[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 06/11] xen/arch/arm: remove rcu_lock_target_domain_by_id



This function has been replaced with rcu_lock_domain_by_any_id and an
XSM check.  Two callers already had an XSM check; add a check to the
third.

Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Cc: Ian Campbell <ian.campbell@xxxxxxxxxx>
Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>
Cc: Tim Deegan <tim@xxxxxxx>
Cc: Keir Fraser <keir@xxxxxxx>
---
 xen/arch/arm/mm.c       | 23 +++++++++++++++--------
 xen/common/domain.c     | 34 ----------------------------------
 xen/include/xen/sched.h | 14 --------------
 xen/include/xsm/dummy.h |  8 ++++++++
 xen/include/xsm/xsm.h   | 11 +++++++++++
 xen/xsm/dummy.c         |  3 +++
 xen/xsm/flask/hooks.c   | 10 ++++++++++
 7 files changed, 47 insertions(+), 56 deletions(-)

diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c
index ba3140d..35cd1c9 100644
--- a/xen/arch/arm/mm.c
+++ b/xen/arch/arm/mm.c
@@ -624,9 +624,16 @@ static int xenmem_add_to_physmap_one(
     {
         paddr_t maddr;
         struct domain *od;
-        rc = rcu_lock_target_domain_by_id(foreign_domid, &od);
-        if ( rc < 0 )
+        od = rcu_lock_domain_by_any_id(foreign_domid);
+        if ( od == NULL )
+            return -ESRCH;
+
+        rc = xsm_map_gmfn_foreign(XSM_TARGET, d, od);
+        if ( rc )
+        {
+            rcu_unlock_domain(od);
             return rc;
+        }
 
         maddr = p2m_lookup(od, idx << PAGE_SHIFT);
         if ( maddr == INVALID_PADDR )
@@ -718,9 +725,9 @@ long arch_memory_op(int op, XEN_GUEST_HANDLE_PARAM(void) 
arg)
         if ( xatp.space == XENMAPSPACE_gmfn_foreign )
             return -EINVAL;
 
-        rc = rcu_lock_target_domain_by_id(xatp.domid, &d);
-        if ( rc != 0 )
-            return rc;
+        d = rcu_lock_domain_by_any_id(xatp.domid);
+        if ( d == NULL )
+            return -ESRCH;
 
         rc = xsm_add_to_physmap(XSM_TARGET, current->domain, d);
         if ( rc )
@@ -749,9 +756,9 @@ long arch_memory_op(int op, XEN_GUEST_HANDLE_PARAM(void) 
arg)
         if ( xatpr.space == XENMAPSPACE_gmfn_range )
             return -EINVAL;
 
-        rc = rcu_lock_target_domain_by_id(xatpr.domid, &d);
-        if ( rc != 0 )
-            return rc;
+        d = rcu_lock_domain_by_any_id(xatpr.domid);
+        if ( d == NULL )
+            return -ESRCH;
 
         rc = xsm_add_to_physmap(XSM_TARGET, current->domain, d);
         if ( rc )
diff --git a/xen/common/domain.c b/xen/common/domain.c
index 590548e..ce6747c 100644
--- a/xen/common/domain.c
+++ b/xen/common/domain.c
@@ -429,40 +429,6 @@ struct domain *rcu_lock_domain_by_any_id(domid_t dom)
     return rcu_lock_domain_by_id(dom);
 }
 
-int rcu_lock_target_domain_by_id(domid_t dom, struct domain **d)
-{
-    if ( dom == DOMID_SELF )
-    {
-        *d = rcu_lock_current_domain();
-        return 0;
-    }
-
-    if ( (*d = rcu_lock_domain_by_id(dom)) == NULL )
-        return -ESRCH;
-
-    if ( !IS_PRIV_FOR(current->domain, *d) )
-    {
-        rcu_unlock_domain(*d);
-        return -EPERM;
-    }
-
-    return 0;
-}
-
-int rcu_lock_remote_target_domain_by_id(domid_t dom, struct domain **d)
-{
-    if ( (*d = rcu_lock_domain_by_id(dom)) == NULL )
-        return -ESRCH;
-
-    if ( (*d == current->domain) || !IS_PRIV_FOR(current->domain, *d) )
-    {
-        rcu_unlock_domain(*d);
-        return -EPERM;
-    }
-
-    return 0;
-}
-
 int rcu_lock_remote_domain_by_id(domid_t dom, struct domain **d)
 {
     if ( (*d = rcu_lock_domain_by_id(dom)) == NULL )
diff --git a/xen/include/xen/sched.h b/xen/include/xen/sched.h
index d15d567..723885c 100644
--- a/xen/include/xen/sched.h
+++ b/xen/include/xen/sched.h
@@ -471,20 +471,6 @@ struct domain *rcu_lock_domain_by_id(domid_t dom);
 struct domain *rcu_lock_domain_by_any_id(domid_t dom);
 
