pages(XSM_PRIV, d); + rc = xsm_claim_pages(d); if ( !rc ) rc = domain_set_outstanding_pages(d, reservation.nr_extents); @@ -1662,7 +1662,7 @@ long do_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg) if ( (d = rcu_lock_domain_by_any_id(topology.domid)) == NULL ) return -ESRCH; - rc = xsm_get_vnumainfo(XSM_TARGET, d); + rc = xsm_get_vnumainfo(d); if ( rc ) { rcu_unlock_domain(d); diff --git a/xen/common/monitor.c b/xen/common/monitor.c index d5c9ff1cbf..ff17bad733 100644 --- a/xen/common/monitor.c +++ b/xen/common/monitor.c @@ -36,7 +36,7 @@ int monitor_domctl(struct domain *d, struct xen_domctl_monitor_op *mop) if ( unlikely(current->domain == d) ) /* no domain_pause() */ return -EPERM; - rc = xsm_vm_event_control(XSM_PRIV, d, mop->op, mop->event); + rc = xsm_vm_event_control(d, mop->op, mop->event); if ( unlikely(rc) ) return rc; diff --git a/xen/common/sched/core.c b/xen/common/sched/core.c index 6d34764d38..e5c154fe9d 100644 --- a/xen/common/sched/core.c +++ b/xen/common/sched/core.c @@ -1944,7 +1944,7 @@ ret_t do_sched_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg) if ( d == NULL ) break; - ret = xsm_schedop_shutdown(XSM_DM_PRIV, current->domain, d); + ret = xsm_schedop_shutdown(current->domain, d); if ( likely(!ret) ) domain_shutdown(d, sched_remote_shutdown.reason); @@ -2046,7 +2046,7 @@ long sched_adjust(struct domain *d, struct xen_domctl_scheduler_op *op) { long ret; - ret = xsm_domctl_scheduler_op(XSM_HOOK, d, op->cmd); + ret = xsm_domctl_scheduler_op(d, op->cmd); if ( ret ) return ret; @@ -2081,7 +2081,7 @@ long sched_adjust_global(struct xen_sysctl_scheduler_op *op) struct cpupool *pool; int rc; - rc = xsm_sysctl_scheduler_op(XSM_HOOK, op->cmd); + rc = xsm_sysctl_scheduler_op(op->cmd); if ( rc ) return rc; diff --git a/xen/common/sysctl.c b/xen/common/sysctl.c index 3558641cd9..4e25c0e499 100644 --- a/xen/common/sysctl.c +++ b/xen/common/sysctl.c @@ -41,7 +41,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xen_sysctl_t) u_sysctl) if ( op->interface_version != XEN_SYSCTL_INTERFACE_VERSION ) return -EACCES; - ret = xsm_sysctl(XSM_PRIV, op->cmd); + ret = xsm_sysctl(op->cmd); if ( ret ) return ret; @@ -58,7 +58,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xen_sysctl_t) u_sysctl) switch ( op->cmd ) { case XEN_SYSCTL_readconsole: - ret = xsm_readconsole(XSM_HOOK, op->u.readconsole.clear); + ret = xsm_readconsole(op->u.readconsole.clear); if ( ret ) break; @@ -88,7 +88,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xen_sysctl_t) u_sysctl) if ( num_domains == op->u.getdomaininfolist.max_domains ) break; - ret = xsm_getdomaininfo(XSM_HOOK, d); + ret = xsm_getdomaininfo(d); if ( ret ) continue; @@ -191,7 +191,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xen_sysctl_t) u_sysctl) if ( op->u.page_offline.end < op->u.page_offline.start ) break; - ret = xsm_page_offline(XSM_HOOK, op->u.page_offline.cmd); + ret = xsm_page_offline(op->u.page_offline.cmd); if ( ret ) break; diff --git a/xen/common/vm_event.c b/xen/common/vm_event.c index 70ab3ba406..307f99fcf0 100644 --- a/xen/common/vm_event.c +++ b/xen/common/vm_event.c @@ -584,7 +584,7 @@ int vm_event_domctl(struct domain *d, struct xen_domctl_vm_event_op *vec) return 0; } - rc = xsm_vm_event_control(XSM_PRIV, d, vec->mode, vec->op); + rc = xsm_vm_event_control(d, vec->mode, vec->op); if ( rc ) return rc; diff --git a/xen/common/xenoprof.c b/xen/common/xenoprof.c index 1926a92fe4..76d8b1f807 100644 --- a/xen/common/xenoprof.c +++ b/xen/common/xenoprof.c @@ -737,7 +737,7 @@ ret_t do_xenoprof_op(int op, XEN_GUEST_HANDLE_PARAM(void) arg) return -EPERM; } - ret = xsm_profile(XSM_HOOK, current->domain, op); + ret = xsm_profile(current->domain, op); if ( ret ) return ret; diff --git a/xen/drivers/char/console.c b/xen/drivers/char/console.c index 7d0a603d03..b5d62ea4ee 100644 --- a/xen/drivers/char/console.c +++ b/xen/drivers/char/console.c @@ -681,7 +681,7 @@ long do_console_io(unsigned int cmd, unsigned int count, long rc; unsigned int idx, len; - rc = xsm_console_io(XSM_OTHER, current->domain, cmd); + rc = xsm_console_io(current->domain, cmd); if ( rc ) return rc; diff --git a/xen/drivers/passthrough/device_tree.c b/xen/drivers/passthrough/device_tree.c index 999b831d90..67b03fd2a9 100644 --- a/xen/drivers/passthrough/device_tree.c +++ b/xen/drivers/passthrough/device_tree.c @@ -230,7 +230,7 @@ int iommu_do_dt_domctl(struct xen_domctl *domctl, struct domain *d, if ( ret ) break; - ret = xsm_assign_dtdevice(XSM_HOOK, d, dt_node_full_name(dev)); + ret = xsm_assign_dtdevice(d, dt_node_full_name(dev)); if ( ret ) break; @@ -284,7 +284,7 @@ int iommu_do_dt_domctl(struct xen_domctl *domctl, struct domain *d, if ( ret ) break; - ret = xsm_deassign_dtdevice(XSM_HOOK, d, dt_node_full_name(dev)); + ret = xsm_deassign_dtdevice(d, dt_node_full_name(dev)); if ( d == dom_io ) return -EINVAL; diff --git a/xen/drivers/passthrough/pci.c b/xen/drivers/passthrough/pci.c index 199ce08612..1363ef8121 100644 --- a/xen/drivers/passthrough/pci.c +++ b/xen/drivers/passthrough/pci.c @@ -704,7 +704,7 @@ int pci_add_device(u16 seg, u8 bus, u8 devfn, else pdev_type = "device"; - ret = xsm_resource_plug_pci(XSM_PRIV, (seg << 16) | (bus << 8) | devfn); + ret = xsm_resource_plug_pci((seg << 16) | (bus << 8) | devfn); if ( ret ) return ret; @@ -814,7 +814,7 @@ int pci_remove_device(u16 seg, u8 bus, u8 devfn) struct pci_dev *pdev; int ret; - ret = xsm_resource_unplug_pci(XSM_PRIV, (seg << 16) | (bus << 8) | devfn); + ret = xsm_resource_unplug_pci((seg << 16) | (bus << 8) | devfn); if ( ret ) return ret; @@ -1477,7 +1477,7 @@ static int iommu_get_device_group( ((pdev->bus == bus) && (pdev->devfn == devfn)) ) continue; - if ( xsm_get_device_group(XSM_HOOK, (seg << 16) | (pdev->bus << 8) | pdev->devfn) ) + if ( xsm_get_device_group((seg << 16) | (pdev->bus << 8) | pdev->devfn) ) continue; sdev_id = ops->get_device_group_id(seg, pdev->bus, pdev->devfn); @@ -1545,7 +1545,7 @@ int iommu_do_pci_domctl( u32 max_sdevs; XEN_GUEST_HANDLE_64(uint32) sdevs; - ret = xsm_get_device_group(XSM_HOOK, domctl->u.get_device_group.machine_sbdf); + ret = xsm_get_device_group(domctl->u.get_device_group.machine_sbdf); if ( ret ) break; @@ -1596,7 +1596,7 @@ int iommu_do_pci_domctl( machine_sbdf = domctl->u.assign_device.u.pci.machine_sbdf; - ret = xsm_assign_device(XSM_HOOK, d, machine_sbdf); + ret = xsm_assign_device(d, machine_sbdf); if ( ret ) break; @@ -1641,7 +1641,7 @@ int iommu_do_pci_domctl( machine_sbdf = domctl->u.assign_device.u.pci.machine_sbdf; - ret = xsm_deassign_device(XSM_HOOK, d, machine_sbdf); + ret = xsm_deassign_device(d, machine_sbdf); if ( ret ) break; diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index 69f68300e2..1d25954731 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -30,53 +30,53 @@ static inline void xsm_security_domaininfo (struct domain *d, alternative_vcall(xsm_ops.security_domaininfo, d, info); } -static inline int xsm_domain_create (xsm_default_t def, struct domain *d, u32 ssidref) +static inline int xsm_domain_create (struct domain *d, u32 ssidref) { return alternative_call(xsm_ops.domain_create, d, ssidref); } -static inline int xsm_getdomaininfo (xsm_default_t def, struct domain *d) +static inline int xsm_getdomaininfo (struct domain *d) { return alternative_call(xsm_ops.getdomaininfo, d); } -static inline int xsm_domctl_scheduler_op (xsm_default_t def, struct domain *d, int cmd) +static inline int xsm_domctl_scheduler_op (struct domain *d, int cmd) { return alternative_call(xsm_ops.domctl_scheduler_op, d, cmd); } -static inline int xsm_sysctl_scheduler_op (xsm_default_t def, int cmd) +static inline int xsm_sysctl_scheduler_op (int cmd) { return alternative_call(xsm_ops.sysctl_scheduler_op, cmd); } -static inline int xsm_set_target (xsm_default_t def, struct domain *d, struct domain *e) +static inline int xsm_set_target (struct domain *d, struct domain *e) { return alternative_call(xsm_ops.set_target, d, e); } -static inline int xsm_domctl (xsm_default_t def, struct domain *d, int cmd) +static inline int xsm_domctl (struct domain *d, int cmd) { return alternative_call(xsm_ops.domctl, d, cmd); } -static inline int xsm_sysctl (xsm_default_t def, int cmd) +static inline int xsm_sysctl (int cmd) { return alternative_call(xsm_ops.sysctl, cmd); } -static inline int xsm_readconsole (xsm_default_t def, uint32_t clear) +static inline int xsm_readconsole (uint32_t clear) { return alternative_call(xsm_ops.readconsole, clear); } -static inline int xsm_evtchn_unbound (xsm_default_t def, struct domain *d1, struct evtchn *chn, +static inline int xsm_evtchn_unbound (struct domain *d1, struct evtchn *chn, domid_t id2) { return alternative_call(xsm_ops.evtchn_unbound, d1, chn, id2); } -static inline int xsm_evtchn_interdomain (xsm_default_t def, struct domain *d1, +static inline int xsm_evtchn_interdomain (struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { return alternative_call(xsm_ops.evtchn_interdomain, d1, chan1, d2, chan2); @@ -87,48 +87,48 @@ static inline void xsm_evtchn_close_post (struct evtchn *chn) alternative_vcall(xsm_ops.evtchn_close_post, chn); } -static inline int xsm_evtchn_send (xsm_default_t def, struct domain *d, struct evtchn *chn) +static inline int xsm_evtchn_send (struct domain *d, struct evtchn *chn) { return alternative_call(xsm_ops.evtchn_send, d, chn); } -static inline int xsm_evtchn_status (xsm_default_t def, struct domain *d, struct evtchn *chn) +static inline int xsm_evtchn_status (struct domain *d, struct evtchn *chn) { return alternative_call(xsm_ops.evtchn_status, d, chn); } -static inline int xsm_evtchn_reset (xsm_default_t def, struct domain *d1, struct domain *d2) +static inline int xsm_evtchn_reset (struct domain *d1, struct domain *d2) { return alternative_call(xsm_ops.evtchn_reset, d1, d2); } -static inline int xsm_grant_mapref (xsm_default_t def, struct domain *d1, struct domain *d2, +static inline int xsm_grant_mapref (struct domain *d1, struct domain *d2, uint32_t flags) { return alternative_call(xsm_ops.grant_mapref, d1, d2, flags); } -static inline int xsm_grant_unmapref (xsm_default_t def, struct domain *d1, struct domain *d2) +static inline int xsm_grant_unmapref (struct domain *d1, struct domain *d2) { return alternative_call(xsm_ops.grant_unmapref, d1, d2); } -static inline int xsm_grant_setup (xsm_default_t def, struct domain *d1, struct domain *d2) +static inline int xsm_grant_setup (struct domain *d1, struct domain *d2) { return alternative_call(xsm_ops.grant_setup, d1, d2); } -static inline int xsm_grant_transfer (xsm_default_t def, struct domain *d1, struct domain *d2) +static inline int xsm_grant_transfer (struct domain *d1, struct domain *d2) { return alternative_call(xsm_ops.grant_transfer, d1, d2); } -static inline int xsm_grant_copy (xsm_default_t def, struct domain *d1, struct domain *d2) +static inline int xsm_grant_copy (struct domain *d1, struct domain *d2) { return alternative_call(xsm_ops.grant_copy, d1, d2); } -static inline int xsm_grant_query_size (xsm_default_t def, struct domain *d1, struct domain *d2) +static inline int xsm_grant_query_size (struct domain *d1, struct domain *d2) { return alternative_call(xsm_ops.grant_query_size, d1, d2); } @@ -160,80 +160,80 @@ static inline char *xsm_show_security_evtchn (struct domain *d, const struct evt return alternative_call(xsm_ops.show_security_evtchn, d, chn); } -static inline int xsm_init_hardware_domain (xsm_default_t def, struct domain *d) +static inline int xsm_init_hardware_domain (struct domain *d) { return alternative_call(xsm_ops.init_hardware_domain, d); } -static inline int xsm_get_pod_target (xsm_default_t def, struct domain *d) +static inline int xsm_get_pod_target (struct domain *d) { return alternative_call(xsm_ops.get_pod_target, d); } -static inline int xsm_set_pod_target (xsm_default_t def, struct domain *d) +static inline int xsm_set_pod_target (struct domain *d) { return alternative_call(xsm_ops.set_pod_target, d); } -static inline int xsm_memory_exchange (xsm_default_t def, struct domain *d) +static inline int xsm_memory_exchange (struct domain *d) { return alternative_call(xsm_ops.memory_exchange, d); } -static inline int xsm_memory_adjust_reservation (xsm_default_t def, struct domain *d1, struct +static inline int xsm_memory_adjust_reservation (struct domain *d1, struct domain *d2) { return alternative_call(xsm_ops.memory_adjust_reservation, d1, d2); } -static inline int xsm_memory_stat_reservation (xsm_default_t def, struct domain *d1, +static inline int xsm_memory_stat_reservation (struct domain *d1, struct domain *d2) { return alternative_call(xsm_ops.memory_stat_reservation, d1, d2); } -static inline int xsm_memory_pin_page(xsm_default_t def, struct domain *d1, struct domain *d2, +static inline int xsm_memory_pin_page(struct domain *d1, struct domain *d2, struct page_info *page) { return alternative_call(xsm_ops.memory_pin_page, d1, d2, page); } -static inline int xsm_add_to_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) +static inline int xsm_add_to_physmap(struct domain *d1, struct domain *d2) { return alternative_call(xsm_ops.add_to_physmap, d1, d2); } -static inline int xsm_remove_from_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) +static inline int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) { return alternative_call(xsm_ops.remove_from_physmap, d1, d2); } -static inline int xsm_map_gmfn_foreign (xsm_default_t def, struct domain *d, struct domain *t) +static inline int xsm_map_gmfn_foreign (struct domain *d, struct domain *t) { return alternative_call(xsm_ops.map_gmfn_foreign, d, t); } -static inline int xsm_claim_pages(xsm_default_t def, struct domain *d) +static inline int xsm_claim_pages(struct domain *d) { return alternative_call(xsm_ops.claim_pages, d); } -static inline int xsm_console_io (xsm_default_t def, struct domain *d, int cmd) +static inline int xsm_console_io (struct domain *d, int cmd) { return alternative_call(xsm_ops.console_io, d, cmd); } -static inline int xsm_profile (xsm_default_t def, struct domain *d, int op) +static inline int xsm_profile (struct domain *d, int op) { return alternative_call(xsm_ops.profile, d, op); } -static inline int xsm_kexec (xsm_default_t def) +static inline int xsm_kexec (void) { return alternative_call(xsm_ops.kexec); } -static inline int xsm_schedop_shutdown (xsm_default_t def, struct domain *d1, struct domain *d2) +static inline int xsm_schedop_shutdown (struct domain *d1, struct domain *d2) { return alternative_call(xsm_ops.schedop_shutdown, d1, d2); } @@ -243,131 +243,129 @@ static inline char *xsm_show_irq_sid (int irq) return alternative_call(xsm_ops.show_irq_sid, irq); } -static inline int xsm_map_domain_pirq (xsm_default_t def, struct domain *d) +static inline int xsm_map_domain_pirq (struct domain *d) { return alternative_call(xsm_ops.map_domain_pirq, d); } -static inline int xsm_map_domain_irq (xsm_default_t def, struct domain *d, int irq, void *data) +static inline int xsm_map_domain_irq (struct domain *d, int irq, void *data) { return alternative_call(xsm_ops.map_domain_irq, d, irq, data); } -static inline int xsm_unmap_domain_pirq (xsm_default_t def, struct domain *d) +static inline int xsm_unmap_domain_pirq (struct domain *d) { return alternative_call(xsm_ops.unmap_domain_pirq, d); } -static inline int xsm_unmap_domain_irq (xsm_default_t def, struct domain *d, int irq, void *data) +static inline int xsm_unmap_domain_irq (struct domain *d, int irq, void *data) { return alternative_call(xsm_ops.unmap_domain_irq, d, irq, data); } -static inline int xsm_bind_pt_irq(xsm_default_t def, struct domain *d, +static inline int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return alternative_call(xsm_ops.bind_pt_irq, d, bind); } -static inline int xsm_unbind_pt_irq(xsm_default_t def, struct domain *d, +static inline int xsm_unbind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return alternative_call(xsm_ops.unbind_pt_irq, d, bind); } -static inline int xsm_irq_permission (xsm_default_t def, struct domain *d, int pirq, uint8_t allow) +static inline int xsm_irq_permission (struct domain *d, int pirq, uint8_t allow) { return alternative_call(xsm_ops.irq_permission, d, pirq, allow); } -static inline int xsm_iomem_permission (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static inline int xsm_iomem_permission (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { return alternative_call(xsm_ops.iomem_permission, d, s, e, allow); } -static inline int xsm_iomem_mapping (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static inline int xsm_iomem_mapping (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { return alternative_call(xsm_ops.iomem_mapping, d, s, e, allow); } -static inline int xsm_pci_config_permission (xsm_default_t def, struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) +static inline int xsm_pci_config_permission (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { return alternative_call(xsm_ops.pci_config_permission, d, machine_bdf, start, end, access); } #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) -static inline int xsm_get_device_group(xsm_default_t def, uint32_t machine_bdf) +static inline int xsm_get_device_group(uint32_t machine_bdf) { return alternative_call(xsm_ops.get_device_group, machine_bdf); } -static inline int xsm_assign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) +static inline int xsm_assign_device(struct domain *d, uint32_t machine_bdf) { return alternative_call(xsm_ops.assign_device, d, machine_bdf); } -static inline int xsm_deassign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) +static inline int xsm_deassign_device(struct domain *d, uint32_t machine_bdf) { return alternative_call(xsm_ops.deassign_device, d, machine_bdf); } #endif /* HAS_PASSTHROUGH && HAS_PCI) */ #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE) -static