struct xen_mc_msrinject *mc_msrinject;
struct xen_mc_mceinject *mc_mceinject;
- ret = xsm_do_mca();
+ ret = xsm_do_mca(XSM_PRIV);
if ( ret )
return x86_mcerr(NULL, ret);
if ( np == 0 )
ret = 0;
- else if ( xsm_ioport_permission(d, fp, fp + np - 1, allow) )
+ else if ( xsm_ioport_permission(XSM_HOOK, d, fp, fp + np - 1, allow) )
ret = -EPERM;
else if ( allow )
ret = ioports_permit_access(d, fp, fp + np - 1);
if ( !is_hvm_domain(d) )
break;
- ret = xsm_bind_pt_irq(d, bind);
+ ret = xsm_bind_pt_irq(XSM_HOOK, d, bind);
if ( ret )
break;
!irq_access_permitted(current->domain, bind->machine_irq) )
break;
- ret = xsm_unbind_pt_irq(d, bind);
+ ret = xsm_unbind_pt_irq(XSM_HOOK, d, bind);
if ( ret )
break;
!iomem_access_permitted(current->domain, mfn, mfn + nr_mfns - 1) )
break;
- ret = xsm_iomem_mapping(d, mfn, mfn + nr_mfns - 1, add);
+ ret = xsm_iomem_mapping(XSM_HOOK, d, mfn, mfn + nr_mfns - 1, add);
if ( ret )
break;
!ioports_access_permitted(current->domain, fmp, fmp + np - 1) )
break;
- ret = xsm_ioport_mapping(d, fmp, fmp + np - 1, add);
+ ret = xsm_ioport_mapping(XSM_HOOK, d, fmp, fmp + np - 1, add);
if ( ret )
break;
if ( !is_hvm_domain(d) )
goto out;
- rc = xsm_hvm_set_pci_intx_level(d);
+ rc = xsm_hvm_set_pci_intx_level(XSM_DM_PRIV, d);
if ( rc )
goto out;
if ( !is_hvm_domain(d) )
goto out;
- rc = xsm_hvm_set_isa_irq_level(d);
+ rc = xsm_hvm_set_isa_irq_level(XSM_DM_PRIV, d);
if ( rc )
goto out;
if ( !is_hvm_domain(d) )
goto out;
- rc = xsm_hvm_set_pci_link_route(d);
+ rc = xsm_hvm_set_pci_link_route(XSM_DM_PRIV, d);
if ( rc )
goto out;
if ( !is_hvm_domain(d) )
goto out;
- rc = xsm_hvm_inject_msi(d);
+ rc = xsm_hvm_inject_msi(XSM_DM_PRIV, d);
if ( rc )
goto out;
if ( !is_hvm_domain(d) )
goto param_fail;
- rc = xsm_hvm_param(d, op);
+ rc = xsm_hvm_param(XSM_TARGET, d, op);
if ( rc )
goto param_fail;
if ( a.nr > GB(1) >> PAGE_SHIFT )
goto param_fail2;
- rc = xsm_hvm_param(d, op);
+ rc = xsm_hvm_param(XSM_TARGET, d, op);
if ( rc )
goto param_fail2;
if ( !is_hvm_domain(d) )
goto param_fail3;
- rc = xsm_hvm_param(d, op);
+ rc = xsm_hvm_param(XSM_TARGET, d, op);
if ( rc )
goto param_fail3;
if ( d == NULL )
return -ESRCH;
- rc = xsm_hvm_param(d, op);
+ rc = xsm_hvm_param(XSM_TARGET, d, op);
if ( rc )
goto param_fail_getmemtype;
if ( !is_hvm_domain(d) )
goto param_fail4;
- rc = xsm_hvm_param(d, op);
+ rc = xsm_hvm_param(XSM_TARGET, d, op);
if ( rc )
goto param_fail4;
if ( !is_hvm_domain(d) )
goto param_fail5;
- rc = xsm_hvm_param(d, op);
+ rc = xsm_hvm_param(XSM_TARGET, d, op);
if ( rc )
goto param_fail5;
if ( !is_hvm_domain(d) )
goto param_fail6;
- rc = xsm_hvm_param(d, op);
+ rc = xsm_hvm_param(XSM_TARGET, d, op);
if ( rc )
goto param_fail6;
if ( !is_hvm_domain(d) || !paging_mode_shadow(d) )
goto param_fail7;
- rc = xsm_hvm_param(d, op);
+ rc = xsm_hvm_param(XSM_TARGET, d, op);
if ( rc )
goto param_fail7;
if ( !is_hvm_domain(d) )
goto param_fail8;
- rc = xsm_hvm_param(d, op);
+ rc = xsm_hvm_param(XSM_TARGET, d, op);
if ( rc )
goto param_fail8;
return 0;
}
- ret = xsm_map_domain_pirq(d, irq, data);
+ ret = xsm_map_domain_pirq(XSM_HOOK, d, irq, data);
if ( ret )
{
dprintk(XENLOG_G_ERR, "dom%d: could not permit access to irq %d mapping to pirq %d\n",
goto out;
}
- rc = xsm_mmuext_op(d, pg_owner);
+ rc = xsm_mmuext_op(XSM_TARGET, d, pg_owner);
if ( rc )
{
rcu_unlock_domain(pg_owner);
break;
}
- if ( (rc = xsm_memory_pin_page(d, pg_owner, page)) != 0 )
+ if ( (rc = xsm_memory_pin_page(XSM_HOOK, d, pg_owner, page)) != 0 )
{
put_page_and_type(page);
okay = 0;
}
if ( xsm_needed != xsm_checked )
{
- rc = xsm_mmu_update(d, pt_owner, pg_owner, xsm_needed);
+ rc = xsm_mmu_update(XSM_TARGET, d, pt_owner, pg_owner, xsm_needed);
if ( rc )
break;
xsm_checked = xsm_needed;
xsm_needed |= XSM_MMU_MACHPHYS_UPDATE;
if ( xsm_needed != xsm_checked )
{
- rc = xsm_mmu_update(d, NULL, pg_owner, xsm_needed);
+ rc = xsm_mmu_update(XSM_TARGET, d, NULL, pg_owner, xsm_needed);
if ( rc )
break;
xsm_checked = xsm_needed;
perfc_incr(calls_to_update_va);
- rc = xsm_update_va_mapping(d, pg_owner, val);
+ rc = xsm_update_va_mapping(XSM_TARGET, d, pg_owner, val);
if ( rc )
return rc;
if ( d == NULL )
return -ESRCH;
- if ( xsm_add_to_physmap(current->domain, d) )
+ if ( xsm_add_to_physmap(XSM_TARGET, current->domain, d) )
{
rcu_unlock_domain(d);
return -EPERM;
if ( d == NULL )
return -ESRCH;
- rc = xsm_domain_memory_map(d);
+ rc = xsm_domain_memory_map(XSM_TARGET, d);
if ( rc )
{
rcu_unlock_domain(d);
XEN_GUEST_HANDLE_PARAM(e820entry_t) buffer_param;
unsigned int i;
- rc = xsm_machine_memory_map();
+ rc = xsm_machine_memory_map(XSM_PRIV);
if ( rc )
return rc;
return -ESRCH;
if ( op == XENMEM_set_pod_target )
- rc = xsm_set_pod_target(d);
+ rc = xsm_set_pod_target(XSM_PRIV, d);
else
- rc = xsm_get_pod_target(d);
+ rc = xsm_get_pod_target(XSM_PRIV, d);
if ( rc != 0 )
goto pod_target_out_unlock;
if ( ret )
return ret;
- ret = xsm_mem_event_op(d, op);
+ ret = xsm_mem_event_op(XSM_TARGET, d, op);
if ( ret )
goto out;
{
int rc;
- rc = xsm_mem_event_control(d, mec->mode, mec->op);
+ rc = xsm_mem_event_control(XSM_PRIV, d, mec->mode, mec->op);
if ( rc )
return rc;
