[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen master] x86/HVM: don't use confusing/non-suitable XSM checks

commit cf37a923eae411d420f6519e6dcfd13e25cf276c
Author:     Jan Beulich <jbeulich@xxxxxxxx>
AuthorDate: Tue May 20 15:56:48 2014 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Tue May 20 15:56:48 2014 +0200

    x86/HVM: don't use confusing/non-suitable XSM checks
    
    XSM_TARGET checks following rcu_lock_{,live_}remote_domain_by_id() are
    rather pointless and potentially confusing. Use XSM_DM_PRIV there
    instead.
    
    Note that setting flask_ops.hvm_control to flask_hvm_param() (instead
    of introducing flask_hvm_control() is intentional - that function is
    already separating the contol and non-control sub-operations.
    
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Andres Lagar-Cavilla <andres@xxxxxxxxxxxxxxxx>
    Acked-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
---
 xen/arch/x86/hvm/hvm.c        |    8 ++++----
 xen/arch/x86/mm/mem_access.c  |    2 +-
 xen/arch/x86/mm/mem_event.c   |    2 +-
 xen/arch/x86/mm/mem_sharing.c |    4 ++--
 xen/include/xsm/dummy.h       |   10 ++++++++--
 xen/include/xsm/xsm.h         |    6 ++++++
 xen/xsm/dummy.c               |    1 +
 xen/xsm/flask/hooks.c         |    1 +
 8 files changed, 24 insertions(+), 10 deletions(-)

diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index d2190be..efbf6d9 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -4748,7 +4748,7 @@ long do_hvm_op(unsigned long op, 
XEN_GUEST_HANDLE_PARAM(void) arg)
         if ( a.nr > GB(1) >> PAGE_SHIFT )
             goto param_fail2;
 
-        rc = xsm_hvm_param(XSM_TARGET, d, op);
+        rc = xsm_hvm_control(XSM_DM_PRIV, d, op);
         if ( rc )
             goto param_fail2;
 
@@ -4786,7 +4786,7 @@ long do_hvm_op(unsigned long op, 
XEN_GUEST_HANDLE_PARAM(void) arg)
         if ( !is_hvm_domain(d) )
             goto param_fail3;
 
-        rc = xsm_hvm_param(XSM_TARGET, d, op);
+        rc = xsm_hvm_control(XSM_DM_PRIV, d, op);
         if ( rc )
             goto param_fail3;
 
@@ -4896,7 +4896,7 @@ long do_hvm_op(unsigned long op, 
XEN_GUEST_HANDLE_PARAM(void) arg)
         if ( !is_hvm_domain(d) )
             goto param_fail4;
 
-        rc = xsm_hvm_param(XSM_TARGET, d, op);
+        rc = xsm_hvm_control(XSM_DM_PRIV, d, op);
         if ( rc )
             goto param_fail4;
 
@@ -5026,7 +5026,7 @@ long do_hvm_op(unsigned long op, 
XEN_GUEST_HANDLE_PARAM(void) arg)
         if ( !is_hvm_domain(d) )
             goto param_fail8;
 
-        rc = xsm_hvm_param(XSM_TARGET, d, op);
+        rc = xsm_hvm_control(XSM_DM_PRIV, d, op);
         if ( rc )
             goto param_fail8;
 
diff --git a/xen/arch/x86/mm/mem_access.c b/xen/arch/x86/mm/mem_access.c
index 462c318..e8465a5 100644
--- a/xen/arch/x86/mm/mem_access.c
+++ b/xen/arch/x86/mm/mem_access.c
@@ -47,7 +47,7 @@ int mem_access_memop(unsigned long cmd,
     if ( !is_hvm_domain(d) )
         goto out;
 
-    rc = xsm_mem_event_op(XSM_TARGET, d, XENMEM_access_op);
+    rc = xsm_mem_event_op(XSM_DM_PRIV, d, XENMEM_access_op);
     if ( rc )
         goto out;
 
diff --git a/xen/arch/x86/mm/mem_event.c b/xen/arch/x86/mm/mem_event.c
index 36b9dba..f84c383 100644
--- a/xen/arch/x86/mm/mem_event.c
+++ b/xen/arch/x86/mm/mem_event.c
@@ -449,7 +449,7 @@ int do_mem_event_op(int op, uint32_t domain, void *arg)
     if ( ret )
         return ret;
 
-    ret = xsm_mem_event_op(XSM_TARGET, d, op);
+    ret = xsm_mem_event_op(XSM_DM_PRIV, d, op);
     if ( ret )
         goto out;
 
diff --git a/xen/arch/x86/mm/mem_sharing.c b/xen/arch/x86/mm/mem_sharing.c
index 178fe68..7293f31 100644
--- a/xen/arch/x86/mm/mem_sharing.c
+++ b/xen/arch/x86/mm/mem_sharing.c
@@ -1358,7 +1358,7 @@ int mem_sharing_memop(struct domain *d, 
xen_mem_sharing_op_t *mec)
             if ( rc )
                 return rc;
 
-            rc = xsm_mem_sharing_op(XSM_TARGET, d, cd, mec->op);
+            rc = xsm_mem_sharing_op(XSM_DM_PRIV, d, cd, mec->op);
             if ( rc )
             {
                 rcu_unlock_domain(cd);
@@ -1422,7 +1422,7 @@ int mem_sharing_memop(struct domain *d, 
xen_mem_sharing_op_t *mec)
             if ( rc )
                 return rc;
 
-            rc = xsm_mem_sharing_op(XSM_TARGET, d, cd, mec->op);
+            rc = xsm_mem_sharing_op(XSM_DM_PRIV, d, cd, mec->op);
             if ( rc )
             {
                 rcu_unlock_domain(cd);
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index 5de4ad4..3d4067f 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -495,6 +495,12 @@ static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct 
domain *d, unsigned l
     return xsm_default_action(action, current->domain, d);
 }
 
+static XSM_INLINE int xsm_hvm_control(XSM_DEFAULT_ARG struct domain *d, 
unsigned long op)
+{
+    XSM_ASSERT_ACTION(XSM_DM_PRIV);
+    return xsm_default_action(action, current->domain, d);
+}
+
 static XSM_INLINE int xsm_hvm_param_nested(XSM_DEFAULT_ARG struct domain *d)
 {
     XSM_ASSERT_ACTION(XSM_PRIV);
@@ -546,13 +552,13 @@ static XSM_INLINE int 
xsm_mem_event_control(XSM_DEFAULT_ARG struct domain *d, in
 
 static XSM_INLINE int xsm_mem_event_op(XSM_DEFAULT_ARG struct domain *d, int 
op)
 {
-    XSM_ASSERT_ACTION(XSM_TARGET);
+    XSM_ASSERT_ACTION(XSM_DM_PRIV);
     return xsm_default_action(action, current->domain, d);
 }
 
 static XSM_INLINE int xsm_mem_sharing_op(XSM_DEFAULT_ARG struct domain *d, 
struct domain *cd, int op)
 {
-    XSM_ASSERT_ACTION(XSM_TARGET);
+    XSM_ASSERT_ACTION(XSM_DM_PRIV);
     return xsm_default_action(action, current->domain, cd);
 }
 
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 0c85ca6..4799b08 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -137,6 +137,7 @@ struct xsm_operations {
 #endif
 
     int (*hvm_param) (struct domain *d, unsigned long op);
+    int (*hvm_control) (struct domain *d, unsigned long op);
     int (*hvm_param_nested) (struct domain *d);
 
 #ifdef CONFIG_X86
@@ -522,6 +523,11 @@ static inline int xsm_hvm_param (xsm_default_t def, struct 
domain *d, unsigned l
     return xsm_ops->hvm_param(d, op);
 }
 
+static inline int xsm_hvm_control(xsm_default_t def, struct domain *d, 
unsigned long op)
+{
+    return xsm_ops->hvm_control(d, op);
+}
+
 static inline int xsm_hvm_param_nested (xsm_default_t def, struct domain *d)
 {
     return xsm_ops->hvm_param_nested(d);
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 80015b1..67bce4b 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -105,6 +105,7 @@ void xsm_fixup_ops (struct xsm_operations *ops)
     set_to_dummy_if_null(ops, tmem_op);
     set_to_dummy_if_null(ops, tmem_control);
     set_to_dummy_if_null(ops, hvm_param);
+    set_to_dummy_if_null(ops, hvm_control);
     set_to_dummy_if_null(ops, hvm_param_nested);
 
     set_to_dummy_if_null(ops, do_xsm_op);
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 3eb6c1e..c008398 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1543,6 +1543,7 @@ static struct xsm_operations flask_ops = {
     .tmem_op = flask_tmem_op,
     .tmem_control = flask_tmem_control,
     .hvm_param = flask_hvm_param,
+    .hvm_control = flask_hvm_param,
     .hvm_param_nested = flask_hvm_param_nested,
 
     .do_xsm_op = do_flask_op,
--
generated by git-patchbot for /home/xen/git/xen.git#master

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.