[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH v15 11/21] x86/VPMU: Interface for setting PMU mode and flags
Add runtime interface for setting PMU mode and flags. Three main modes are provided: * XENPMU_MODE_OFF: PMU is not virtualized * XENPMU_MODE_SELF: Guests can access PMU MSRs and receive PMU interrupts. * XENPMU_MODE_HV: Same as XENPMU_MODE_SELF for non-proviledged guests, dom0 can profile itself and the hypervisor. Note that PMU modes are different from what can be provided at Xen's boot line with 'vpmu' argument. An 'off' (or '0') value is equivalent to XENPMU_MODE_OFF. Any other value, on the other hand, will cause VPMU mode to be set to XENPMU_MODE_SELF during boot. For feature flags only Intel's BTS is currently supported. Mode and flags are set via HYPERVISOR_xenpmu_op hypercall. Signed-off-by: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx> Acked-by: Kevin Tian <kevin.tian@xxxxxxxxx> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> Reviewed-by: Dietmar Hahn <dietmar.hahn@xxxxxxxxxxxxxx> Tested-by: Dietmar Hahn <dietmar.hahn@xxxxxxxxxxxxxx> --- tools/flask/policy/policy/modules/xen/xen.te | 3 + xen/arch/x86/domain.c | 6 +- xen/arch/x86/hvm/svm/vpmu.c | 4 +- xen/arch/x86/hvm/vmx/vpmu_core2.c | 10 +- xen/arch/x86/hvm/vpmu.c | 164 +++++++++++++++++++++++++-- xen/arch/x86/x86_64/compat/entry.S | 4 + xen/arch/x86/x86_64/entry.S | 4 + xen/include/asm-x86/hvm/vpmu.h | 27 +++-- xen/include/public/pmu.h | 45 ++++++++ xen/include/public/xen.h | 1 + xen/include/xen/hypercall.h | 4 + xen/include/xlat.lst | 1 + xen/include/xsm/dummy.h | 15 +++ xen/include/xsm/xsm.h | 6 + xen/xsm/dummy.c | 1 + xen/xsm/flask/hooks.c | 18 +++ xen/xsm/flask/policy/access_vectors | 2 + 17 files changed, 288 insertions(+), 27 deletions(-) diff --git a/tools/flask/policy/policy/modules/xen/xen.te b/tools/flask/policy/policy/modules/xen/xen.te index d214470..ae7bf3c 100644 --- a/tools/flask/policy/policy/modules/xen/xen.te +++ b/tools/flask/policy/policy/modules/xen/xen.te @@ -68,6 +68,9 @@ allow dom0_t xen_t:xen2 { resource_op psr_cmt_op }; +allow dom0_t xen_t:xen2 { + pmu_ctrl +}; allow dom0_t xen_t:mmu memorymap; # Allow dom0 to use these domctls on itself. For domctls acting on other diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c index ae0a344..da5bdf4 100644 --- a/xen/arch/x86/domain.c +++ b/xen/arch/x86/domain.c @@ -1544,7 +1544,7 @@ void context_switch(struct vcpu *prev, struct vcpu *next) if ( is_hvm_vcpu(prev) ) { if (prev != next) - vpmu_save(prev); + vpmu_switch_from(prev, next); if ( !list_empty(&prev->arch.hvm_vcpu.tm_list) ) pt_save_timer(prev); @@ -1587,9 +1587,9 @@ void context_switch(struct vcpu *prev, struct vcpu *next) !is_hardware_domain(next->domain)); } - if (is_hvm_vcpu(next) && (prev != next) ) + if ( is_hvm_vcpu(prev) && (prev != next) ) /* Must be done with interrupts enabled */ - vpmu_load(next); + vpmu_switch_to(prev, next); context_saved(prev); diff --git a/xen/arch/x86/hvm/svm/vpmu.c b/xen/arch/x86/hvm/svm/vpmu.c index 0d30b37..61d56d5 100644 --- a/xen/arch/x86/hvm/svm/vpmu.c +++ b/xen/arch/x86/hvm/svm/vpmu.c @@ -478,14 +478,14 @@ struct arch_vpmu_ops amd_vpmu_ops = { .arch_vpmu_dump = amd_vpmu_dump }; -int svm_vpmu_initialise(struct vcpu *v, unsigned