if ( rc )
return rc;
- rc = xsm_mem_sharing_op(d, cd, mec->op);
+ rc = xsm_mem_sharing_op(XSM_TARGET, d, cd, mec->op);
if ( rc )
{
rcu_unlock_domain(cd);
if ( rc )
return rc;
- rc = xsm_mem_sharing_op(d, cd, mec->op);
+ rc = xsm_mem_sharing_op(XSM_TARGET, d, cd, mec->op);
if ( rc )
{
rcu_unlock_domain(cd);
return -EINVAL;
}
- rc = xsm_shadow_control(d, sc->op);
+ rc = xsm_shadow_control(XSM_HOOK, d, sc->op);
if ( rc )
return rc;
if (!pdev)
return -EINVAL;
- ret = xsm_resource_setup_pci((pdev->seg << 16) | (pdev->bus << 8) | pdev->devfn);
+ ret = xsm_resource_setup_pci(XSM_PRIV, (pdev->seg << 16) | (pdev->bus << 8) | pdev->devfn);
if ( ret )
return ret;
goto free_domain;
}
- ret = xsm_unmap_domain_pirq(d, domain_pirq_to_irq(d, pirq));
+ ret = xsm_unmap_domain_pirq(XSM_TARGET, d, domain_pirq_to_irq(d, pirq));
if ( ret )
goto free_domain;
ret = -EFAULT;
if ( copy_from_guest(&apic, arg, 1) != 0 )
break;
- ret = xsm_apic(v->domain, cmd);
+ ret = xsm_apic(XSM_PRIV, v->domain, cmd);
if ( ret )
break;
ret = ioapic_guest_read(apic.apic_physbase, apic.reg, &apic.value);
ret = -EFAULT;
if ( copy_from_guest(&apic, arg, 1) != 0 )
break;
- ret = xsm_apic(v->domain, cmd);
+ ret = xsm_apic(XSM_PRIV, v->domain, cmd);
if ( ret )
break;
ret = ioapic_guest_write(apic.apic_physbase, apic.reg, apic.value);
/* Use the APIC check since this dummy hypercall should still only
* be called by the domain with access to program the ioapic */
- ret = xsm_apic(v->domain, cmd);
+ ret = xsm_apic(XSM_PRIV, v->domain, cmd);
if ( ret )
break;
case PHYSDEVOP_pci_mmcfg_reserved: {
struct physdev_pci_mmcfg_reserved info;
- ret = xsm_resource_setup_misc();
+ ret = xsm_resource_setup_misc(XSM_PRIV);
if ( ret )
break;
if ( setup_gsi.gsi < 0 || setup_gsi.gsi >= nr_irqs_gsi )
break;
- ret = xsm_resource_setup_gsi(setup_gsi.gsi);
+ ret = xsm_resource_setup_gsi(XSM_PRIV, setup_gsi.gsi);
if ( ret )
break;
if ( op->interface_version != XENPF_INTERFACE_VERSION )
return -EACCES;
- ret = xsm_platform_op(op->cmd);
+ ret = xsm_platform_op(XSM_PRIV, op->cmd);
if ( ret )
return ret;
{
int cpu = op->u.cpu_ol.cpuid;
- ret = xsm_resource_plug_core();
+ ret = xsm_resource_plug_core(XSM_HOOK);
if ( ret )
break;
{
int cpu = op->u.cpu_ol.cpuid;
- ret = xsm_resource_unplug_core();
+ ret = xsm_resource_unplug_core(XSM_HOOK);
if ( ret )
break;
break;
case XENPF_cpu_hotadd:
- ret = xsm_resource_plug_core();
+ ret = xsm_resource_plug_core(XSM_HOOK);
if ( ret )
break;
break;
case XENPF_mem_hotadd:
- ret = xsm_resource_plug_core();
+ ret = xsm_resource_plug_core(XSM_HOOK);
if ( ret )
break;
switch ( sysctl->u.cpu_hotplug.op )
{
case XEN_SYSCTL_CPU_HOTPLUG_ONLINE:
- ret = xsm_resource_plug_core();
+ ret = xsm_resource_plug_core(XSM_HOOK);
if ( ret )
break;
ret = continue_hypercall_on_cpu(
0, cpu_up_helper, (void *)(unsigned long)cpu);
break;
case XEN_SYSCTL_CPU_HOTPLUG_OFFLINE:
- ret = xsm_resource_unplug_core();
+ ret = xsm_resource_unplug_core(XSM_HOOK);
if ( ret )
break;
ret = continue_hypercall_on_cpu(
start |= (d->arch.pci_cf8 >> 16) & 0xF00;
}
end = start + size - 1;
- if (xsm_pci_config_permission(d, machine_bdf, start, end, write))
+ if (xsm_pci_config_permission(XSM_HOOK, d, machine_bdf, start, end, write))
return 0;
return 1;
}
if ( !is_idle_domain(d) )
{
- if ( (err = xsm_domain_create(d, ssidref)) != 0 )
+ if ( (err = xsm_domain_create(XSM_HOOK, d, ssidref)) != 0 )
goto fail;
d->is_paused_by_controller = 1;
return -ESRCH;
}
- ret = xsm_domctl(d, op->cmd);
+ ret = xsm_domctl(XSM_OTHER, d, op->cmd);
if ( ret )
goto domctl_out_unlock_domonly;
break;
}
- ret = xsm_getdomaininfo(d);
+ ret = xsm_getdomaininfo(XSM_HOOK, d);
if ( ret )
goto getdomaininfo_out;
if ( pirq >= d->nr_pirqs )
ret = -EINVAL;
- else if ( xsm_irq_permission(d, pirq, allow) )
+ else if ( xsm_irq_permission(XSM_HOOK, d, pirq, allow) )
ret = -EPERM;
else if ( allow )
ret = irq_permit_access(d, pirq);
if ( (mfn + nr_mfns - 1) < mfn ) /* wrap? */
break;
- if ( xsm_iomem_permission(d, mfn, mfn + nr_mfns - 1, allow) )
+ if ( xsm_iomem_permission(XSM_HOOK, d, mfn, mfn + nr_mfns - 1, allow) )
ret = -EPERM;
else if ( allow )
ret = iomem_permit_access(d, mfn, mfn + nr_mfns - 1);
break;
}
- ret = xsm_set_target(d, e);
+ ret = xsm_set_target(XSM_HOOK, d, e);
if ( ret ) {
put_domain(e);
break;
ERROR_EXIT_DOM(port, d);
chn = evtchn_from_port(d, port);
- rc = xsm_evtchn_unbound(d, chn, alloc->remote_dom);
+ rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, alloc->remote_dom);
if ( rc )
goto out;
(rchn->u.unbound.remote_domid != ld->domain_id) )
ERROR_EXIT_DOM(-EINVAL, rd);
- rc = xsm_evtchn_interdomain(ld, lchn, rd, rchn);
+ rc = xsm_evtchn_interdomain(XSM_HOOK, ld, lchn, rd, rchn);
if ( rc )
goto out;
return -EINVAL;
}
- ret = xsm_evtchn_send(ld, lchn);
+ ret = xsm_evtchn_send(XSM_HOOK, ld, lchn);
if ( ret )
goto out;
chn = evtchn_from_port(d, port);
- rc = xsm_evtchn_status(d, chn);
+ rc = xsm_evtchn_status(XSM_TARGET, d, chn);
if ( rc )
goto out;
if ( d == NULL )
return -ESRCH;
- rc = xsm_evtchn_reset(current->domain, d);
+ rc = xsm_evtchn_reset(XSM_TARGET, current->domain, d);
if ( rc )
goto out;
goto out;
chn = evtchn_from_port(d, port);
- rc = xsm_evtchn_unbound(d, chn, remote_domid);
+ rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, remote_domid);
chn->state = ECS_UNBOUND;
chn->xen_consumer = get_xen_consumer(notification_fn);
return;
}
- rc = xsm_grant_mapref(ld, rd, op->flags);
+ rc = xsm_grant_mapref(XSM_HOOK, ld, rd, op->flags);
if ( rc )
{
rcu_unlock_domain(rd);
return;
}
- rc = xsm_grant_unmapref(ld, rd);
+ rc = xsm_grant_unmapref(XSM_HOOK, ld, rd);
if ( rc )
{
rcu_unlock_domain(rd);
goto out2;
}
- if ( xsm_grant_setup(current->domain, d) )
+ if ( xsm_grant_setup(XSM_TARGET, current->domain, d) )
{
op.status = GNTST_permission_denied;
goto out2;
goto query_out;
}
- rc = xsm_grant_query_size(current->domain, d);
+ rc = xsm_grant_query_size(XSM_TARGET, current->domain, d);
if ( rc )
{
op.status = GNTST_permission_denied;
goto copyback;
}
- if ( xsm_grant_transfer(d, e) )
+ if ( xsm_grant_transfer(XSM_HOOK, d, e) )
{
put_gfn(d, gop.mfn);
gop.status = GNTST_permission_denied;
PIN_FAIL(error_out, GNTST_bad_domain,
"couldn't find %d\n", op->dest.domid);
- rc = xsm_grant_copy(sd, dd);
+ rc = xsm_grant_copy(XSM_HOOK, sd, dd);
if ( rc )
{
rc = GNTST_permission_denied;
op.status = GNTST_bad_domain;
goto out1;
}
- rc = xsm_grant_setup(current->domain, d);
+ rc = xsm_grant_setup(XSM_TARGET, current->domain, d);
if ( rc ) {
op.status = GNTST_permission_denied;
goto out1;
if ( d == NULL )
return -ESRCH;
- rc = xsm_grant_query_size(current->domain, d);
+ rc = xsm_grant_query_size(XSM_TARGET, current->domain, d);
if ( rc )
{
rcu_unlock_domain(d);
unsigned long flags;
int ret = -EINVAL;
- ret = xsm_kexec();
+ ret = xsm_kexec(XSM_PRIV);
if ( ret )
return ret;
goto fail_early;
}
- rc = xsm_memory_exchange(d);
+ rc = xsm_memory_exchange(XSM_TARGET, d);
if ( rc )
{
rcu_unlock_domain(d);
return start_extent;
args.domain = d;
- rc = xsm_memory_adjust_reservation(current->domain, d);
+ rc = xsm_memory_adjust_reservation(XSM_TARGET, current->domain, d);
if ( rc )
{
rcu_unlock_domain(d);
if ( d == NULL )
return -ESRCH;
- rc = xsm_memory_stat_reservation(current->domain, d);
+ rc = xsm_memory_stat_reservation(XSM_TARGET, current->domain, d);
if ( rc )
{
rcu_unlock_domain(d);
if ( d == NULL )
return -ESRCH;
- if ( xsm_remove_from_physmap(current->domain, d) )
+ if ( xsm_remove_from_physmap(XSM_TARGET, current->domain, d) )
{
rcu_unlock_domain(d);
return -EPERM;
if ( d == NULL )
break;
- ret = xsm_schedop_shutdown(current->domain, d);
+ ret = xsm_schedop_shutdown(XSM_DM_PRIV, current->domain, d);
if ( ret )
{
rcu_unlock_domain(d);
if ( op->interface_version != XEN_SYSCTL_INTERFACE_VERSION )
return -EACCES;
- ret = xsm_sysctl(op->cmd);
+ ret = xsm_sysctl(XSM_PRIV, op->cmd);
if ( ret )
return ret;
switch ( op->cmd )
{
case XEN_SYSCTL_readconsole:
- ret = xsm_readconsole(op->u.readconsole.clear);
+ ret = xsm_readconsole(XSM_HOOK, op->u.readconsole.clear);
if ( ret )
break;
if ( num_domains == op->u.getdomaininfolist.max_domains )
break;
- ret = xsm_getdomaininfo(d);
+ ret = xsm_getdomaininfo(XSM_HOOK, d);
if ( ret )
continue;
uint32_t *status, *ptr;
unsigned long pfn;
- ret = xsm_page_offline(op->u.page_offline.cmd);
+ ret = xsm_page_offline(XSM_HOOK, op->u.page_offline.cmd);
if ( ret )
break;
return -EPERM;
}
- ret = xsm_profile(current->domain, op);
+ ret = xsm_profile(XSM_HOOK, current->domain, op);
if ( ret )
return ret;
long rc;
unsigned int idx, len;
- rc = xsm_console_io(current->domain, cmd);
+ rc = xsm_console_io(XSM_OTHER, current->domain, cmd);
if ( rc )
return rc;
((pdev->bus == bus) && (pdev->devfn == devfn)) )
continue;
- if ( xsm_get_device_group((seg << 16) | (pdev->bus << 8) | pdev->devfn) )
+ if ( xsm_get_device_group(XSM_HOOK, (seg << 16) | (pdev->bus << 8) | pdev->devfn) )
continue;
sdev_id = ops->get_device_group_id(seg, pdev->bus, pdev->devfn);
u32 max_sdevs;
XEN_GUEST_HANDLE_64(uint32) sdevs;
- ret = xsm_get_device_group(domctl->u.get_device_group.machine_sbdf);
+ ret = xsm_get_device_group(XSM_HOOK, domctl->u.get_device_group.machine_sbdf);
if ( ret )
break;
break;
case XEN_DOMCTL_test_assign_device:
- ret = xsm_test_assign_device(domctl->u.assign_device.machine_sbdf);
+ ret = xsm_test_assign_device(XSM_HOOK, domctl->u.assign_device.machine_sbdf);
if ( ret )
break;
break;
}
- ret = xsm_assign_device(d, domctl->u.assign_device.machine_sbdf);
+ ret = xsm_assign_device(XSM_HOOK, d, domctl->u.assign_device.machine_sbdf);
if ( ret )
break;
break;
case XEN_DOMCTL_deassign_device:
- ret = xsm_deassign_device(d, domctl->u.assign_device.machine_sbdf);
+ ret = xsm_deassign_device(XSM_HOOK, d, domctl->u.assign_device.machine_sbdf);
if ( ret )
break;
pdev_type = "device";
}
- ret = xsm_resource_plug_pci((seg << 16) | (bus << 8) | devfn);
+ ret = xsm_resource_plug_pci(XSM_PRIV, (seg << 16) | (bus << 8) | devfn);
if ( ret )
return ret;
struct pci_dev *pdev;
int ret;
- ret = xsm_resource_unplug_pci((seg << 16) | (bus << 8) | devfn);
+ ret = xsm_resource_unplug_pci(XSM_PRIV, (seg << 16) | (bus << 8) | devfn);
if ( ret )
return ret;
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2,
* as published by the Free Software Foundation.
+ *
+ *
+ * Each XSM hook implementing an access check should have its first parameter
+ * preceded by XSM_DEFAULT_ARG (or use XSM_DEFAULT_VOID if it has no
+ * arguments). The first non-declaration statement shold be XSM_ASSERT_ACTION
+ * with the expected type of the hook, which will either define or check the
+ * value of action.
*/
#include <xen/sched.h>
#include <xsm/xsm.h>
+/* Cannot use BUILD_BUG_ON here because the expressions we check are not
+ * considered constant at compile time. Instead, rely on constant propagation to
+ * inline out the calls to this invalid function, which will cause linker errors
+ * if references remain at link time.
+ */
+#define LINKER_BUG_ON(x) do { if (x) __xsm_action_mismatch_detected(); } while (0)
+/* DO NOT implement this function; it is supposed to trigger link errors */
+void __xsm_action_mismatch_detected(void);
+
+#ifdef XSM_ENABLE
+
+/* In XSM_ENABLE builds, this header file is included from xsm/dummy.c, and
+ * contains static (not inline) functions compiled to the dummy XSM module.
+ * There is no xsm_default_t argument available, so the value from the assertion
+ * is used to initialize the variable.
+ */
+#define XSM_INLINE /* */
+#define XSM_DEFAULT_ARG /* */
+#define XSM_DEFAULT_VOID void
+#define XSM_ASSERT_ACTION(def) xsm_default_t action = def; (void)action
+
+#else /* XSM_ENABLE */
+
+/* In !XSM_ENABLE builds, this header file is included from xsm/xsm.h, and
+ * contains inline functions for each XSM hook. These functions also perform
+ * compile-time checks on the xsm_default_t argument to ensure that the behavior
+ * of the dummy XSM module is the same as the behavior with XSM disabled.
+ */
+#define XSM_INLINE inline
+#define XSM_DEFAULT_ARG xsm_default_t action,
+#define XSM_DEFAULT_VOID xsm_default_t action
+#define XSM_ASSERT_ACTION(def) LINKER_BUG_ON(def != action)
+
+#endif /* XSM_ENABLE */
+
+static inline int xsm_default_action(xsm_default_t action, struct domain *src,
+ struct domain *target)
+{
+ switch ( action ) {
+ case XSM_HOOK:
+ return 0;
+ case XSM_DM_PRIV:
+ if ( !IS_PRIV_FOR(src, target) )
+ return -EPERM;
+ return 0;
+ case XSM_TARGET:
+ if ( src != target && !IS_PRIV_FOR(src, target) )
+ return -EPERM;
+ return 0;
+ case XSM_PRIV:
+ if ( !IS_PRIV(src) )
+ return -EPERM;
+ return 0;
+ default:
+ LINKER_BUG_ON(1);
+ return -EPERM;
+ }
+}
+
static XSM_INLINE void xsm_security_domaininfo(struct domain *d,
struct xen_domctl_getdomaininfo *info)
{
return;
}
-static XSM_INLINE int xsm_domain_create(struct domain *d, u32 ssidref)
+static XSM_INLINE int xsm_domain_create(XSM_DEFAULT_ARG struct domain *d, u32 ssidref)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_getdomaininfo(struct domain *d)
+static XSM_INLINE int xsm_getdomaininfo(XSM_DEFAULT_ARG struct domain *d)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_set_target(struct domain *d, struct domain *e)
+static XSM_INLINE int xsm_set_target(XSM_DEFAULT_ARG struct domain *d, struct domain *e)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_domctl(struct domain *d, int cmd)
+static XSM_INLINE int xsm_domctl(XSM_DEFAULT_ARG struct domain *d, int cmd)
{
+ XSM_ASSERT_ACTION(XSM_OTHER);
switch ( cmd )
{
case XEN_DOMCTL_ioport_mapping:
case XEN_DOMCTL_memory_mapping:
case XEN_DOMCTL_bind_pt_irq:
- case XEN_DOMCTL_unbind_pt_irq: {
- if ( !IS_PRIV_FOR(current->domain, d) )
- return -EPERM;
- break;
- }
+ case XEN_DOMCTL_unbind_pt_irq:
+ return xsm_default_action(XSM_DM_PRIV, current->domain, d);
default:
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
+ return xsm_default_action(XSM_PRIV, current->domain, d);
}
- return 0;
}
-static XSM_INLINE int xsm_sysctl(int cmd)
+static XSM_INLINE int xsm_sysctl(XSM_DEFAULT_ARG int cmd)
{
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_readconsole(uint32_t clear)
+static XSM_INLINE int xsm_readconsole(XSM_DEFAULT_ARG uint32_t clear)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_do_mca(void)
+static XSM_INLINE int xsm_do_mca(XSM_DEFAULT_VOID)
{
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, NULL);
}
static XSM_INLINE int xsm_alloc_security_domain(struct domain *d)
return;
}
-static XSM_INLINE int xsm_grant_mapref(struct domain *d1, struct domain *d2,
+static XSM_INLINE int xsm_grant_mapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2,
uint32_t flags)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, d1, d2);
}
-static XSM_INLINE int xsm_grant_unmapref(struct domain *d1, struct domain *d2)
+static XSM_INLINE int xsm_grant_unmapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, d1, d2);
}
-static XSM_INLINE int xsm_grant_setup(struct domain *d1, struct domain *d2)
+static XSM_INLINE int xsm_grant_setup(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
{
- if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, d1, d2);
}
-static XSM_INLINE int xsm_grant_transfer(struct domain *d1, struct domain *d2)
+static XSM_INLINE int xsm_grant_transfer(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, d1, d2);
}
-static XSM_INLINE int xsm_grant_copy(struct domain *d1, struct domain *d2)
+static XSM_INLINE int xsm_grant_copy(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, d1, d2);
}
-static XSM_INLINE int xsm_grant_query_size(struct domain *d1, struct domain *d2)
+static XSM_INLINE int xsm_grant_query_size(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
{
- if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, d1, d2);
}
-static XSM_INLINE int xsm_memory_exchange(struct domain *d)
+static XSM_INLINE int xsm_memory_exchange(XSM_DEFAULT_ARG struct domain *d)
{
- if ( d != current->domain && !IS_PRIV_FOR(current->domain, d) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_memory_adjust_reservation(struct domain *d1,
+static XSM_INLINE int xsm_memory_adjust_reservation(XSM_DEFAULT_ARG struct domain *d1,
struct domain *d2)
{
- if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, d1, d2);
}
-static XSM_INLINE int xsm_memory_stat_reservation(struct domain *d1, struct domain *d2)
+static XSM_INLINE int xsm_memory_stat_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
{
- if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, d1, d2);
}
-static XSM_INLINE int xsm_console_io(struct domain *d, int cmd)
+static XSM_INLINE int xsm_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd)
{
-#ifndef VERBOSE
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
+ XSM_ASSERT_ACTION(XSM_OTHER);
+#ifdef VERBOSE
+ return xsm_default_action(XSM_HOOK, current->domain, NULL);
+#else
+ return xsm_default_action(XSM_PRIV, current->domain, NULL);
#endif
- return 0;
}
-static XSM_INLINE int xsm_profile(struct domain *d, int op)
+static XSM_INLINE int xsm_profile(XSM_DEFAULT_ARG struct domain *d, int op)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_kexec(void)
+static XSM_INLINE int xsm_kexec(XSM_DEFAULT_VOID)
{
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_schedop_shutdown(struct domain *d1, struct domain *d2)
+static XSM_INLINE int xsm_schedop_shutdown(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
{
- if ( !IS_PRIV_FOR(d1, d2) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_DM_PRIV);
+ return xsm_default_action(action, d1, d2);
}
-static XSM_INLINE int xsm_memory_pin_page(struct domain *d1, struct domain *d2,
+static XSM_INLINE int xsm_memory_pin_page(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2,
struct page_info *page)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, d1, d2);
}
-static XSM_INLINE int xsm_evtchn_unbound(struct domain *d, struct evtchn *chn,
+static XSM_INLINE int xsm_evtchn_unbound(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn,
domid_t id2)
{
- if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_evtchn_interdomain(struct domain *d1, struct evtchn
+static XSM_INLINE int xsm_evtchn_interdomain(XSM_DEFAULT_ARG struct domain *d1, struct evtchn
*chan1, struct domain *d2, struct evtchn *chan2)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, d1, d2);
}
static XSM_INLINE void xsm_evtchn_close_post(struct evtchn *chn)
return;
}
-static XSM_INLINE int xsm_evtchn_send(struct domain *d, struct evtchn *chn)
+static XSM_INLINE int xsm_evtchn_send(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_evtchn_status(struct domain *d, struct evtchn *chn)
+static XSM_INLINE int xsm_evtchn_status(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn)
{
- if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_evtchn_reset(struct domain *d1, struct domain *d2)
+static XSM_INLINE int xsm_evtchn_reset(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
{
- if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, d1, d2);
}
static XSM_INLINE int xsm_alloc_security_evtchn(struct evtchn *chn)
return NULL;
}
-static XSM_INLINE int xsm_get_pod_target(struct domain *d)
+static XSM_INLINE int xsm_get_pod_target(XSM_DEFAULT_ARG struct domain *d)
{
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_set_pod_target(struct domain *d)
+static XSM_INLINE int xsm_set_pod_target(XSM_DEFAULT_ARG struct domain *d)
{
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_get_device_group(uint32_t machine_bdf)
+static XSM_INLINE int xsm_get_device_group(XSM_DEFAULT_ARG uint32_t machine_bdf)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_test_assign_device(uint32_t machine_bdf)
+static XSM_INLINE int xsm_test_assign_device(XSM_DEFAULT_ARG uint32_t machine_bdf)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_assign_device(struct domain *d, uint32_t machine_bdf)
+static XSM_INLINE int xsm_assign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_deassign_device(struct domain *d, uint32_t machine_bdf)
+static XSM_INLINE int xsm_deassign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_resource_plug_core(void)
+static XSM_INLINE int xsm_resource_plug_core(XSM_DEFAULT_VOID)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_resource_unplug_core(void)
+static XSM_INLINE int xsm_resource_unplug_core(XSM_DEFAULT_VOID)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_resource_plug_pci(uint32_t machine_bdf)
+static XSM_INLINE int xsm_resource_plug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf)
{
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_resource_unplug_pci(uint32_t machine_bdf)
+static XSM_INLINE int xsm_resource_unplug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf)
{
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_resource_setup_pci(uint32_t machine_bdf)
+static XSM_INLINE int xsm_resource_setup_pci(XSM_DEFAULT_ARG uint32_t machine_bdf)
{
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_resource_setup_gsi(int gsi)
+static XSM_INLINE int xsm_resource_setup_gsi(XSM_DEFAULT_ARG int gsi)
{
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_resource_setup_misc(void)
+static XSM_INLINE int xsm_resource_setup_misc(XSM_DEFAULT_VOID)
{
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_page_offline(uint32_t cmd)
+static XSM_INLINE int xsm_page_offline(XSM_DEFAULT_ARG uint32_t cmd)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, NULL);
}
static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
return NULL;
}
-static XSM_INLINE int xsm_map_domain_pirq(struct domain *d, int irq, void *data)
+static XSM_INLINE int xsm_map_domain_pirq(XSM_DEFAULT_ARG struct domain *d, int irq, void *data)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_unmap_domain_pirq(struct domain *d, int irq)
+static XSM_INLINE int xsm_unmap_domain_pirq(XSM_DEFAULT_ARG struct domain *d, int irq)
{
- if ( !IS_PRIV_FOR(current->domain, d) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_irq_permission(struct domain *d, int pirq, uint8_t allow)
+static XSM_INLINE int xsm_irq_permission(XSM_DEFAULT_ARG struct domain *d, int pirq, uint8_t allow)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_iomem_permission(struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
+static XSM_INLINE int xsm_iomem_permission(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_iomem_mapping(struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
+static XSM_INLINE int xsm_iomem_mapping(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_pci_config_permission(struct domain *d, uint32_t machine_bdf,
+static XSM_INLINE int xsm_pci_config_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf,
uint16_t start, uint16_t end,
uint8_t access)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
#ifdef CONFIG_X86
-static XSM_INLINE int xsm_shadow_control(struct domain *d, uint32_t op)
+static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_hvm_param(struct domain *d, unsigned long op)
+static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned long op)
{
- if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_hvm_set_pci_intx_level(struct domain *d)
+static XSM_INLINE int xsm_hvm_set_pci_intx_level(XSM_DEFAULT_ARG struct domain *d)
{
- if ( !IS_PRIV_FOR(current->domain, d) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_DM_PRIV);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_hvm_set_isa_irq_level(struct domain *d)
+static XSM_INLINE int xsm_hvm_set_isa_irq_level(XSM_DEFAULT_ARG struct domain *d)
{
- if ( !IS_PRIV_FOR(current->domain, d) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_DM_PRIV);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_hvm_set_pci_link_route(struct domain *d)
+static XSM_INLINE int xsm_hvm_set_pci_link_route(XSM_DEFAULT_ARG struct domain *d)
{
- if ( !IS_PRIV_FOR(current->domain, d) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_DM_PRIV);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_hvm_inject_msi(struct domain *d)
+static XSM_INLINE int xsm_hvm_inject_msi(XSM_DEFAULT_ARG struct domain *d)
{
- if ( !IS_PRIV_FOR(current->domain, d) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_DM_PRIV);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_mem_event_control(struct domain *d, int mode, int op)
+static XSM_INLINE int xsm_mem_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op)
{
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_mem_event_op(struct domain *d, int op)
+static XSM_INLINE int xsm_mem_event_op(XSM_DEFAULT_ARG struct domain *d, int op)
{
- if ( !IS_PRIV_FOR(current->domain, d) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_mem_sharing_op(struct domain *d, struct domain *cd, int op)
+static XSM_INLINE int xsm_mem_sharing_op(XSM_DEFAULT_ARG struct domain *d, struct domain *cd, int op)
{
- if ( !IS_PRIV_FOR(current->domain, cd) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, current->domain, cd);
}
-static XSM_INLINE int xsm_apic(struct domain *d, int cmd)
+static XSM_INLINE int xsm_apic(XSM_DEFAULT_ARG struct domain *d, int cmd)
{
- if ( !IS_PRIV(d) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, d, NULL);
}
-static XSM_INLINE int xsm_platform_op(uint32_t op)
+static XSM_INLINE int xsm_platform_op(XSM_DEFAULT_ARG uint32_t op)
{
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_machine_memory_map(void)
+static XSM_INLINE int xsm_machine_memory_map(XSM_DEFAULT_VOID)
{
- if ( !IS_PRIV(current->domain) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, NULL);
}
-static XSM_INLINE int xsm_domain_memory_map(struct domain *d)
+static XSM_INLINE int xsm_domain_memory_map(XSM_DEFAULT_ARG struct domain *d)
{
- if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_mmu_update(struct domain *d, struct domain *t,
+static XSM_INLINE int xsm_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct domain *t,
struct domain *f, uint32_t flags)
{
+ XSM_ASSERT_ACTION(XSM_TARGET);
if ( t && d != t && !IS_PRIV_FOR(d, t) )
return -EPERM;
- if ( d != f && !IS_PRIV_FOR(d, f) )
- return -EPERM;
- return 0;
+ return xsm_default_action(action, d, f);
}
-static XSM_INLINE int xsm_mmuext_op(struct domain *d, struct domain *f)
+static XSM_INLINE int xsm_mmuext_op(XSM_DEFAULT_ARG struct domain *d, struct domain *f)
{
- if ( d != f && !IS_PRIV_FOR(d, f) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, d, f);
}
-static XSM_INLINE int xsm_update_va_mapping(struct domain *d, struct domain *f,
+static XSM_INLINE int xsm_update_va_mapping(XSM_DEFAULT_ARG struct domain *d, struct domain *f,
l1_pgentry_t pte)
{
- if ( d != f && !IS_PRIV_FOR(d, f) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, d, f);
}
-static XSM_INLINE int xsm_add_to_physmap(struct domain *d1, struct domain *d2)
+static XSM_INLINE int xsm_add_to_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
{
- if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, d1, d2);
}
-static XSM_INLINE int xsm_remove_from_physmap(struct domain *d1, struct domain *d2)
+static XSM_INLINE int xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
{
- if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) )
- return -EPERM;
- return 0;
+ XSM_ASSERT_ACTION(XSM_TARGET);
+ return xsm_default_action(action, d1, d2);
}
-static XSM_INLINE int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind)
+static XSM_INLINE int xsm_bind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_unbind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind)
+static XSM_INLINE int xsm_unbind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_ioport_permission(struct domain *d, uint32_t s, uint32_t e, uint8_t allow)
+static XSM_INLINE int xsm_ioport_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_ioport_mapping(struct domain *d, uint32_t s, uint32_t e, uint8_t allow)
+static XSM_INLINE int xsm_ioport_mapping(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow)
{
- return 0;
+ XSM_ASSERT_ACTION(XSM_HOOK);
+ return xsm_default_action(action, current->domain, d);
}
#endif
#define XSM_MAGIC 0x00000000
#endif
+/* These annotations are used by callers and in dummy.h to document the
+ * default actions of XSM hooks. They should be compiled out otherwise.
+ */
+enum xsm_default {
+ XSM_HOOK, /* Guests can normally access the hypercall */
+ XSM_DM_PRIV, /* Device model can perform on its target domain */
+ XSM_TARGET, /* Can perform on self or your target domain */
+ XSM_PRIV, /* Privileged - normally restricted to dom0 */
+ XSM_OTHER /* Something more complex */
+};
+typedef enum xsm_default xsm_default_t;
+
extern char *policy_buffer;
extern u32 policy_size;
xsm_ops->security_domaininfo(d, info);
}
-static inline int xsm_domain_create (struct domain *d, u32 ssidref)
+static inline int xsm_domain_create (xsm_default_t def, struct domain *d, u32 ssidref)
{
return xsm_ops->domain_create(d, ssidref);
}
-static inline int xsm_getdomaininfo (struct domain *d)
+static inline int xsm_getdomaininfo (xsm_default_t def, struct domain *d)
{
return xsm_ops->getdomaininfo(d);
}
-static inline int xsm_set_target (struct domain *d, struct domain *e)
+static inline int xsm_set_target (xsm_default_t def, struct domain *d, struct domain *e)
{
return xsm_ops->set_target(d, e);
}
-static inline int xsm_domctl (struct domain *d, int cmd)
+static inline int xsm_domctl (xsm_default_t def, struct domain *d, int cmd)
{
return xsm_ops->domctl(d, cmd);
}
-static inline int xsm_sysctl (int cmd)
+static inline int xsm_sysctl (xsm_default_t def, int cmd)
{
return xsm_ops->sysctl(cmd);
}
-static inline int xsm_readconsole (uint32_t clear)
+static inline int xsm_readconsole (xsm_default_t def, uint32_t clear)
{
return xsm_ops->readconsole(clear);
}
-static inline int xsm_do_mca(void)
+static inline int xsm_do_mca(xsm_default_t def)
{
return xsm_ops->do_mca();
}
-static inline int xsm_evtchn_unbound (struct domain *d1, struct evtchn *chn,
+static inline int xsm_evtchn_unbound (xsm_default_t def, struct domain *d1, struct evtchn *chn,
domid_t id2)
{
return xsm_ops->evtchn_unbound(d1, chn, id2);
}
-static inline int xsm_evtchn_interdomain (struct domain *d1,
+static inline int xsm_evtchn_interdomain (xsm_default_t def, struct domain *d1,
struct evtchn *chan1, struct domain *d2, struct evtchn *chan2)
{
return xsm_ops->evtchn_interdomain(d1, chan1, d2, chan2);
xsm_ops->evtchn_close_post(chn);
}
-static inline int xsm_evtchn_send (struct domain *d, struct evtchn *chn)
+static inline int xsm_evtchn_send (xsm_default_t def, struct domain *d, struct evtchn *chn)
{
return xsm_ops->evtchn_send(d, chn);
}
-static inline int xsm_evtchn_status (struct domain *d, struct evtchn *chn)
+static inline int xsm_evtchn_status (xsm_default_t def, struct domain *d, struct evtchn *chn)
{
return xsm_ops->evtchn_status(d, chn);
}
-static inline int xsm_evtchn_reset (struct domain *d1, struct domain *d2)
+static inline int xsm_evtchn_reset (xsm_default_t def, struct domain *d1, struct domain *d2)
{
return xsm_ops->evtchn_reset(d1, d2);
}
-static inline int xsm_grant_mapref (struct domain *d1, struct domain *d2,
+static inline int xsm_grant_mapref (xsm_default_t def, struct domain *d1, struct domain *d2,
uint32_t flags)
{
return xsm_ops->grant_mapref(d1, d2, flags);
}
-static inline int xsm_grant_unmapref (struct domain *d1, struct domain *d2)
+static inline int xsm_grant_unmapref (xsm_default_t def, struct domain *d1, struct domain *d2)
{
return xsm_ops->grant_unmapref(d1, d2);
}
-static inline int xsm_grant_setup (struct domain *d1, struct domain *d2)
+static inline int xsm_grant_setup (xsm_default_t def, struct domain *d1, struct domain *d2)
{
return xsm_ops->grant_setup(d1, d2);
}
-static inline int xsm_grant_transfer (struct domain *d1, struct domain *d2)
+static inline int xsm_grant_transfer (xsm_default_t def, struct domain *d1, struct domain *d2)
{
return xsm_ops->grant_transfer(d1, d2);
}
-static inline int xsm_grant_copy (struct domain *d1, struct domain *d2)
+static inline int xsm_grant_copy (xsm_default_t def, struct domain *d1, struct domain *d2)
{
return xsm_ops->grant_copy(d1, d2);
}
-static inline int xsm_grant_query_size (struct domain *d1, struct domain *d2)
+static inline int xsm_grant_query_size (xsm_default_t def, struct domain *d1, struct domain *d2)
{
return xsm_ops->grant_query_size(d1, d2);
}
return xsm_ops->show_security_evtchn(d, chn);
}
-static inline int xsm_get_pod_target (struct domain *d)
+static inline int xsm_get_pod_target (xsm_default_t def, struct domain *d)
{
return xsm_ops->get_pod_target(d);
}
-static inline int xsm_set_pod_target (struct domain *d)
+static inline int xsm_set_pod_target (xsm_default_t def, struct domain *d)
{
return xsm_ops->set_pod_target(d);
}
-static inline int xsm_memory_exchange (struct domain *d)
+static inline int xsm_memory_exchange (xsm_default_t def, struct domain *d)
{
return xsm_ops->memory_exchange(d);
}
-static inline int xsm_memory_adjust_reservation (struct domain *d1, struct
+static inline int xsm_memory_adjust_reservation (xsm_default_t def, struct domain *d1, struct
domain *d2)
{
return xsm_ops->memory_adjust_reservation(d1, d2);
}
-static inline int xsm_memory_stat_reservation (struct domain *d1,
+static inline int xsm_memory_stat_reservation (xsm_default_t def, struct domain *d1,
struct domain *d2)
{
return xsm_ops->memory_stat_reservation(d1, d2);
}
-static inline int xsm_memory_pin_page(struct domain *d1, struct domain *d2,
+static inline int xsm_memory_pin_page(xsm_default_t def, struct domain *d1, struct domain *d2,
struct page_info *page)
{
return xsm_ops->memory_pin_page(d1, d2, page);
}
-static inline int xsm_remove_from_physmap(struct domain *d1, struct domain *d2)
+static inline int xsm_remove_from_physmap(xsm_default_t def, struct domain *d1, struct domain *d2)
{
return xsm_ops->remove_from_physmap(d1, d2);
}
-static inline int xsm_console_io (struct domain *d, int cmd)
+static inline int xsm_console_io (xsm_default_t def, struct domain *d, int cmd)
{
return xsm_ops->console_io(d, cmd);
}
-static inline int xsm_profile (struct domain *d, int op)
+static inline int xsm_profile (xsm_default_t def, struct domain *d, int op)
{
return xsm_ops->profile(d, op);
}
-static inline int xsm_kexec (void)
+static inline int xsm_kexec (xsm_default_t def)
{
return xsm_ops->kexec();
}
-static inline int xsm_schedop_shutdown (struct domain *d1, struct domain *d2)
+static inline int xsm_schedop_shutdown (xsm_default_t def, struct domain *d1, struct domain *d2)
{
return xsm_ops->schedop_shutdown(d1, d2);
}
return xsm_ops->show_irq_sid(irq);
}
-static inline int xsm_map_domain_pirq (struct domain *d, int irq, void *data)
+static inline int xsm_map_domain_pirq (xsm_default_t def, struct domain *d, int irq, void *data)
{
return xsm_ops->map_domain_pirq(d, irq, data);
}
-static inline int xsm_unmap_domain_pirq (struct domain *d, int irq)
+static inline int xsm_unmap_domain_pirq (xsm_default_t def, struct domain *d, int irq)
{
return xsm_ops->unmap_domain_pirq(d, irq);
}
-static inline int xsm_irq_permission (struct domain *d, int pirq, uint8_t allow)
+static inline int xsm_irq_permission (xsm_default_t def, struct domain *d, int pirq, uint8_t allow)
{
return xsm_ops->irq_permission(d, pirq, allow);
}
-static inline int xsm_iomem_permission (struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
+static inline int xsm_iomem_permission (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
{
return xsm_ops->iomem_permission(d, s, e, allow);
}
-static inline int xsm_iomem_mapping (struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
+static inline int xsm_iomem_mapping (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
{
return xsm_ops->iomem_mapping(d, s, e, allow);
}
-static inline int xsm_pci_config_permission (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access)
+static inline int xsm_pci_config_permission (xsm_default_t def, struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access)
{
return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access);
}
-static inline int xsm_get_device_group(uint32_t machine_bdf)
+static inline int xsm_get_device_group(xsm_default_t def, uint32_t machine_bdf)
{
return xsm_ops->get_device_group(machine_bdf);
}
-static inline int xsm_test_assign_device(uint32_t machine_bdf)
+static inline int xsm_test_assign_device(xsm_default_t def, uint32_t machine_bdf)