inline int xsm_assign_dtdevice(xsm_default_t def, struct domain *d, - const char *dtpath) +static inline int xsm_assign_dtdevice(struct domain *d, const char *dtpath) { return alternative_call(xsm_ops.assign_dtdevice, d, dtpath); } -static inline int xsm_deassign_dtdevice(xsm_default_t def, struct domain *d, - const char *dtpath) +static inline int xsm_deassign_dtdevice(struct domain *d, const char *dtpath) { return alternative_call(xsm_ops.deassign_dtdevice, d, dtpath); } #endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE */ -static inline int xsm_resource_plug_pci (xsm_default_t def, uint32_t machine_bdf) +static inline int xsm_resource_plug_pci (uint32_t machine_bdf) { return alternative_call(xsm_ops.resource_plug_pci, machine_bdf); } -static inline int xsm_resource_unplug_pci (xsm_default_t def, uint32_t machine_bdf) +static inline int xsm_resource_unplug_pci (uint32_t machine_bdf) { return alternative_call(xsm_ops.resource_unplug_pci, machine_bdf); } -static inline int xsm_resource_plug_core (xsm_default_t def) +static inline int xsm_resource_plug_core (void) { return alternative_call(xsm_ops.resource_plug_core); } -static inline int xsm_resource_unplug_core (xsm_default_t def) +static inline int xsm_resource_unplug_core (void) { return alternative_call(xsm_ops.resource_unplug_core); } -static inline int xsm_resource_setup_pci (xsm_default_t def, uint32_t machine_bdf) +static inline int xsm_resource_setup_pci (uint32_t machine_bdf) { return alternative_call(xsm_ops.resource_setup_pci, machine_bdf); } -static inline int xsm_resource_setup_gsi (xsm_default_t def, int gsi) +static inline int xsm_resource_setup_gsi (int gsi) { return alternative_call(xsm_ops.resource_setup_gsi, gsi); } -static inline int xsm_resource_setup_misc (xsm_default_t def) +static inline int xsm_resource_setup_misc (void) { return alternative_call(xsm_ops.resource_setup_misc); } -static inline int xsm_page_offline(xsm_default_t def, uint32_t cmd) +static inline int xsm_page_offline(uint32_t cmd) { return alternative_call(xsm_ops.page_offline, cmd); } -static inline int xsm_hypfs_op(xsm_default_t def) +static inline int xsm_hypfs_op(void) { return alternative_call(xsm_ops.hypfs_op); } @@ -386,149 +384,149 @@ static inline int xsm_do_compat_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) } #endif -static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op) +static inline int xsm_hvm_param (struct domain *d, unsigned long op) { return alternative_call(xsm_ops.hvm_param, d, op); } -static inline int xsm_hvm_control(xsm_default_t def, struct domain *d, unsigned long op) +static inline int xsm_hvm_control(struct domain *d, unsigned long op) { return alternative_call(xsm_ops.hvm_control, d, op); } -static inline int xsm_hvm_param_altp2mhvm (xsm_default_t def, struct domain *d) +static inline int xsm_hvm_param_altp2mhvm (struct domain *d) { return alternative_call(xsm_ops.hvm_param_altp2mhvm, d); } -static inline int xsm_hvm_altp2mhvm_op (xsm_default_t def, struct domain *d, uint64_t mode, uint32_t op) +static inline int xsm_hvm_altp2mhvm_op (struct domain *d, uint64_t mode, uint32_t op) { return alternative_call(xsm_ops.hvm_altp2mhvm_op, d, mode, op); } -static inline int xsm_get_vnumainfo (xsm_default_t def, struct domain *d) +static inline int xsm_get_vnumainfo (struct domain *d) { return alternative_call(xsm_ops.get_vnumainfo, d); } -static inline int xsm_vm_event_control (xsm_default_t def, struct domain *d, int mode, int op) +static inline int xsm_vm_event_control (struct domain *d, int mode, int op) { return alternative_call(xsm_ops.vm_event_control, d, mode, op); } #ifdef CONFIG_MEM_ACCESS -static inline int xsm_mem_access (xsm_default_t def, struct domain *d) +static inline int xsm_mem_access (struct domain *d) { return alternative_call(xsm_ops.mem_access, d); } #endif #ifdef CONFIG_MEM_PAGING -static inline int xsm_mem_paging (xsm_default_t def, struct domain *d) +static inline int xsm_mem_paging (struct domain *d) { return alternative_call(xsm_ops.mem_paging, d); } #endif #ifdef CONFIG_MEM_SHARING -static inline int xsm_mem_sharing (xsm_default_t def, struct domain *d) +static inline int xsm_mem_sharing (struct domain *d) { return alternative_call(xsm_ops.mem_sharing, d); } #endif -static inline int xsm_platform_op (xsm_default_t def, uint32_t op) +static inline int xsm_platform_op (uint32_t op) { return alternative_call(xsm_ops.platform_op, op); } #ifdef CONFIG_X86 -static inline int xsm_do_mca(xsm_default_t def) +static inline int xsm_do_mca(void) { return alternative_call(xsm_ops.do_mca); } -static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, uint32_t op) +static inline int xsm_shadow_control (struct domain *d, uint32_t op) { return alternative_call(xsm_ops.shadow_control, d, op); } -static inline int xsm_mem_sharing_op (xsm_default_t def, struct domain *d, struct domain *cd, int op) +static inline int xsm_mem_sharing_op (struct domain *d, struct domain *cd, int op) { return alternative_call(xsm_ops.mem_sharing_op, d, cd, op); } -static inline int xsm_apic (xsm_default_t def, struct domain *d, int cmd) +static inline int xsm_apic (struct domain *d, int cmd) { return alternative_call(xsm_ops.apic, d, cmd); } -static inline int xsm_memtype (xsm_default_t def, uint32_t access) +static inline int xsm_memtype (uint32_t access) { return alternative_call(xsm_ops.memtype, access); } -static inline int xsm_machine_memory_map(xsm_default_t def) +static inline int xsm_machine_memory_map(void) { return alternative_call(xsm_ops.machine_memory_map); } -static inline int xsm_domain_memory_map(xsm_default_t def, struct domain *d) +static inline int xsm_domain_memory_map(struct domain *d) { return alternative_call(xsm_ops.domain_memory_map, d); } -static inline int xsm_mmu_update (xsm_default_t def, struct domain *d, struct domain *t, +static inline int xsm_mmu_update (struct domain *d, struct domain *t, struct domain *f, uint32_t flags) { return alternative_call(xsm_ops.mmu_update, d, t, f, flags); } -static inline int xsm_mmuext_op (xsm_default_t def, struct domain *d, struct domain *f) +static inline int xsm_mmuext_op (struct domain *d, struct domain *f) { return alternative_call(xsm_ops.mmuext_op, d, f); } -static inline int xsm_update_va_mapping(xsm_default_t def, struct domain *d, struct domain *f, +static inline int xsm_update_va_mapping(struct domain *d, struct domain *f, l1_pgentry_t pte) { /* pte(struct) is being passed by value, alternative_call does not support */ return xsm_ops.update_va_mapping(d, f, pte); } -static inline int xsm_priv_mapping(xsm_default_t def, struct domain *d, struct domain *t) +static inline int xsm_priv_mapping(struct domain *d, struct domain *t) { return alternative_call(xsm_ops.priv_mapping, d, t); } -static inline int xsm_ioport_permission (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return alternative_call(xsm_ops.ioport_permission, d, s, e, allow); } -static inline int xsm_ioport_mapping (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static inline int xsm_ioport_mapping (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return alternative_call(xsm_ops.ioport_mapping, d, s, e, allow); } -static inline int xsm_pmu_op (xsm_default_t def, struct domain *d, unsigned int op) +static inline int xsm_pmu_op (struct domain *d, unsigned int op) { return alternative_call(xsm_ops.pmu_op, d, op); } #endif /* CONFIG_X86 */ -static inline int xsm_dm_op(xsm_default_t def, struct domain *d) +static inline int xsm_dm_op(struct domain *d) { return alternative_call(xsm_ops.dm_op, d); } -static inline int xsm_xen_version (xsm_default_t def, uint32_t op) +static inline int xsm_xen_version (uint32_t op) { return alternative_call(xsm_ops.xen_version, op); } -static inline int xsm_domain_resource_map(xsm_default_t def, struct domain *d) +static inline int xsm_domain_resource_map(struct domain *d) { return alternative_call(xsm_ops.domain_resource_map, d); } From patchwork Thu Jun 17 23:39:17 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Daniel P. Smith" X-Patchwork-Id: 12329749 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1765BC2B9F4 for ; Thu, 17 Jun 2021 23:36:36 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A48E761184 for ; Thu, 17 Jun 2021 23:36:35 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A48E761184 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=apertussolutions.