int vpmu_flags) +int svm_vpmu_initialise(struct vcpu *v) { struct vpmu_struct *vpmu = vcpu_vpmu(v); uint8_t family = current_cpu_data.x86; int ret = 0; /* vpmu enabled? */ - if ( !vpmu_flags ) + if ( vpmu_mode == XENPMU_MODE_OFF ) return 0; switch ( family ) diff --git a/xen/arch/x86/hvm/vmx/vpmu_core2.c b/xen/arch/x86/hvm/vmx/vpmu_core2.c index a6cca38..23e4899 100644 --- a/xen/arch/x86/hvm/vmx/vpmu_core2.c +++ b/xen/arch/x86/hvm/vmx/vpmu_core2.c @@ -708,13 +708,13 @@ static int core2_vpmu_do_interrupt(struct cpu_user_regs *regs) return 1; } -static int core2_vpmu_initialise(struct vcpu *v, unsigned int vpmu_flags) +static int core2_vpmu_initialise(struct vcpu *v) { struct vpmu_struct *vpmu = vcpu_vpmu(v); u64 msr_content; static bool_t ds_warned; - if ( !(vpmu_flags & VPMU_BOOT_BTS) ) + if ( !(vpmu_features & XENPMU_FEATURE_INTEL_BTS) ) goto func_out; /* Check the 'Debug Store' feature in the CPUID.EAX[1]:EDX[21] */ while ( boot_cpu_has(X86_FEATURE_DS) ) @@ -829,7 +829,7 @@ struct arch_vpmu_ops core2_no_vpmu_ops = { .do_cpuid = core2_no_vpmu_do_cpuid, }; -int vmx_vpmu_initialise(struct vcpu *v, unsigned int vpmu_flags) +int vmx_vpmu_initialise(struct vcpu *v) { struct vpmu_struct *vpmu = vcpu_vpmu(v); uint8_t family = current_cpu_data.x86; @@ -837,7 +837,7 @@ int vmx_vpmu_initialise(struct vcpu *v, unsigned int vpmu_flags) int ret = 0; vpmu->arch_vpmu_ops = &core2_no_vpmu_ops; - if ( !vpmu_flags ) + if ( vpmu_mode == XENPMU_MODE_OFF ) return 0; if ( family == 6 ) @@ -880,7 +880,7 @@ int vmx_vpmu_initialise(struct vcpu *v, unsigned int vpmu_flags) /* future: */ case 0x3d: case 0x4e: - ret = core2_vpmu_initialise(v, vpmu_flags); + ret = core2_vpmu_initialise(v); if ( !ret ) vpmu->arch_vpmu_ops = &core2_vpmu_ops; return ret; diff --git a/xen/arch/x86/hvm/vpmu.c b/xen/arch/x86/hvm/vpmu.c index f96b530..6d9e6f9 100644 --- a/xen/arch/x86/hvm/vpmu.c +++ b/xen/arch/x86/hvm/vpmu.c @@ -21,6 +21,8 @@ #include <xen/config.h> #include <xen/sched.h> #include <xen/xenoprof.h> +#include <xen/event.h> +#include <xen/guest_access.h> #include <asm/regs.h> #include <asm/types.h> #include <asm/msr.h> @@ -32,8 +34,10 @@ #include <asm/hvm/svm/vmcb.h> #include <asm/apic.h> #include <public/pmu.h> +#include <xsm/xsm.h> #include <compat/pmu.h> +CHECK_pmu_params; CHECK_pmu_intel_ctxt; CHECK_pmu_amd_ctxt; CHECK_pmu_cntr_pair; @@ -44,7 +48,8 @@ CHECK_pmu_regs; * "vpmu=off" : vpmu generally disabled * "vpmu=bts" : vpmu enabled and Intel BTS feature switched on. */ -static unsigned int __read_mostly opt_vpmu_enabled; +unsigned int __read_mostly vpmu_mode = XENPMU_MODE_OFF; +unsigned int __read_mostly vpmu_features = 0; static void parse_vpmu_param(char *s); custom_param("vpmu", parse_vpmu_param); @@ -58,7 +63,7 @@ static void __init parse_vpmu_param(char *s) break; default: if ( !strcmp(s, "bts") ) - opt_vpmu_enabled |= VPMU_BOOT_BTS; + vpmu_features |= XENPMU_FEATURE_INTEL_BTS; else if ( *s ) { printk("VPMU: unknown flag: %s - vpmu disabled!\n", s); @@ -66,7 +71,8 @@ static void __init parse_vpmu_param(char *s) } /* fall through */ case 1: - opt_vpmu_enabled |= VPMU_BOOT_ENABLED; + /* Default VPMU mode */ + vpmu_mode = XENPMU_MODE_SELF; break; } } @@ -83,6 +89,9 @@ int vpmu_do_wrmsr(unsigned int msr, uint64_t msr_content, uint64_t supported) { struct vpmu_struct *vpmu = vcpu_vpmu(current); + if ( !