{
return xsm_ops->test_assign_device(machine_bdf);
}
-static inline int xsm_assign_device(struct domain *d, uint32_t machine_bdf)
+static inline int xsm_assign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf)
{
return xsm_ops->assign_device(d, machine_bdf);
}
-static inline int xsm_deassign_device(struct domain *d, uint32_t machine_bdf)
+static inline int xsm_deassign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf)
{
return xsm_ops->deassign_device(d, machine_bdf);
}
-static inline int xsm_resource_plug_pci (uint32_t machine_bdf)
+static inline int xsm_resource_plug_pci (xsm_default_t def, uint32_t machine_bdf)
{
return xsm_ops->resource_plug_pci(machine_bdf);
}
-static inline int xsm_resource_unplug_pci (uint32_t machine_bdf)
+static inline int xsm_resource_unplug_pci (xsm_default_t def, uint32_t machine_bdf)
{
return xsm_ops->resource_unplug_pci(machine_bdf);
}
-static inline int xsm_resource_plug_core (void)
+static inline int xsm_resource_plug_core (xsm_default_t def)
{
return xsm_ops->resource_plug_core();
}
-static inline int xsm_resource_unplug_core (void)
+static inline int xsm_resource_unplug_core (xsm_default_t def)
{
return xsm_ops->resource_unplug_core();
}
-static inline int xsm_resource_setup_pci (uint32_t machine_bdf)
+static inline int xsm_resource_setup_pci (xsm_default_t def, uint32_t machine_bdf)
{
return xsm_ops->resource_setup_pci(machine_bdf);
}
-static inline int xsm_resource_setup_gsi (int gsi)
+static inline int xsm_resource_setup_gsi (xsm_default_t def, int gsi)
{
return xsm_ops->resource_setup_gsi(gsi);
}
-static inline int xsm_resource_setup_misc (void)
+static inline int xsm_resource_setup_misc (xsm_default_t def)
{
return xsm_ops->resource_setup_misc();
}
-static inline int xsm_page_offline(uint32_t cmd)
+static inline int xsm_page_offline(xsm_default_t def, uint32_t cmd)
{
return xsm_ops->page_offline(cmd);
}
}
#ifdef CONFIG_X86
-static inline int xsm_shadow_control (struct domain *d, uint32_t op)
+static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, uint32_t op)
{
return xsm_ops->shadow_control(d, op);
}
-static inline int xsm_hvm_param (struct domain *d, unsigned long op)
+static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op)
{
return xsm_ops->hvm_param(d, op);
}
-static inline int xsm_hvm_set_pci_intx_level (struct domain *d)
+static inline int xsm_hvm_set_pci_intx_level (xsm_default_t def, struct domain *d)
{
return xsm_ops->hvm_set_pci_intx_level(d);
}
-static inline int xsm_hvm_set_isa_irq_level (struct domain *d)
+static inline int xsm_hvm_set_isa_irq_level (xsm_default_t def, struct domain *d)
{
return xsm_ops->hvm_set_isa_irq_level(d);
}
-static inline int xsm_hvm_set_pci_link_route (struct domain *d)
+static inline int xsm_hvm_set_pci_link_route (xsm_default_t def, struct domain *d)
{
return xsm_ops->hvm_set_pci_link_route(d);
}
-static inline int xsm_hvm_inject_msi (struct domain *d)
+static inline int xsm_hvm_inject_msi (xsm_default_t def, struct domain *d)
{
return xsm_ops->hvm_inject_msi(d);
}
-static inline int xsm_mem_event_control (struct domain *d, int mode, int op)
+static inline int xsm_mem_event_control (xsm_default_t def, struct domain *d, int mode, int op)
{
return xsm_ops->mem_event_control(d, mode, op);
}
-static inline int xsm_mem_event_op (struct domain *d, int op)
+static inline int xsm_mem_event_op (xsm_default_t def, struct domain *d, int op)
{
return xsm_ops->mem_event_op(d, op);
}
-static inline int xsm_mem_sharing_op (struct domain *d, struct domain *cd, int op)
+static inline int xsm_mem_sharing_op (xsm_default_t def, struct domain *d, struct domain *cd, int op)
{
return xsm_ops->mem_sharing_op(d, cd, op);
}
-static inline int xsm_apic (struct domain *d, int cmd)
+static inline int xsm_apic (xsm_default_t def, struct domain *d, int cmd)
{
return xsm_ops->apic(d, cmd);
}
-static inline int xsm_memtype (uint32_t access)
+static inline int xsm_memtype (xsm_default_t def, uint32_t access)
{
return xsm_ops->memtype(access);
}
-static inline int xsm_platform_op (uint32_t op)
+static inline int xsm_platform_op (xsm_default_t def, uint32_t op)
{
return xsm_ops->platform_op(op);
}
-static inline int xsm_machine_memory_map(void)
+static inline int xsm_machine_memory_map(xsm_default_t def)
{
return xsm_ops->machine_memory_map();
}
-static inline int xsm_domain_memory_map(struct domain *d)
+static inline int xsm_domain_memory_map(xsm_default_t def, struct domain *d)
{
return xsm_ops->domain_memory_map(d);
}
-static inline int xsm_mmu_update (struct domain *d, struct domain *t,
+static inline int xsm_mmu_update (xsm_default_t def, struct domain *d, struct domain *t,
struct domain *f, uint32_t flags)
{
return xsm_ops->mmu_update(d, t, f, flags);
}
-static inline int xsm_mmuext_op (struct domain *d, struct domain *f)
+static inline int xsm_mmuext_op (xsm_default_t def, struct domain *d, struct domain *f)
{
return xsm_ops->mmuext_op(d, f);
}
-static inline int xsm_update_va_mapping(struct domain *d, struct domain *f,
+static inline int xsm_update_va_mapping(xsm_default_t def, struct domain *d, struct domain *f,
l1_pgentry_t pte)
{
return xsm_ops->update_va_mapping(d, f, pte);
}
-static inline int xsm_add_to_physmap(struct domain *d1, struct domain *d2)
+static inline int xsm_add_to_physmap(xsm_default_t def, struct domain *d1, struct domain *d2)
{
return xsm_ops->add_to_physmap(d1, d2);
}
-static inline int xsm_bind_pt_irq(struct domain *d,
+static inline int xsm_bind_pt_irq(xsm_default_t def, struct domain *d,
struct xen_domctl_bind_pt_irq *bind)
{
return xsm_ops->bind_pt_irq(d, bind);
}
-static inline int xsm_unbind_pt_irq(struct domain *d,
+static inline int xsm_unbind_pt_irq(xsm_default_t def, struct domain *d,
struct xen_domctl_bind_pt_irq *bind)
{
return xsm_ops->unbind_pt_irq(d, bind);
}
-static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow)
+static inline int xsm_ioport_permission (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow)
{
return xsm_ops->ioport_permission(d, s, e, allow);
}
-static inline int xsm_ioport_mapping (struct domain *d, uint32_t s, uint32_t e, uint8_t allow)
+static inline int xsm_ioport_mapping (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow)
{
return xsm_ops->ioport_mapping(d, s, e, allow);
}
#else /* XSM_ENABLE */
-#define XSM_INLINE inline
#include <xsm/dummy.h>
static inline int xsm_init (unsigned long *module_map,
projects / people / aperard / xen-arm.git / commitdiff