 /*
- * As above function, but accounts for current domain context:
- *  - Translates target DOMID_SELF into caller's domain id; and
- *  - Checks that caller has permission to act on the target domain.
- */
-int rcu_lock_target_domain_by_id(domid_t dom, struct domain **d);
-
-/*
- * As rcu_lock_target_domain_by_id(), but will fail EPERM rather than resolve
- * to local domain. Successful return always resolves to a remote domain that
- * the local domain is privileged to control.
- */
-int rcu_lock_remote_target_domain_by_id(domid_t dom, struct domain **d);
-
-/*
  * As rcu_lock_domain_by_id(), but will fail EPERM or ESRCH rather than resolve
  * to local domain.
  */
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index 9bfe596..3912bd9 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -616,4 +616,12 @@ static XSM_INLINE int xsm_ioport_mapping(XSM_DEFAULT_ARG 
struct domain *d, uint3
     return xsm_default_action(action, current->domain, d);
 }
 
+#endif /* CONFIG_X86 */
+
+#ifdef CONFIG_ARM
+static XSM_INLINE int xsm_map_gmfn_foreign(XSM_DEFAULT_ARG struct domain *d, 
struct domain *t)
+{
+    XSM_ASSERT_ACTION(XSM_TARGET);
+    return xsm_default_action(action, d, t);
+}
 #endif
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 69fe64a..58a4fbb 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -162,6 +162,9 @@ struct xsm_operations {
     int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, 
uint8_t allow);
     int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t 
allow);
 #endif
+#ifdef CONFIG_ARM
+    int (*map_gmfn_foreign) (struct domain *d, struct domain *t);
+#endif
 };
 
 #ifdef XSM_ENABLE
@@ -622,6 +625,14 @@ static inline int xsm_ioport_mapping (xsm_default_t def, 
struct domain *d, uint3
     return xsm_ops->ioport_mapping(d, s, e, allow);
 }
 #endif /* CONFIG_X86 */
+
+#ifdef CONFIG_ARM
+static inline int xsm_map_gmfn_foreign (struct domain *d, struct domain *t)
+{
+    return xsm_ops->map_gmfn_foreign(d, t);
+}
+#endif /* CONFIG_ARM */
+
 #endif /* XSM_NO_WRAPPERS */
 
 extern int xsm_init(unsigned long *module_map, const multiboot_info_t *mbi,
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 3d84e73..937761f 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -132,4 +132,7 @@ void xsm_fixup_ops (struct xsm_operations *ops)
     set_to_dummy_if_null(ops, ioport_permission);
     set_to_dummy_if_null(ops, ioport_mapping);
 #endif
+#ifdef CONFIG_ARM
+    set_to_dummy_if_null(ops, map_gmfn_foreign);
+#endif
 }
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 809e0f9..6512c22 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1452,6 +1452,13 @@ static int flask_unbind_pt_irq (struct domain *d, struct 
xen_domctl_bind_pt_irq
 {
     return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE);
 }
+#endif /* CONFIG_X86 */
+
+#ifdef CONFIG_ARM
+static int flask_map_gmfn_foreign(struct domain *d, struct domain *t)
+{
+    return domain_has_perm(d, t, SECCLASS_MMU, MMU__MAP_READ | MMU__MAP_WRITE);
+}
 #endif
 
 long do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op);
@@ -1560,6 +1567,9 @@ static struct xsm_operations flask_ops = {
     .ioport_permission = flask_ioport_permission,
     .ioport_mapping = flask_ioport_mapping,
 #endif
+#ifdef CONFIG_ARM
+    .map_gmfn_foreign = flask_map_gmfn_foreign,
+#endif
 };
 
 static __init int flask_init(void)
-- 
1.8.1.4


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.