(vpmu_mode & (XENPMU_MODE_SELF | XENPMU_MODE_HV)) ) + return 0; + if ( vpmu->arch_vpmu_ops && vpmu->arch_vpmu_ops->do_wrmsr ) return vpmu->arch_vpmu_ops->do_wrmsr(msr, msr_content, supported); return 0; @@ -92,6 +101,9 @@ int vpmu_do_rdmsr(unsigned int msr, uint64_t *msr_content) { struct vpmu_struct *vpmu = vcpu_vpmu(current); + if ( !(vpmu_mode & (XENPMU_MODE_SELF | XENPMU_MODE_HV)) ) + return 0; + if ( vpmu->arch_vpmu_ops && vpmu->arch_vpmu_ops->do_rdmsr ) return vpmu->arch_vpmu_ops->do_rdmsr(msr, msr_content); return 0; @@ -244,19 +256,19 @@ void vpmu_initialise(struct vcpu *v) switch ( vendor ) { case X86_VENDOR_AMD: - if ( svm_vpmu_initialise(v, opt_vpmu_enabled) != 0 ) - opt_vpmu_enabled = 0; + if ( svm_vpmu_initialise(v) != 0 ) + vpmu_mode = XENPMU_MODE_OFF; break; case X86_VENDOR_INTEL: - if ( vmx_vpmu_initialise(v, opt_vpmu_enabled) != 0 ) - opt_vpmu_enabled = 0; + if ( vmx_vpmu_initialise(v) != 0 ) + vpmu_mode = XENPMU_MODE_OFF; break; default: printk("VPMU: Initialization failed. " "Unknown CPU vendor %d\n", vendor); - opt_vpmu_enabled = 0; + vpmu_mode = XENPMU_MODE_OFF; break; } } @@ -278,3 +290,139 @@ void vpmu_dump(struct vcpu *v) vpmu->arch_vpmu_ops->arch_vpmu_dump(v); } +static s_time_t vpmu_start_ctxt_switch; +static long vpmu_sched_checkin(void *arg) +{ + int cpu = cpumask_next(smp_processor_id(), &cpu_online_map); + int ret; + + /* Mode change shouldn't take more than a few (say, 5) seconds. */ + if ( NOW() > vpmu_start_ctxt_switch + SECONDS(5) ) + { + ret = -EBUSY; + goto fail; + } + + if ( cpu < nr_cpu_ids ) + { + ret = continue_hypercall_on_cpu(cpu, vpmu_sched_checkin, arg); + if ( ret ) + goto fail; + } + else + vpmu_start_ctxt_switch = 0; + + return 0; + + fail: + vpmu_mode = (uint64_t)arg; + vpmu_start_ctxt_switch = 0; + return ret; +} + +static int vpmu_force_context_switch(uint64_t old_mode) +{ + int ret; + + vpmu_start_ctxt_switch = NOW(); + + ret = continue_hypercall_on_cpu(cpumask_first(&cpu_online_map), + vpmu_sched_checkin, (void *)old_mode); + if ( ret ) + vpmu_start_ctxt_switch = 0; + + return ret; +} + +long do_xenpmu_op(int op, XEN_GUEST_HANDLE_PARAM(xen_pmu_params_t) arg) +{ + int ret; + struct xen_pmu_params pmu_params; + + ret = xsm_pmu_op(XSM_OTHER, current->domain, op); + if ( ret ) + return ret; + + switch ( op ) + { + case XENPMU_mode_set: + { + uint64_t old_mode; + static DEFINE_SPINLOCK(xenpmu_mode_lock); + + if ( copy_from_guest(&pmu_params, arg, 1) ) + return -EFAULT; + + if ( pmu_params.val & ~(XENPMU_MODE_SELF | XENPMU_MODE_HV) ) + return -EINVAL; + + /* 32-bit dom0 can only sample itself. */ + if ( is_pv_32bit_vcpu(current) && (pmu_params.val & XENPMU_MODE_HV) ) + return -EINVAL; + + /* + * Return error if someone else is in the middle of changing mode --- + * this is most likely indication of two system administrators + * working against each other. + */ + if ( !spin_trylock(&xenpmu_mode_lock) ) + return -EAGAIN; + if ( vpmu_start_ctxt_switch != 0 ) + { + spin_unlock(&xenpmu_mode_lock); + return -EAGAIN; + } + + old_mode = vpmu_mode; + vpmu_mode = pmu_params.val; + + if ( vpmu_mode == XENPMU_MODE_OFF ) + { + /* + * Make sure all (non-dom0) VCPUs