From: t_jeang Date: Tue, 6 Jan 2009 12:06:04 +0000 (+0000) Subject: Add a new ioctl to /proc/xen/privcmd which allows HVM operations to be X-Git-Tag: privcmd_domctl X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=da24e492fc3b6cd13d784cc2d41edd8feb6afcb3;p=xenclient%2Fkernel.git Add a new ioctl to /proc/xen/privcmd which allows HVM operations to be performed on restricted domains. --- diff --git a/drivers/xen/privcmd/privcmd.c b/drivers/xen/privcmd/privcmd.c index c190f1da..637571ed 100644 --- a/drivers/xen/privcmd/privcmd.c +++ b/drivers/xen/privcmd/privcmd.c @@ -26,6 +26,7 @@ #include #include #include +#include #include #include #include @@ -327,6 +328,64 @@ static long privcmd_ioctl(struct file *file, } break; + case IOCTL_PRIVCMD_HVMOP: { + privcmd_hvmop_t pht; + + if (copy_from_user(&pht, udata, sizeof(pht))) + return -EFAULT; + + if (fdata->restrict_domid != UNRESTRICTED_DOMID) { + switch (pht.cmd) { + case HVMOP_set_param: + case HVMOP_get_param: + if (pht.u.param.domid != + fdata->restrict_domid) + return -EACCES; + break; + case HVMOP_set_pci_intx_level: + if (pht.u.set_pci_intx_level.domid != + fdata->restrict_domid) + return -EACCES; + break; + case HVMOP_set_isa_irq_level: + if (pht.u.set_isa_irq_level.domid != + fdata->restrict_domid) + return -EACCES; + break; + case HVMOP_set_pci_link_route: + if (pht.u.set_isa_irq_level.domid != + fdata->restrict_domid) + return -EACCES; + break; + case HVMOP_modified_memory: + if (pht.u.modified_memory.domid != + fdata->restrict_domid) + return -EACCES; + break; + case HVMOP_set_mem_type: + if (pht.u.set_mem_type.domid != + fdata->restrict_domid) + return -EACCES; + break; + case HVMOP_track_dirty_vram: + if (pht.u.track_dirty_vram.domid != + fdata->restrict_domid) + return -EACCES; + break; + default: + return -EACCES; + } + } + + ret = HYPERVISOR_hvm_op(pht.cmd, &pht.u); + if (ret >= 0) { + if (copy_to_user(udata, &pht, sizeof(pht))) + ret = -EFAULT; + } + break; + } + break; + default: ret = -EINVAL; break; diff --git a/include/asm-i386/mach-xen/asm/hypercall.h b/include/asm-i386/mach-xen/asm/hypercall.h index 800fa7c1..fd6dd08f 100644 --- a/include/asm-i386/mach-xen/asm/hypercall.h +++ b/include/asm-i386/mach-xen/asm/hypercall.h @@ -381,14 +381,12 @@ HYPERVISOR_nmi_op( } #endif -#ifndef CONFIG_XEN static inline unsigned long __must_check HYPERVISOR_hvm_op( int op, void *arg) { return _hypercall2(unsigned long, hvm_op, op, arg); } -#endif static inline int __must_check HYPERVISOR_callback_op( diff --git a/include/asm-x86_64/mach-xen/asm/hypercall.h b/include/asm-x86_64/mach-xen/asm/hypercall.h index 26ffab35..f671406e 100644 --- a/include/asm-x86_64/mach-xen/asm/hypercall.h +++ b/include/asm-x86_64/mach-xen/asm/hypercall.h @@ -382,14 +382,12 @@ HYPERVISOR_nmi_op( } #endif -#ifndef CONFIG_XEN static inline unsigned long __must_check HYPERVISOR_hvm_op( int op, void *arg) { return _hypercall2(unsigned long, hvm_op, op, arg); } -#endif static inline int __must_check HYPERVISOR_callback_op( diff --git a/include/xen/interface/hvm/hvm_op.h b/include/xen/interface/hvm/hvm_op.h index abed8219..687d87a5 100644 --- a/include/xen/interface/hvm/hvm_op.h +++ b/include/xen/interface/hvm/hvm_op.h @@ -84,9 +84,6 @@ DEFINE_XEN_GUEST_HANDLE(xen_hvm_get_time_t); /* Hint from PV drivers for process destruction. */ #define HVMOP_process_dying 7 -/* Following tools-only interfaces may change in future. */ -#if defined(__XEN__) || defined(__XEN_TOOLS__) - /* Track dirty VRAM. */ #define HVMOP_track_dirty_vram 128 struct xen_hvm_track_dirty_vram { @@ -136,7 +133,4 @@ struct xen_hvm_set_mem_type { typedef struct xen_hvm_set_mem_type xen_hvm_set_mem_type_t; DEFINE_XEN_GUEST_HANDLE(xen_hvm_set_mem_type_t); - -#endif /* defined(__XEN__) || defined(__XEN_TOOLS__) */ - #endif /* __XEN_PUBLIC_HVM_HVM_OP_H__ */ diff --git a/include/xen/public/privcmd.h b/include/xen/public/privcmd.h index 30773e19..20d2e27a 100644 --- a/include/xen/public/privcmd.h +++ b/include/xen/public/privcmd.h @@ -34,6 +34,11 @@ #define __LINUX_PUBLIC_PRIVCMD_H__ #include +#ifdef __KERNEL__ +#include +#else +#include +#endif #ifndef __user #define __user @@ -68,6 +73,19 @@ typedef struct privcmd_restrict_domid { domid_t domid; } privcmd_restrict_domid_t; +typedef struct privcmd_hvmop { + unsigned cmd; + union { + xen_hvm_param_t param; + xen_hvm_set_pci_intx_level_t set_pci_intx_level; + xen_hvm_set_isa_irq_level_t set_isa_irq_level; + xen_hvm_set_pci_link_route_t set_pci_link_route; + xen_hvm_modified_memory_t modified_memory; + xen_hvm_set_mem_type_t set_mem_type; + xen_hvm_track_dirty_vram_t track_dirty_vram; + } u; +} privcmd_hvmop_t; + /* * @cmd: IOCTL_PRIVCMD_HYPERCALL * @arg: &privcmd_hypercall_t @@ -83,5 +101,7 @@ typedef struct privcmd_restrict_domid { _IOC(_IOC_NONE, 'P', 4, sizeof(privcmd_restrict_domid_t)) #define IOCTL_PRIVCMD_DOMCTL \ _IOC(_IOC_NONE, 'P', 5, sizeof(xen_domctl_t)) +#define IOCTL_PRIVCMD_HVMOP \ + _IOC(_IOC_NONE, 'P', 6, sizeof(privcmd_hvmop_t)) #endif /* __LINUX_PUBLIC_PRIVCMD_H__ */