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.144258.265575 (Exim 4.92) (envelope-from ) id 1lu1Yi-00086d-50; Thu, 17 Jun 2021 23:36:28 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 144258.265575; Thu, 17 Jun 2021 23:36:28 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lu1Yi-00086W-1Y; Thu, 17 Jun 2021 23:36:28 +0000 Received: by outflank-mailman (input) for mailman id 144258; Thu, 17 Jun 2021 23:36:26 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lu1Yg-00086O-PB for xen-devel@lists.xenproject.org; Thu, 17 Jun 2021 23:36:26 +0000 Received: from sender4-of-o51.zoho.com (unknown [136.143.188.51]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 9e289d77-0837-4882-be88-3404faa77fa4; Thu, 17 Jun 2021 23:36:24 +0000 (UTC) Received: from sisyou.hme. (static-72-81-132-2.bltmmd.fios.verizon.net [72.81.132.2]) by mx.zohomail.com with SMTPS id 1623972584427795.5441509630786; Thu, 17 Jun 2021 16:29:44 -0700 (PDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 9e289d77-0837-4882-be88-3404faa77fa4 ARC-Seal: i=1; a=rsa-sha256; t=1623972585; cv=none; d=zohomail.com; s=zohoarc; b=BzEmUufKJmj0NP4I00nmdAkwfhR4QBHQyztN+EpRg3PRKhKzz3noO22qNPkY0+hm712SwcCQSPwOMAJr10Og2iKAHg1MZj/f4mbODGMBEf9RYyTojornls4rFbSUjrNGfVWa+u0a6jpgik5vfmKJtWQLyj9Ke2dOSU+SK8HLFTI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1623972585; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=v73LsupKsfH+ao4v4x80PpCg92qeO8L0WSQm41NcNK4=; b=agvYgk/iFaV7saOViF0qC33OMoadmwSmGnLWC4S29mTv6hH8t2xE36MvVonCTBIHgfPOvWa9RTN5eS/fluoNZy49pFySOLA0KCrccTmFpRtWvrKJKTpggqsSi5BuGTNnWNbnVjaUT7ia6OsBzxVcgUBXD285hptWZzFqvaka8tc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@apertussolutions.com; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1623972585; s=zoho; d=apertussolutions.com; i=dpsmith@apertussolutions.com; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding; bh=v73LsupKsfH+ao4v4x80PpCg92qeO8L0WSQm41NcNK4=; b=eZy1zaiiEtUtY+ndSfX//XV97UQFpH34sjhltS+gflEZ+A5hRSVwdemEUWkVaAf8 6Yur9wDtqdyq+TrHiVT56tckYfKJYe5B50fHGidg98Mn9k9onkdPk5f2ursi9fJKBN/ 4azcw0x+AQAZwXVW026l7q814Im48QcxsOJ8myco= From: "Daniel P. Smith" To: xen-devel@lists.xenproject.org Cc: Stefano Stabellini , Julien Grall , Volodymyr Babchuk , Andrew Cooper , George Dunlap , Ian Jackson , Jan Beulich , Wei Liu , =?utf-8?q?Roger_Pau_?= =?utf-8?q?Monn=C3=A9?= , Tamas K Lengyel , Tim Deegan , Juergen Gross , Alexandru Isaila , Petre Pircalabu , Dario Faggioli , Paul Durrant , Daniel De Graaf , persaur@gmail.com, christopher.w.clark@gmail.com, adam.schwalm@starlab.io, scott.davis@starlab.io Subject: [PATCH 5/6] xsm: expanding function related macros in dummy.h Date: Thu, 17 Jun 2021 19:39:17 -0400 Message-Id: <20210617233918.10095-6-dpsmith@apertussolutions.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210617233918.10095-1-dpsmith@apertussolutions.com> References: <20210617233918.10095-1-dpsmith@apertussolutions.com> MIME-Version: 1.0 X-ZohoMailClient: External With the elimination of switching how dummy.h gets included, the function declaration macros are no longer necessary. This commit expands them out to the only value for which they will ever be set. This results in function declaration lengths changing and since some definitions did not even follow the 80 column wrapping style, all function definitions were aligned with the predominate style that is used in the hypervisor code. Signed-off-by: Daniel P. Smith --- xen/xsm/dummy.h | 274 +++++++++++++++++++++++++++--------------------- 1 file changed, 153 insertions(+), 121 deletions(-) diff --git a/xen/xsm/dummy.h b/xen/xsm/dummy.h index 7e2bb09dac..0f8ea163af 100644 --- a/xen/xsm/dummy.h +++ b/xen/xsm/dummy.h @@ -9,7 +9,7 @@ * * * Each XSM hook implementing an access check should have its first parameter - * preceded by XSM_DEFAULT_ARG (or use XSM_DEFAULT_VOID if it has no + * preceded by (or use XSM_DEFAULT_VOID if it has no * arguments). The first non-declaration statement shold be XSM_ASSERT_ACTION * with the expected type of the hook, which will either define or check the * value of action. @@ -47,14 +47,12 @@ void __xsm_action_mismatch_detected(void); * xsm_default_t argument available, so the value from the assertion is used to * initialize the variable. */ -#define XSM_INLINE __maybe_unused - -#define XSM_DEFAULT_ARG /* */ #define XSM_DEFAULT_VOID void #define XSM_ASSERT_ACTION(def) xsm_default_t action = def; (void)action -static always_inline int xsm_default_action( - xsm_default_t action, struct domain *src, struct domain *target) +static always_inline int xsm_default_action(xsm_default_t action, + struct domain *src, + struct domain *target) { switch ( action ) { case XSM_HOOK: @@ -82,43 +80,43 @@ static always_inline int xsm_default_action( } } -static XSM_INLINE void dummy_security_domaininfo(struct domain *d, +static __maybe_unused void dummy_security_domaininfo(struct domain *d, struct xen_domctl_getdomaininfo *info) { return; } -static XSM_INLINE int dummy_domain_create(XSM_DEFAULT_ARG struct domain *d, u32 ssidref) +static __maybe_unused int dummy_domain_create(struct domain *d, u32 ssidref) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_getdomaininfo(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_getdomaininfo(struct domain *d) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_domctl_scheduler_op(XSM_DEFAULT_ARG struct domain *d, int cmd) +static __maybe_unused int dummy_domctl_scheduler_op(struct domain *d, int cmd) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_sysctl_scheduler_op(XSM_DEFAULT_ARG int cmd) +static __maybe_unused int dummy_sysctl_scheduler_op(int cmd) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_set_target(XSM_DEFAULT_ARG struct domain *d, struct domain *e) +static __maybe_unused int dummy_set_target(struct domain *d, struct domain *e) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_domctl(XSM_DEFAULT_ARG struct domain *d, int cmd) +static __maybe_unused int dummy_domctl(struct domain *d, int cmd) { XSM_ASSERT_ACTION(XSM_OTHER); switch ( cmd ) @@ -135,85 +133,91 @@ static XSM_INLINE int dummy_domctl(XSM_DEFAULT_ARG struct domain *d, int cmd) } } -static XSM_INLINE int dummy_sysctl(XSM_DEFAULT_ARG int cmd) +static __maybe_unused int dummy_sysctl(int cmd) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_readconsole(XSM_DEFAULT_ARG uint32_t clear) +static __maybe_unused int dummy_readconsole(uint32_t clear) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_alloc_security_domain(struct domain *d) +static __maybe_unused int dummy_alloc_security_domain(struct domain *d) { return 0; } -static XSM_INLINE void dummy_free_security_domain(struct domain *d) +static __maybe_unused void dummy_free_security_domain(struct domain *d) { return; } -static XSM_INLINE int dummy_grant_mapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, - uint32_t flags) +static __maybe_unused int dummy_grant_mapref(struct domain *d1, + struct domain *d2, + uint32_t flags) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int dummy_grant_unmapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static __maybe_unused int dummy_grant_unmapref(struct domain *d1, + struct domain *d2) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int dummy_grant_setup(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static __maybe_unused int dummy_grant_setup(struct domain *d1, + struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int dummy_grant_transfer(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static __maybe_unused int dummy_grant_transfer(struct domain *d1, + struct domain *d2) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int dummy_grant_copy(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static __maybe_unused int dummy_grant_copy(struct domain *d1, struct domain *d2) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int dummy_grant_query_size(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static __maybe_unused int dummy_grant_query_size(struct domain *d1, + struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int dummy_memory_exchange(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_memory_exchange(struct domain *d) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_memory_adjust_reservation(XSM_DEFAULT_ARG struct domain *d1, - struct domain *d2) +static __maybe_unused int dummy_memory_adjust_reservation(struct domain *d1, + struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int dummy_memory_stat_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static __maybe_unused int dummy_memory_stat_reservation(struct domain *d1, + struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int dummy_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd) +static __maybe_unused int dummy_console_io(struct domain *d, int cmd) { XSM_ASSERT_ACTION(XSM_OTHER); if ( d->is_console ) @@ -225,129 +229,140 @@ static XSM_INLINE int dummy_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd return xsm_default_action(XSM_PRIV, d, NULL); } -static XSM_INLINE int dummy_profile(XSM_DEFAULT_ARG struct domain *d, int op) +static __maybe_unused int dummy_profile(struct domain *d, int op) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d, NULL); } -static XSM_INLINE int dummy_kexec(XSM_DEFAULT_VOID) +static __maybe_unused int dummy_kexec(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_schedop_shutdown(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static __maybe_unused int dummy_schedop_shutdown(struct domain *d1, + struct domain *d2) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int dummy_memory_pin_page(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, - struct page_info *page) +static __maybe_unused int dummy_memory_pin_page(struct domain *d1, + struct domain *d2, + struct page_info *page) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int dummy_claim_pages(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_claim_pages(struct domain *d) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_evtchn_unbound(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn, - domid_t id2) +static __maybe_unused int dummy_evtchn_unbound(struct domain *d, + struct evtchn *chn, + domid_t id2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_evtchn_interdomain(XSM_DEFAULT_ARG struct domain *d1, struct evtchn - *chan1, struct domain *d2, struct evtchn *chan2) +static __maybe_unused int dummy_evtchn_interdomain(struct domain *d1, + struct evtchn *chan1, + struct domain *d2, + struct evtchn *chan2) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d1, d2); } -static XSM_INLINE void dummy_evtchn_close_post(struct evtchn *chn) +static __maybe_unused void dummy_evtchn_close_post(struct evtchn *chn) { return; } -static XSM_INLINE int dummy_evtchn_send(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) +static __maybe_unused int dummy_evtchn_send(struct domain *d, + struct evtchn *chn) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, d, NULL); } -static XSM_INLINE int dummy_evtchn_status(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) +static __maybe_unused int dummy_evtchn_status(struct domain *d, + struct evtchn *chn) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_evtchn_reset(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static __maybe_unused int dummy_evtchn_reset(struct domain *d1, + struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int dummy_alloc_security_evtchns( - struct evtchn chn[], unsigned int nr) +static __maybe_unused int dummy_alloc_security_evtchns(struct evtchn chn[], + unsigned int nr) { return 0; } -static XSM_INLINE void dummy_free_security_evtchns( - struct evtchn chn[], unsigned int nr) +static __maybe_unused void dummy_free_security_evtchns(struct evtchn chn[], + unsigned int nr) { return; } -static XSM_INLINE char *dummy_show_security_evtchn(struct domain *d, const struct evtchn *chn) +static __maybe_unused char *dummy_show_security_evtchn(struct domain *d, + const struct evtchn *chn) { return NULL; } -static XSM_INLINE int dummy_init_hardware_domain(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_init_hardware_domain(struct domain *d) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_get_pod_target(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_get_pod_target(struct domain *d) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_set_pod_target(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_set_pod_target(struct domain *d) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_get_vnumainfo(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_get_vnumainfo(struct domain *d) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, current->domain, d); } #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) -static XSM_INLINE int dummy_get_device_group(XSM_DEFAULT_ARG uint32_t machine_bdf) +static __maybe_unused int dummy_get_device_group(uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_assign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) +static __maybe_unused int dummy_assign_device(struct domain *d, + uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_deassign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) +static __maybe_unused int dummy_deassign_device(struct domain *d, + uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); @@ -356,15 +371,15 @@ static XSM_INLINE int dummy_deassign_device(XSM_DEFAULT_ARG struct domain *d, ui #endif /* HAS_PASSTHROUGH && HAS_PCI */ #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE) -static XSM_INLINE int dummy_assign_dtdevice(XSM_DEFAULT_ARG struct domain *d, - const char *dtpath) +static __maybe_unused int dummy_assign_dtdevice(struct domain *d, + const char *dtpath) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_deassign_dtdevice(XSM_DEFAULT_ARG struct domain *d, - const char *dtpath) +static __maybe_unused int dummy_deassign_dtdevice(struct domain *d, + const char *dtpath) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); @@ -372,178 +387,190 @@ static XSM_INLINE int dummy_deassign_dtdevice(XSM_DEFAULT_ARG struct domain *d, #endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE */ -static XSM_INLINE int dummy_resource_plug_core(XSM_DEFAULT_VOID) +static __maybe_unused int dummy_resource_plug_core(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_resource_unplug_core(XSM_DEFAULT_VOID) +static __maybe_unused int dummy_resource_unplug_core(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_resource_plug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) +static __maybe_unused int dummy_resource_plug_pci(uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_resource_unplug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) +static __maybe_unused int dummy_resource_unplug_pci(uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_resource_setup_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) +static __maybe_unused int dummy_resource_setup_pci(uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_resource_setup_gsi(XSM_DEFAULT_ARG int gsi) +static __maybe_unused int dummy_resource_setup_gsi(int gsi) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_resource_setup_misc(XSM_DEFAULT_VOID) +static __maybe_unused int dummy_resource_setup_misc(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_page_offline(XSM_DEFAULT_ARG uint32_t cmd) +static __maybe_unused int dummy_page_offline(uint32_t cmd) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_hypfs_op(XSM_DEFAULT_VOID) +static __maybe_unused int dummy_hypfs_op(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE long dummy_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) +static __maybe_unused long dummy_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return -ENOSYS; } #ifdef CONFIG_COMPAT -static XSM_INLINE int dummy_do_compat_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) +static __maybe_unused int dummy_do_compat_op( + XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return -ENOSYS; } #endif -static XSM_INLINE char *dummy_show_irq_sid(int irq) +static __maybe_unused char *dummy_show_irq_sid(int irq) { return NULL; } -static XSM_INLINE int dummy_map_domain_pirq(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_map_domain_pirq(struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_map_domain_irq(XSM_DEFAULT_ARG struct domain *d, - int irq, const void *data) +static __maybe_unused int dummy_map_domain_irq(struct domain *d, int irq, + const void *data) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_unmap_domain_pirq(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_unmap_domain_pirq(struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_bind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) +static __maybe_unused int dummy_bind_pt_irq(struct domain *d, + struct xen_domctl_bind_pt_irq *bind) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_unbind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) +static __maybe_unused int dummy_unbind_pt_irq(struct domain *d, + struct xen_domctl_bind_pt_irq *bind) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_unmap_domain_irq(XSM_DEFAULT_ARG struct domain *d, - int irq, const void *data) +static __maybe_unused int dummy_unmap_domain_irq(struct domain *d, int irq, + const void *data) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_irq_permission(XSM_DEFAULT_ARG struct domain *d, int pirq, uint8_t allow) +static __maybe_unused int dummy_irq_permission(struct domain *d, int pirq, + uint8_t allow) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_iomem_permission(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static __maybe_unused int dummy_iomem_permission(struct domain *d, uint64_t s, + uint64_t e, uint8_t allow) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_iomem_mapping(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static __maybe_unused int dummy_iomem_mapping(struct domain *d, uint64_t s, + uint64_t e, uint8_t allow) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_pci_config_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf, - uint16_t start, uint16_t end, - uint8_t access) +static __maybe_unused int dummy_pci_config_permission(struct domain *d, + uint32_t machine_bdf, + uint16_t start, + uint16_t end, + uint8_t access) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_add_to_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static __maybe_unused int dummy_add_to_physmap(struct domain *d1, + struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int dummy_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +static __maybe_unused int dummy_remove_from_physmap(struct domain *d1, + struct domain *d2) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d1, d2); } -static XSM_INLINE int dummy_map_gmfn_foreign(XSM_DEFAULT_ARG struct domain *d, struct domain *t) +static __maybe_unused int dummy_map_gmfn_foreign(struct domain *d, + struct domain *t) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d, t); } -static XSM_INLINE int dummy_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned long op) +static __maybe_unused int dummy_hvm_param(struct domain *d, unsigned long op) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_hvm_control(XSM_DEFAULT_ARG struct domain *d, unsigned long op) +static __maybe_unused int dummy_hvm_control(struct domain *d, unsigned long op) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_hvm_param_altp2mhvm(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_hvm_param_altp2mhvm(struct domain *d) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_hvm_altp2mhvm_op(XSM_DEFAULT_ARG struct domain *d, uint64_t mode, uint32_t op) +static __maybe_unused int dummy_hvm_altp2mhvm_op(struct domain *d, + uint64_t mode, uint32_t op) { XSM_ASSERT_ACTION(XSM_OTHER); @@ -562,14 +589,15 @@ static XSM_INLINE int dummy_hvm_altp2mhvm_op(XSM_DEFAULT_ARG struct domain *d, u } } -static XSM_INLINE int dummy_vm_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op) +static __maybe_unused int dummy_vm_event_control(struct domain *d, int mode, + int op) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, d); } #ifdef CONFIG_MEM_ACCESS -static XSM_INLINE int dummy_mem_access(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_mem_access(struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); @@ -577,7 +605,7 @@ static XSM_INLINE int dummy_mem_access(XSM_DEFAULT_ARG struct domain *d) #endif #ifdef CONFIG_MEM_PAGING -static XSM_INLINE int dummy_mem_paging(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_mem_paging(struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); @@ -585,58 +613,59 @@ static XSM_INLINE int dummy_mem_paging(XSM_DEFAULT_ARG struct domain *d) #endif #ifdef CONFIG_MEM_SHARING -static XSM_INLINE int dummy_mem_sharing(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_mem_sharing(struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); } #endif -static XSM_INLINE int dummy_platform_op(XSM_DEFAULT_ARG uint32_t op) +static __maybe_unused int dummy_platform_op(uint32_t op) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } #ifdef CONFIG_X86 -static XSM_INLINE int dummy_do_mca(XSM_DEFAULT_VOID) +static __maybe_unused int dummy_do_mca(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op) +static __maybe_unused int dummy_shadow_control(struct domain *d, uint32_t op) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_mem_sharing_op(XSM_DEFAULT_ARG struct domain *d, struct domain *cd, int op) +static __maybe_unused int dummy_mem_sharing_op(struct domain *d, + struct domain *cd, int op) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, cd); } -static XSM_INLINE int dummy_apic(XSM_DEFAULT_ARG struct domain *d, int cmd) +static __maybe_unused int dummy_apic(struct domain *d, int cmd) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, d, NULL); } -static XSM_INLINE int dummy_machine_memory_map(XSM_DEFAULT_VOID) +static __maybe_unused int dummy_machine_memory_map(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_PRIV); return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int dummy_domain_memory_map(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_domain_memory_map(struct domain *d) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct domain *t, - struct domain *f, uint32_t flags) +static __maybe_unused int dummy_mmu_update(struct domain *d, struct domain *t, + struct domain *f, uint32_t flags) { int rc = 0; XSM_ASSERT_ACTION(XSM_TARGET); @@ -647,38 +676,41 @@ static XSM_INLINE int dummy_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct return rc; } -static XSM_INLINE int dummy_mmuext_op(XSM_DEFAULT_ARG struct domain *d, struct domain *f) +static __maybe_unused int dummy_mmuext_op(struct domain *d, struct domain *f) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d, f); } -static XSM_INLINE int dummy_update_va_mapping(XSM_DEFAULT_ARG struct domain *d, struct domain *f, - l1_pgentry_t pte) +static __maybe_unused int dummy_update_va_mapping(struct domain *d, + struct domain *f, + l1_pgentry_t pte) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d, f); } -static XSM_INLINE int dummy_priv_mapping(XSM_DEFAULT_ARG struct domain *d, struct domain *t) +static __maybe_unused int dummy_priv_mapping(struct domain *d, struct domain *t) { XSM_ASSERT_ACTION(XSM_TARGET); return xsm_default_action(action, d, t); } -static XSM_INLINE int dummy_ioport_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static __maybe_unused int dummy_ioport_permission(struct domain *d, uint32_t s, + uint32_t e, uint8_t allow) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_ioport_mapping(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static __maybe_unused int dummy_ioport_mapping(struct domain *d, uint32_t s, + uint32_t e, uint8_t allow) { XSM_ASSERT_ACTION(XSM_HOOK); return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int dummy_pmu_op (XSM_DEFAULT_ARG struct domain *d, unsigned int op) +static __maybe_unused int dummy_pmu_op (struct domain *d, unsigned int op) { XSM_ASSERT_ACTION(XSM_OTHER); switch ( op ) @@ -695,31 +727,31 @@ static XSM_INLINE int dummy_pmu_op (XSM_DEFAULT_ARG struct domain *d, unsigned i #endif /* CONFIG_X86 */ -static XSM_INLINE int dummy_dm_op(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_dm_op(struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); } #ifdef CONFIG_ARGO -static XSM_INLINE int dummy_argo_enable(const struct domain *d) +static __maybe_unused int dummy_argo_enable(const struct domain *d) { return 0; } -static XSM_INLINE int dummy_argo_register_single_source(const struct domain *d, - const struct domain *t) +static __maybe_unused int dummy_argo_register_single_source(const struct domain *d, + const struct domain *t) { return 0; } -static XSM_INLINE int dummy_argo_register_any_source(const struct domain *d) +static __maybe_unused int dummy_argo_register_any_source(const struct domain *d) { return 0; } -static XSM_INLINE int dummy_argo_send(const struct domain *d, - const struct domain *t) +static __maybe_unused int dummy_argo_send(const struct domain *d, + const struct domain *t) { return 0; } @@ -727,7 +759,7 @@ static XSM_INLINE int dummy_argo_send(const struct domain *d, #endif /* CONFIG_ARGO */ #include -static XSM_INLINE int dummy_xen_version (XSM_DEFAULT_ARG uint32_t op) +static __maybe_unused int dummy_xen_version(uint32_t op) { XSM_ASSERT_ACTION(XSM_OTHER); switch ( op ) @@ -751,7 +783,7 @@ static XSM_INLINE int dummy_xen_version (XSM_DEFAULT_ARG uint32_t op) } } -static XSM_INLINE int dummy_domain_resource_map(XSM_DEFAULT_ARG struct domain *d) +static __maybe_unused int dummy_domain_resource_map(struct domain *d) { XSM_ASSERT_ACTION(XSM_DM_PRIV); return xsm_default_action(action, current->domain, d); From patchwork Thu Jun 17 23:39:18 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Daniel P. Smith" X-Patchwork-Id: 12329751 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id F345CC2B9F4 for ; Thu, 17 Jun 2021 23:37:05 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 99FE961369 for ; Thu, 17 Jun 2021 23:37:05 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 99FE961369 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=apertussolutions.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.144264.265586 (Exim 4.92) (envelope-from ) id 1lu1ZC-0000K3-IN; Thu, 17 Jun 2021 23:36:58 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 144264.265586; Thu, 17 Jun 2021 23:36:58 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lu1ZC-0000Jw-FI; Thu, 17 Jun 2021 23:36:58 +0000 Received: by outflank-mailman (input) for mailman id 144264; Thu, 17 Jun 2021 23:36:56 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lu1ZA-0000JT-Lg for xen-devel@lists.xenproject.org; Thu, 17 Jun 2021 23:36:56 +0000 Received: from sender4-of-o51.zoho.com (unknown [136.143.188.51]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id cda7e63c-4b33-4129-a64b-357815c15e21; Thu, 17 Jun 2021 23:36:54 +0000 (UTC) Received: from sisyou.hme. (static-72-81-132-2.bltmmd.fios.verizon.net [72.81.132.2]) by mx.zohomail.com with SMTPS id 1623972586949895.2181897487453; Thu, 17 Jun 2021 16:29:46 -0700 (PDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: cda7e63c-4b33-4129-a64b-357815c15e21 ARC-Seal: i=1; a=rsa-sha256; t=1623972589; cv=none; d=zohomail.com; s=zohoarc; b=d/t4QKafbLsPUbZW/WSVybnT5njvJhUqeMPsqKp81viwStE+ZFxwDsLzDzxs3scW60uB74oNdQ2Rzgat6RAq/Rkuqp+PoVyF41W3cJMjMKLwiN1Sln3N3kwYjHunGpageBsyf2dfe8NWxb9gOIlOrGmD062ix4ME6gjOEMFNFcE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1623972589; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=YFu+rVtA5VrwxbGKXPK/7zCv7ouqRqBTHwPWaZOrI9E=; b=XYx3F0JTqXMkA5SbqkBGKWUaXyQIbxf78SBhr4stGX6hh/h1DvXX8HHEfVHcgA7D0SJX4jwEsdjsNYOcrioKx86p2KJ61khdEjk+KTbWj/LAwiv/i7SmKCa/5OX02tLc4R27oqEMnyY2kiwpJ9Tcw+lByCYXDCxH42Raj8LLCvg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@apertussolutions.com; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1623972589; s=zoho; d=apertussolutions.com; i=dpsmith@apertussolutions.com; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding; bh=YFu+rVtA5VrwxbGKXPK/7zCv7ouqRqBTHwPWaZOrI9E=; b=CTE1RiWznXVFL256Of++6nzl4gL58D9d+O5SM0vlwXjeIpslqW0oTnSD3dGmCoAF TUw7jtSAfgF6E+FlRHUqp/3U+U9/9ZUD7vaiMrSazo6hPn0RIgnTtOuGyYYh0/4VnGQ ZjA4PiaDHk980cK2f9NS5voEV3e9zjR8QzyHgaSA= From: "Daniel P. Smith" To: xen-devel@lists.xenproject.org Cc: Stefano Stabellini , Julien Grall , Volodymyr Babchuk , Andrew Cooper , George Dunlap , Ian Jackson , Jan Beulich , Wei Liu , =?utf-8?q?Roger_Pau_?= =?utf-8?q?Monn=C3=A9?= , Tamas K Lengyel , Tim Deegan , Juergen Gross , Alexandru Isaila , Petre Pircalabu , Dario Faggioli , Paul Durrant , Daniel De Graaf , persaur@gmail.com, christopher.w.clark@gmail.com, adam.schwalm@starlab.io, scott.davis@starlab.io Subject: [PATCH 6/6] xsm: removing the XSM_ASSERT_ACTION macro Date: Thu, 17 Jun 2021 19:39:18 -0400 Message-Id: <20210617233918.10095-7-dpsmith@apertussolutions.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210617233918.10095-1-dpsmith@apertussolutions.com> References: <20210617233918.10095-1-dpsmith@apertussolutions.com> MIME-Version: 1.0 X-ZohoMailClient: External With the eliminations of default priv from all the XSM hook call sites, this renders the XSM_ASSERT_ACTION macro unneeded. This commit cleans up all the dummy hooks, removing the macro. Signed-off-by: Daniel P. Smith --- xen/xsm/dummy.h | 253 +++++++++++++++--------------------------------- 1 file changed, 80 insertions(+), 173 deletions(-) diff --git a/xen/xsm/dummy.h b/xen/xsm/dummy.h index 0f8ea163af..1a9a6b2935 100644 --- a/xen/xsm/dummy.h +++ b/xen/xsm/dummy.h @@ -6,13 +6,6 @@ * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, * as published by the Free Software Foundation. - * - * - * Each XSM hook implementing an access check should have its first parameter - * preceded by (or use XSM_DEFAULT_VOID if it has no - * arguments). The first non-declaration statement shold be XSM_ASSERT_ACTION - * with the expected type of the hook, which will either define or check the - * value of action. */ #include @@ -48,7 +41,6 @@ void __xsm_action_mismatch_detected(void); * initialize the variable. */ #define XSM_DEFAULT_VOID void -#define XSM_ASSERT_ACTION(def) xsm_default_t action = def; (void)action static always_inline int xsm_default_action(xsm_default_t action, struct domain *src, @@ -88,37 +80,31 @@ static __maybe_unused void dummy_security_domaininfo(struct domain *d, static __maybe_unused int dummy_domain_create(struct domain *d, u32 ssidref) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_getdomaininfo(struct domain *d) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_domctl_scheduler_op(struct domain *d, int cmd) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_sysctl_scheduler_op(int cmd) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_HOOK, current->domain, NULL); } static __maybe_unused int dummy_set_target(struct domain *d, struct domain *e) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_HOOK, current->domain, NULL); } static __maybe_unused int dummy_domctl(struct domain *d, int cmd) { - XSM_ASSERT_ACTION(XSM_OTHER); switch ( cmd ) { case XEN_DOMCTL_ioport_mapping: @@ -135,14 +121,12 @@ static __maybe_unused int dummy_domctl(struct domain *d, int cmd) static __maybe_unused int dummy_sysctl(int cmd) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_PRIV, current->domain, NULL); } static __maybe_unused int dummy_readconsole(uint32_t clear) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_HOOK, current->domain, NULL); } static __maybe_unused int dummy_alloc_security_domain(struct domain *d) @@ -159,67 +143,57 @@ static __maybe_unused int dummy_grant_mapref(struct domain *d1, struct domain *d2, uint32_t flags) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_HOOK, d1, d2); } static __maybe_unused int dummy_grant_unmapref(struct domain *d1, struct domain *d2) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_HOOK, d1, d2); } static __maybe_unused int dummy_grant_setup(struct domain *d1, struct domain *d2) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_TARGET, d1, d2); } static __maybe_unused int dummy_grant_transfer(struct domain *d1, struct domain *d2) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_HOOK, d1, d2); } static __maybe_unused int dummy_grant_copy(struct domain *d1, struct domain *d2) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_HOOK, d1, d2); } static __maybe_unused int dummy_grant_query_size(struct domain *d1, struct domain *d2) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_TARGET, d1, d2); } static __maybe_unused int dummy_memory_exchange(struct domain *d) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_TARGET, current->domain, d); } static __maybe_unused int dummy_memory_adjust_reservation(struct domain *d1, struct domain *d2) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_TARGET, d1, d2); } static __maybe_unused int dummy_memory_stat_reservation(struct domain *d1, struct domain *d2) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_TARGET, d1, d2); } static __maybe_unused int dummy_console_io(struct domain *d, int cmd) { - XSM_ASSERT_ACTION(XSM_OTHER); if ( d->is_console ) return xsm_default_action(XSM_HOOK, d, NULL); #ifdef CONFIG_VERBOSE_DEBUG @@ -231,43 +205,37 @@ static __maybe_unused int dummy_console_io(struct domain *d, int cmd) static __maybe_unused int dummy_profile(struct domain *d, int op) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, d, NULL); + return xsm_default_action(XSM_HOOK, d, NULL); } static __maybe_unused int dummy_kexec(XSM_DEFAULT_VOID) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_PRIV, current->domain, NULL); } static __maybe_unused int dummy_schedop_shutdown(struct domain *d1, struct domain *d2) { - XSM_ASSERT_ACTION(XSM_DM_PRIV); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_PRIV, d1, d2); } static __maybe_unused int dummy_memory_pin_page(struct domain *d1, struct domain *d2, struct page_info *page) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_HOOK, d1, d2); } static __maybe_unused int dummy_claim_pages(struct domain *d) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_PRIV, current->domain, d); } static __maybe_unused int dummy_evtchn_unbound(struct domain *d, struct evtchn *chn, domid_t id2) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_TARGET, current->domain, d); } static __maybe_unused int dummy_evtchn_interdomain(struct domain *d1, @@ -275,8 +243,7 @@ static __maybe_unused int dummy_evtchn_interdomain(struct domain *d1, struct domain *d2, struct evtchn *chan2) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_HOOK, d1, d2); } static __maybe_unused void dummy_evtchn_close_post(struct evtchn *chn) @@ -287,22 +254,19 @@ static __maybe_unused void dummy_evtchn_close_post(struct evtchn *chn) static __maybe_unused int dummy_evtchn_send(struct domain *d, struct evtchn *chn) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, d, NULL); + return xsm_default_action(XSM_HOOK, d, NULL); } static __maybe_unused int dummy_evtchn_status(struct domain *d, struct evtchn *chn) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_TARGET, current->domain, d); } static __maybe_unused int dummy_evtchn_reset(struct domain *d1, struct domain *d2) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_TARGET, d1, d2); } static __maybe_unused int dummy_alloc_security_evtchns(struct evtchn chn[], @@ -325,47 +289,40 @@ static __maybe_unused char *dummy_show_security_evtchn(struct domain *d, static __maybe_unused int dummy_init_hardware_domain(struct domain *d) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_get_pod_target(struct domain *d) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_PRIV, current->domain, d); } static __maybe_unused int dummy_set_pod_target(struct domain *d) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_PRIV, current->domain, d); } static __maybe_unused int dummy_get_vnumainfo(struct domain *d) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_TARGET, current->domain, d); } #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) static __maybe_unused int dummy_get_device_group(uint32_t machine_bdf) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_HOOK, current->domain, NULL); } static __maybe_unused int dummy_assign_device(struct domain *d, uint32_t machine_bdf) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_deassign_device(struct domain *d, uint32_t machine_bdf) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } #endif /* HAS_PASSTHROUGH && HAS_PCI */ @@ -374,71 +331,60 @@ static __maybe_unused int dummy_deassign_device(struct domain *d, static __maybe_unused int dummy_assign_dtdevice(struct domain *d, const char *dtpath) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_deassign_dtdevice(struct domain *d, const char *dtpath) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } #endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE */ static __maybe_unused int dummy_resource_plug_core(XSM_DEFAULT_VOID) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_HOOK, current->domain, NULL); } static __maybe_unused int dummy_resource_unplug_core(XSM_DEFAULT_VOID) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_HOOK, current->domain, NULL); } static __maybe_unused int dummy_resource_plug_pci(uint32_t machine_bdf) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_PRIV, current->domain, NULL); } static __maybe_unused int dummy_resource_unplug_pci(uint32_t machine_bdf) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_PRIV, current->domain, NULL); } static __maybe_unused int dummy_resource_setup_pci(uint32_t machine_bdf) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_PRIV, current->domain, NULL); } static __maybe_unused int dummy_resource_setup_gsi(int gsi) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_PRIV, current->domain, NULL); } static __maybe_unused int dummy_resource_setup_misc(XSM_DEFAULT_VOID) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_PRIV, current->domain, NULL); } static __maybe_unused int dummy_page_offline(uint32_t cmd) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_HOOK, current->domain, NULL); } static __maybe_unused int dummy_hypfs_op(XSM_DEFAULT_VOID) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_PRIV, current->domain, NULL); } static __maybe_unused long dummy_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) @@ -461,63 +407,54 @@ static __maybe_unused char *dummy_show_irq_sid(int irq) static __maybe_unused int dummy_map_domain_pirq(struct domain *d) { - XSM_ASSERT_ACTION(XSM_DM_PRIV); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_DM_PRIV, current->domain, d); } static __maybe_unused int dummy_map_domain_irq(struct domain *d, int irq, const void *data) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_unmap_domain_pirq(struct domain *d) { - XSM_ASSERT_ACTION(XSM_DM_PRIV); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_DM_PRIV, current->domain, d); } static __maybe_unused int dummy_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_unbind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_unmap_domain_irq(struct domain *d, int irq, const void *data) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_irq_permission(struct domain *d, int pirq, uint8_t allow) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_iomem_permission(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_iomem_mapping(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_pci_config_permission(struct domain *d, @@ -526,54 +463,45 @@ static __maybe_unused int dummy_pci_config_permission(struct domain *d, uint16_t end, uint8_t access) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_add_to_physmap(struct domain *d1, struct domain *d2) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_TARGET, d1, d2); } static __maybe_unused int dummy_remove_from_physmap(struct domain *d1, struct domain *d2) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d1, d2); + return xsm_default_action(XSM_TARGET, d1, d2); } static __maybe_unused int dummy_map_gmfn_foreign(struct domain *d, struct domain *t) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d, t); + return xsm_default_action(XSM_TARGET, d, t); } static __maybe_unused int dummy_hvm_param(struct domain *d, unsigned long op) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_TARGET, current->domain, d); } static __maybe_unused int dummy_hvm_control(struct domain *d, unsigned long op) { - XSM_ASSERT_ACTION(XSM_DM_PRIV); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_DM_PRIV, current->domain, d); } static __maybe_unused int dummy_hvm_param_altp2mhvm(struct domain *d) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_PRIV, current->domain, d); } static __maybe_unused int dummy_hvm_altp2mhvm_op(struct domain *d, uint64_t mode, uint32_t op) { - XSM_ASSERT_ACTION(XSM_OTHER); - switch ( mode ) { case XEN_ALTP2M_mixed: @@ -592,127 +520,109 @@ static __maybe_unused int dummy_hvm_altp2mhvm_op(struct domain *d, static __maybe_unused int dummy_vm_event_control(struct domain *d, int mode, int op) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_PRIV, current->domain, d); } #ifdef CONFIG_MEM_ACCESS static __maybe_unused int dummy_mem_access(struct domain *d) { - XSM_ASSERT_ACTION(XSM_DM_PRIV); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_DM_PRIV, current->domain, d); } #endif #ifdef CONFIG_MEM_PAGING static __maybe_unused int dummy_mem_paging(struct domain *d) { - XSM_ASSERT_ACTION(XSM_DM_PRIV); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_DM_PRIV, current->domain, d); } #endif #ifdef CONFIG_MEM_SHARING static __maybe_unused int dummy_mem_sharing(struct domain *d) { - XSM_ASSERT_ACTION(XSM_DM_PRIV); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_DM_PRIV, current->domain, d); } #endif static __maybe_unused int dummy_platform_op(uint32_t op) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_PRIV, current->domain, NULL); } #ifdef CONFIG_X86 static __maybe_unused int dummy_do_mca(XSM_DEFAULT_VOID) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_PRIV, current->domain, NULL); } static __maybe_unused int dummy_shadow_control(struct domain *d, uint32_t op) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_mem_sharing_op(struct domain *d, struct domain *cd, int op) { - XSM_ASSERT_ACTION(XSM_DM_PRIV); - return xsm_default_action(action, current->domain, cd); + return xsm_default_action(XSM_DM_PRIV, current->domain, cd); } static __maybe_unused int dummy_apic(struct domain *d, int cmd) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, d, NULL); + return xsm_default_action(XSM_PRIV, d, NULL); } static __maybe_unused int dummy_machine_memory_map(XSM_DEFAULT_VOID) { - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, NULL); + return xsm_default_action(XSM_PRIV, current->domain, NULL); } static __maybe_unused int dummy_domain_memory_map(struct domain *d) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_TARGET, current->domain, d); } static __maybe_unused int dummy_mmu_update(struct domain *d, struct domain *t, struct domain *f, uint32_t flags) { int rc = 0; - XSM_ASSERT_ACTION(XSM_TARGET); if ( f != dom_io ) - rc = xsm_default_action(action, d, f); + rc = xsm_default_action(XSM_TARGET, d, f); if ( evaluate_nospec(t) && !rc ) - rc = xsm_default_action(action, d, t); + rc = xsm_default_action(XSM_TARGET, d, t); return rc; } static __maybe_unused int dummy_mmuext_op(struct domain *d, struct domain *f) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d, f); + return xsm_default_action(XSM_TARGET, d, f); } static __maybe_unused int dummy_update_va_mapping(struct domain *d, struct domain *f, l1_pgentry_t pte) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d, f); + return xsm_default_action(XSM_TARGET, d, f); } static __maybe_unused int dummy_priv_mapping(struct domain *d, struct domain *t) { - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d, t); + return xsm_default_action(XSM_TARGET, d, t); } static __maybe_unused int dummy_ioport_permission(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_ioport_mapping(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { - XSM_ASSERT_ACTION(XSM_HOOK); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_HOOK, current->domain, d); } static __maybe_unused int dummy_pmu_op (struct domain *d, unsigned int op) { - XSM_ASSERT_ACTION(XSM_OTHER); switch ( op ) { case XENPMU_init: @@ -729,8 +639,7 @@ static __maybe_unused int dummy_pmu_op (struct domain *d, unsigned int op) static __maybe_unused int dummy_dm_op(struct domain *d) { - XSM_ASSERT_ACTION(XSM_DM_PRIV); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_DM_PRIV, current->domain, d); } #ifdef CONFIG_ARGO @@ -761,7 +670,6 @@ static __maybe_unused int dummy_argo_send(const struct domain *d, #include static __maybe_unused int dummy_xen_version(uint32_t op) { - XSM_ASSERT_ACTION(XSM_OTHER); switch ( op ) { case XENVER_version: @@ -785,6 +693,5 @@ static __maybe_unused int dummy_xen_version(uint32_t op) static __maybe_unused int dummy_domain_resource_map(struct domain *d) { - XSM_ASSERT_ACTION(XSM_DM_PRIV); - return xsm_default_action(action, current->domain, d); + return xsm_default_action(XSM_DM_PRIV, current->domain, d); }