have unloaded their VPMUs. This + * can be achieved by having all physical processors go through + * context_switch(). + */ + ret = vpmu_force_context_switch(old_mode); + if ( ret ) + vpmu_mode = old_mode; + } + + spin_unlock(&xenpmu_mode_lock); + + break; + } + + case XENPMU_mode_get: + memset(&pmu_params, 0, sizeof(pmu_params)); + pmu_params.val = vpmu_mode; + + pmu_params.version.maj = XENPMU_VER_MAJ; + pmu_params.version.min = XENPMU_VER_MIN; + + if ( copy_to_guest(arg, &pmu_params, 1) ) + return -EFAULT; + break; + + case XENPMU_feature_set: + if ( copy_from_guest(&pmu_params, arg, 1) ) + return -EFAULT; + + if ( pmu_params.val & ~XENPMU_FEATURE_INTEL_BTS ) + return -EINVAL; + + vpmu_features = pmu_params.val; + break; + + case XENPMU_feature_get: + pmu_params.val = vpmu_features; + if ( copy_field_to_guest(arg, &pmu_params, val) ) + return -EFAULT; + break; + + default: + ret = -EINVAL; + } + + return ret; +} diff --git a/xen/arch/x86/x86_64/compat/entry.S b/xen/arch/x86/x86_64/compat/entry.S index 5b0af61..7691a79 100644 --- a/xen/arch/x86/x86_64/compat/entry.S +++ b/xen/arch/x86/x86_64/compat/entry.S @@ -417,6 +417,8 @@ ENTRY(compat_hypercall_table) .quad do_domctl .quad compat_kexec_op .quad do_tmem_op + .quad do_ni_hypercall /* reserved for XenClient */ + .quad do_xenpmu_op /* 40 */ .rept __HYPERVISOR_arch_0-((.-compat_hypercall_table)/8) .quad compat_ni_hypercall .endr @@ -466,6 +468,8 @@ ENTRY(compat_hypercall_args_table) .byte 1 /* do_domctl */ .byte 2 /* compat_kexec_op */ .byte 1 /* do_tmem_op */ + .byte 0 /* reserved for XenClient */ + .byte 2 /* do_xenpmu_op */ /* 40 */ .rept __HYPERVISOR_arch_0-(.-compat_hypercall_args_table) .byte 0 /* compat_ni_hypercall */ .endr diff --git a/xen/arch/x86/x86_64/entry.S b/xen/arch/x86/x86_64/entry.S index b3d6e32..aa842ac 100644 --- a/xen/arch/x86/x86_64/entry.S +++ b/xen/arch/x86/x86_64/entry.S @@ -772,6 +772,8 @@ ENTRY(hypercall_table) .quad do_domctl .quad do_kexec_op .quad do_tmem_op + .quad do_ni_hypercall /* reserved for XenClient */ + .quad do_xenpmu_op /* 40 */ .rept __HYPERVISOR_arch_0-((.-hypercall_table)/8) .quad do_ni_hypercall .endr @@ -821,6 +823,8 @@ ENTRY(hypercall_args_table) .byte 1 /* do_domctl */ .byte 2 /* do_kexec */ .byte 1 /* do_tmem_op */ + .byte 0 /* reserved for XenClient */ + .byte 2 /* do_xenpmu_op */ /* 40 */ .rept __HYPERVISOR_arch_0-(.-hypercall_args_table) .byte 0 /* do_ni_hypercall */ .endr diff --git a/xen/include/asm-x86/hvm/vpmu.h b/xen/include/asm-x86/hvm/vpmu.h index 82bfa0e..5fc15fb 100644 --- a/xen/include/asm-x86/hvm/vpmu.h +++ b/xen/include/asm-x86/hvm/vpmu.h @@ -24,13 +24,6 @@ #include <public/pmu.h> -/* - * Flag bits given as a string on the hypervisor boot parameter 'vpmu'. - * See arch/x86/hvm/vpmu.c. - */ -#define VPMU_BOOT_ENABLED 0x1 /* vpmu generally enabled. */ -#define VPMU_BOOT_BTS 0x2 /* Intel BTS feature wanted. */ - #define vcpu_vpmu(vcpu) (&(vcpu)->arch.vpmu) #define vpmu_vcpu(vpmu) container_of((vpmu), struct vcpu, arch.vpmu) @@ -59,8 +52,8 @@ struct arch_vpmu_ops { void (*arch_vpmu_dump)(const struct vcpu *); }; -int vmx_vpmu_initialise(struct vcpu *, unsigned int flags); -int svm_vpmu_initialise(struct vcpu *, unsigned int flags); +int vmx_vpmu_initialise(struct vcpu *); +int svm_vpmu_initialise(struct vcpu *); struct vpmu_struct { u32 flags; @@ -116,5 +109,21 @@ void vpmu_dump(struct vcpu *v); extern int acquire_pmu_ownership(int pmu_ownership); extern void release_pmu_ownership(int pmu_ownership); +extern unsigned int vpmu_mode; +extern unsigned int vpmu_features; + +/* Context switch */ +inline void vpmu_switch_from(struct vcpu *prev, struct vcpu *next) +{ + if ( vpmu_mode & (XENPMU_MODE_SELF | XENPMU_MODE_HV) ) + vpmu_save(prev); +} + +inline void vpmu_switch_to(struct vcpu *prev, struct vcpu *next) +{ + if ( vpmu_mode & (XENPMU_MODE_SELF | XENPMU_MODE_HV) ) + vpmu_load(next); +} + #endif /* __ASM_X86_HVM_VPMU_H_*/ diff --git a/xen/include/public/pmu.h b/xen/include/public/pmu.h index f97106d..66cc494 100644 --- a/xen/include/public/pmu.h +++ b/xen/include/public/pmu.h @@ -13,6 +13,51 @@ #define XENPMU_VER_MAJ 0 #define XENPMU_VER_MIN 1 +/* + * ` enum neg_errnoval + * ` HYPERVISOR_xenpmu_op(enum xenpmu_op cmd, struct xenpmu_params *args); + * + * @cmd == XENPMU_* (PMU operation) + * @args == struct xenpmu_params + */ +/* ` enum xenpmu_op { */ +#define XENPMU_mode_get 0 /* Also used for getting PMU version */ +#define XENPMU_mode_set 1 +#define XENPMU_feature_get 2 +#define XENPMU_feature_set 3 +/* ` } */ + +/* Parameters structure for HYPERVISOR_xenpmu_op call */ +struct xen_pmu_params { + /* IN/OUT parameters */ + struct { + uint32_t maj; + uint32_t min; + } version; + uint64_t val; + + /* IN parameters */ + uint32_t vcpu; + uint32_t pad; +}; +typedef struct xen_pmu_params xen_pmu_params_t; +DEFINE_XEN_GUEST_HANDLE(xen_pmu_params_t); + +/* PMU modes: + * - XENPMU_MODE_OFF: No PMU virtualization + * - XENPMU_MODE_SELF: Guests can profile themselves + * - XENPMU_MODE_HV: Guests can profile themselves, dom0 profiles + * itself and Xen + */ +#define XENPMU_MODE_OFF 0 +#define XENPMU_MODE_SELF (1<<0) +#define XENPMU_MODE_HV (1<<1) + +/* + * PMU features: + * - XENPMU_FEATURE_INTEL_BTS: Intel BTS support (ignored on AMD) + */ +#define XENPMU_FEATURE_INTEL_BTS 1 /* Shared between hypervisor and PV domain */ struct xen_pmu_data { diff --git a/xen/include/public/xen.h b/xen/include/public/xen.h index a6a2092..0766790 100644 --- a/xen/include/public/xen.h +++ b/xen/include/public/xen.h @@ -101,6 +101,7 @@ DEFINE_XEN_GUEST_HANDLE(xen_ulong_t); #define __HYPERVISOR_kexec_op 37 #define __HYPERVISOR_tmem_op 38 #define __HYPERVISOR_xc_reserved_op 39 /* reserved for XenClient */ +#define __HYPERVISOR_xenpmu_op 40 /* Architecture-specific hypercall definitions. */ #define __HYPERVISOR_arch_0 48 diff --git a/xen/include/xen/hypercall.h b/xen/include/xen/hypercall.h index a9e5229..cf34547 100644 --- a/xen/include/xen/hypercall.h +++ b/xen/include/xen/hypercall.h @@ -14,6 +14,7 @@ #include <public/event_channel.h> #include <public/tmem.h> #include <public/version.h> +#include <public/pmu.h> #include <asm/hypercall.h> #include <xsm/xsm.h> @@ -139,6 +140,9 @@ do_tmem_op( extern long do_xenoprof_op(int op, XEN_GUEST_HANDLE_PARAM(void) arg); +extern long +do_xenpmu_op(int op, XEN_GUEST_HANDLE_PARAM(xen_pmu_params_t) arg); + #ifdef CONFIG_COMPAT extern int diff --git a/xen/include/xlat.lst b/xen/include/xlat.lst index 8bff86d..0186573 100644 --- a/xen/include/xlat.lst +++ b/xen/include/xlat.lst @@ -103,6 +103,7 @@ ! vcpu_set_singleshot_timer vcpu.h ? xenoprof_init xenoprof.h ? xenoprof_passive xenoprof.h +? pmu_params pmu.h ? pmu_intel_ctxt arch-x86/pmu.h ? pmu_amd_ctxt arch-x86/pmu.h ? pmu_cntr_pair arch-x86/pmu.h diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index f20e89c..c637454 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -655,4 +655,19 @@ static XSM_INLINE int xsm_ioport_mapping(XSM_DEFAULT_ARG struct domain *d, uint3 return xsm_default_action(action, current->domain, d); } +static XSM_INLINE int xsm_pmu_op (XSM_DEFAULT_ARG struct domain *d, int op) +{ + XSM_ASSERT_ACTION(XSM_OTHER); + switch ( op ) + { + case XENPMU_mode_set: + case XENPMU_mode_get: + case XENPMU_feature_set: + case XENPMU_feature_get: + return xsm_default_action(XSM_PRIV, d, current->domain); + default: + return -EPERM; + } +} + #endif /* CONFIG_X86 */ diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index 4ce089f..0e39dfe 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -173,6 +173,7 @@ struct xsm_operations { int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); + int (*pmu_op) (struct domain *d, int op); #endif }; @@ -665,6 +666,11 @@ static inline int xsm_ioport_mapping (xsm_default_t def, struct domain *d, uint3 return xsm_ops->ioport_mapping(d, s, e, allow); } +static inline int xsm_pmu_op (xsm_default_t def, struct domain *d, int op) +{ + return xsm_ops->pmu_op(d, op); +} + #endif /* CONFIG_X86 */ #endif /* XSM_NO_WRAPPERS */ diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c index 8eb3050..94f1cf0 100644 --- a/xen/xsm/dummy.c +++ b/xen/xsm/dummy.c @@ -144,5 +144,6 @@ void xsm_fixup_ops (struct xsm_operations *ops) set_to_dummy_if_null(ops, unbind_pt_irq); set_to_dummy_if_null(ops, ioport_permission); set_to_dummy_if_null(ops, ioport_mapping); + set_to_dummy_if_null(ops, pmu_op); #endif } diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index b57b9d3..8e1914e 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1502,6 +1502,23 @@ static int flask_unbind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq { return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); } + +static int flask_pmu_op (struct domain *d, int op) +{ + u32 dsid = domain_sid(d); + + switch ( op ) + { + case XENPMU_mode_set: + case XENPMU_mode_get: + case XENPMU_feature_set: + case XENPMU_feature_get: + return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_XEN2, + XEN2__PMU_CTRL, NULL); + default: + return -EPERM; + } +} #endif /* CONFIG_X86 */ long do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op); @@ -1624,6 +1641,7 @@ static struct xsm_operations flask_ops = { .unbind_pt_irq = flask_unbind_pt_irq, .ioport_permission = flask_ioport_permission, .ioport_mapping = flask_ioport_mapping, + .pmu_op = flask_pmu_op, #endif }; diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/access_vectors index 69152d6..3289d98 100644 --- a/xen/xsm/flask/policy/access_vectors +++ b/xen/xsm/flask/policy/access_vectors @@ -85,6 +85,8 @@ class xen2 psr_cmt_op # XENPF_get_symbol get_symbol +# PMU control + pmu_ctrl } # Classes domain and domain2 consist of operations that a domain performs on -- 1.8.1.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |