From patchwork Mon Mar 17 14:05:55 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 26362 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-ig0-f199.google.com (mail-ig0-f199.google.com [209.85.213.199]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id BDAE9202FA for ; Mon, 17 Mar 2014 14:07:07 +0000 (UTC) Received: by mail-ig0-f199.google.com with SMTP id uy17sf9762495igb.2 for ; Mon, 17 Mar 2014 07:07:07 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:in-reply-to :references:cc:subject:precedence:list-id:list-unsubscribe:list-post :list-help:list-subscribe:mime-version:sender:errors-to :x-original-sender:x-original-authentication-results:mailing-list :list-archive:content-type:content-transfer-encoding; bh=iq3sQDvYqCug2c1zAhiUT50Z2tSZrnREzxlaiA5Edu8=; b=OEsHJck8nnNPCIuIFVTC6HCkv2f6zm2xL4eKbF8pI7fWUN31BPhvxhyz4se7GU9xTT 0+/X7argGILFAx1OKB/YHki+wjSLaem5ywKITkJTlRaeBD5HIXhkWpgPORr1kYppRWFt yeBq85wpnSw/apwVFLDKnN4Sc1yCr6HaBVbFmbL+irfBv1lp1MfNlLpDaiBHIH+wxj1G 0CllKSLQhsq4l4K6oEv2jZmHo0ZTO+DiZqHGdiIgEyU8ahRBTBraxR6cD71LQJ+xqFuL iB5TTI9nwqtkSt+ILu+DWURO93fUjmRUpe0vlO/+Ll80G0dlOPY/Da7a8VT3CPNf9hZP n7WQ== X-Gm-Message-State: ALoCoQmfQY6BeFHrmYqQU4c3k9pA8AdXsc1iemCDj1LwRAVRi+qTXs8QlrfO3hzom1ccaVSQ8Kb9 X-Received: by 10.182.109.200 with SMTP id hu8mr9803405obb.20.1395065227199; Mon, 17 Mar 2014 07:07:07 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.140.41.230 with SMTP id z93ls1640159qgz.93.gmail; Mon, 17 Mar 2014 07:07:07 -0700 (PDT) X-Received: by 10.52.175.166 with SMTP id cb6mr16723991vdc.1.1395065227090; Mon, 17 Mar 2014 07:07:07 -0700 (PDT) Received: from mail-vc0-f174.google.com (mail-vc0-f174.google.com [209.85.220.174]) by mx.google.com with ESMTPS id cm9si2044291vcb.121.2014.03.17.07.07.07 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 17 Mar 2014 07:07:07 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.174 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) client-ip=209.85.220.174; Received: by mail-vc0-f174.google.com with SMTP id ld13so5652934vcb.5 for ; Mon, 17 Mar 2014 07:07:07 -0700 (PDT) X-Received: by 10.52.242.167 with SMTP id wr7mr1193031vdc.32.1395065226957; Mon, 17 Mar 2014 07:07:06 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.220.78.9 with SMTP id i9csp130009vck; Mon, 17 Mar 2014 07:07:06 -0700 (PDT) X-Received: by 10.220.92.135 with SMTP id r7mr20001545vcm.11.1395065226344; Mon, 17 Mar 2014 07:07:06 -0700 (PDT) Received: from lists.xen.org (lists.xen.org. [50.57.142.19]) by mx.google.com with ESMTPS id w5si5281155vcl.66.2014.03.17.07.07.05 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Mon, 17 Mar 2014 07:07:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xen.org designates 50.57.142.19 as permitted sender) client-ip=50.57.142.19; Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WPYBQ-0002G8-Qy; Mon, 17 Mar 2014 14:06:28 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WPYBL-0002Dt-HY for xen-devel@lists.xenproject.org; Mon, 17 Mar 2014 14:06:25 +0000 Received: from [85.158.143.35:56417] by server-2.bemta-4.messagelabs.com id D2/00-06539-E5107235; Mon, 17 Mar 2014 14:06:22 +0000 X-Env-Sender: julien.grall@linaro.org X-Msg-Ref: server-2.tower-21.messagelabs.com!1395065181!2649276!1 X-Originating-IP: [74.125.83.51] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.1; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18412 invoked from network); 17 Mar 2014 14:06:21 -0000 Received: from mail-ee0-f51.google.com (HELO mail-ee0-f51.google.com) (74.125.83.51) by server-2.tower-21.messagelabs.com with RC4-SHA encrypted SMTP; 17 Mar 2014 14:06:21 -0000 Received: by mail-ee0-f51.google.com with SMTP id c13so4169020eek.38 for ; Mon, 17 Mar 2014 07:06:21 -0700 (PDT) X-Received: by 10.15.51.1 with SMTP id m1mr24049561eew.25.1395065181459; Mon, 17 Mar 2014 07:06:21 -0700 (PDT) Received: from belegaer.uk.xensource.com. ([185.25.64.249]) by mx.google.com with ESMTPSA id x3sm39716538eep.17.2014.03.17.07.06.20 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 17 Mar 2014 07:06:20 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Mon, 17 Mar 2014 14:05:55 +0000 Message-Id: <1395065165-15915-6-git-send-email-julien.grall@linaro.org> X-Mailer: git-send-email 1.7.10.4 In-Reply-To: <1395065165-15915-1-git-send-email-julien.grall@linaro.org> References: <1395065165-15915-1-git-send-email-julien.grall@linaro.org> Cc: stefano.stabellini@citrix.com, Julien Grall , tim@xen.org, ian.campbell@citrix.com Subject: [Xen-devel] [PATCH v2 05/15] xen/xsm: xsm functions for PCI passthrough is not x86 specific X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Post: , List-Help: , List-Subscribe: , MIME-Version: 1.0 Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: julien.grall@linaro.org X-Original-Authentication-Results: mx.google.com; spf=neutral (google.com: 209.85.220.174 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 List-Archive: Protect xsm functions for PCI passthrough by HAS_PASSTHROUGH && HAS_PCI Signed-off-by: Julien Grall Acked-by: Daniel De Graaf Acked-by: Ian campbell --- xen/include/xsm/dummy.h | 3 + xen/include/xsm/xsm.h | 4 ++ xen/xsm/dummy.c | 2 + xen/xsm/flask/hooks.c | 143 +++++++++++++++++++++++++---------------------- 4 files changed, 84 insertions(+), 68 deletions(-) diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index 3bcd941..76f9280 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -317,6 +317,7 @@ static XSM_INLINE int xsm_set_pod_target(XSM_DEFAULT_ARG struct domain *d) return xsm_default_action(action, current->domain, d); } +#if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) static XSM_INLINE int xsm_get_device_group(XSM_DEFAULT_ARG uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_HOOK); @@ -341,6 +342,8 @@ static XSM_INLINE int xsm_deassign_device(XSM_DEFAULT_ARG struct domain *d, uint return xsm_default_action(action, current->domain, d); } +#endif /* HAS_PASSTHROUGH && HAS_PCI */ + static XSM_INLINE int xsm_resource_plug_core(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_HOOK); diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index de9cf86..11218b6 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -111,10 +111,12 @@ struct xsm_operations { int (*iomem_mapping) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow); int (*pci_config_permission) (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access); +#if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) int (*get_device_group) (uint32_t machine_bdf); int (*test_assign_device) (uint32_t machine_bdf); int (*assign_device) (struct domain *d, uint32_t machine_bdf); int (*deassign_device) (struct domain *d, uint32_t machine_bdf); +#endif int (*resource_plug_core) (void); int (*resource_unplug_core) (void); @@ -427,6 +429,7 @@ static inline int xsm_pci_config_permission (xsm_default_t def, struct domain *d return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access); } +#if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) static inline int xsm_get_device_group(xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->get_device_group(machine_bdf); @@ -446,6 +449,7 @@ static inline int xsm_deassign_device(xsm_default_t def, struct domain *d, uint3 { return xsm_ops->deassign_device(d, machine_bdf); } +#endif /* HAS_PASSTHROUGH && HAS_PCI) */ static inline int xsm_resource_plug_pci (xsm_default_t def, uint32_t machine_bdf) { diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c index 3fe4c59..627edcc 100644 --- a/xen/xsm/dummy.c +++ b/xen/xsm/dummy.c @@ -85,10 +85,12 @@ void xsm_fixup_ops (struct xsm_operations *ops) set_to_dummy_if_null(ops, iomem_mapping); set_to_dummy_if_null(ops, pci_config_permission); +#if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) set_to_dummy_if_null(ops, get_device_group); set_to_dummy_if_null(ops, test_assign_device); set_to_dummy_if_null(ops, assign_device); set_to_dummy_if_null(ops, deassign_device); +#endif set_to_dummy_if_null(ops, resource_plug_core); set_to_dummy_if_null(ops, resource_unplug_core); diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index 96276ac..7329f31 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1102,6 +1102,72 @@ static int flask_hvm_param_nested(struct domain *d) return current_has_perm(d, SECCLASS_HVM, HVM__NESTED); } +#if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) +static int flask_get_device_group(uint32_t machine_bdf) +{ + u32 rsid; + int rc = -EPERM; + + rc = security_device_sid(machine_bdf, &rsid); + if ( rc ) + return rc; + + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); +} + +static int flask_test_assign_device(uint32_t machine_bdf) +{ + u32 rsid; + int rc = -EPERM; + + rc = security_device_sid(machine_bdf, &rsid); + if ( rc ) + return rc; + + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); +} + +static int flask_assign_device(struct domain *d, uint32_t machine_bdf) +{ + u32 dsid, rsid; + int rc = -EPERM; + struct avc_audit_data ad; + + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); + if ( rc ) + return rc; + + rc = security_device_sid(machine_bdf, &rsid); + if ( rc ) + return rc; + + AVC_AUDIT_DATA_INIT(&ad, DEV); + ad.device = (unsigned long) machine_bdf; + rc = avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, &ad); + if ( rc ) + return rc; + + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); +} + +static int flask_deassign_device(struct domain *d, uint32_t machine_bdf) +{ + u32 rsid; + int rc = -EPERM; + + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); + if ( rc ) + return rc; + + rc = security_device_sid(machine_bdf, &rsid); + if ( rc ) + return rc; + + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); +} +#endif /* HAS_PASSTHROUGH && HAS_PCI */ + #ifdef CONFIG_X86 static int flask_shadow_control(struct domain *d, uint32_t op) { @@ -1355,70 +1421,6 @@ static int flask_priv_mapping(struct domain *d, struct domain *t) return domain_has_perm(d, t, SECCLASS_MMU, MMU__TARGET_HACK); } -static int flask_get_device_group(uint32_t machine_bdf) -{ - u32 rsid; - int rc = -EPERM; - - rc = security_device_sid(machine_bdf, &rsid); - if ( rc ) - return rc; - - return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); -} - -static int flask_test_assign_device(uint32_t machine_bdf) -{ - u32 rsid; - int rc = -EPERM; - - rc = security_device_sid(machine_bdf, &rsid); - if ( rc ) - return rc; - - return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); -} - -static int flask_assign_device(struct domain *d, uint32_t machine_bdf) -{ - u32 dsid, rsid; - int rc = -EPERM; - struct avc_audit_data ad; - - rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); - if ( rc ) - return rc; - - rc = security_device_sid(machine_bdf, &rsid); - if ( rc ) - return rc; - - AVC_AUDIT_DATA_INIT(&ad, DEV); - ad.device = (unsigned long) machine_bdf; - rc = avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, &ad); - if ( rc ) - return rc; - - dsid = domain_sid(d); - return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); -} - -static int flask_deassign_device(struct domain *d, uint32_t machine_bdf) -{ - u32 rsid; - int rc = -EPERM; - - rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); - if ( rc ) - return rc; - - rc = security_device_sid(machine_bdf, &rsid); - if ( rc ) - return rc; - - return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); -} - static int flask_bind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) { u32 dsid, rsid; @@ -1540,6 +1542,14 @@ static struct xsm_operations flask_ops = { .add_to_physmap = flask_add_to_physmap, .remove_from_physmap = flask_remove_from_physmap, + +#if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) + .get_device_group = flask_get_device_group, + .test_assign_device = flask_test_assign_device, + .assign_device = flask_assign_device, + .deassign_device = flask_deassign_device, +#endif + #ifdef CONFIG_X86 .shadow_control = flask_shadow_control, .hvm_set_pci_intx_level = flask_hvm_set_pci_intx_level, @@ -1557,15 +1567,12 @@ static struct xsm_operations flask_ops = { .mmuext_op = flask_mmuext_op, .update_va_mapping = flask_update_va_mapping, .priv_mapping = flask_priv_mapping, - .get_device_group = flask_get_device_group, - .test_assign_device = flask_test_assign_device, - .assign_device = flask_assign_device, - .deassign_device = flask_deassign_device, .bind_pt_irq = flask_bind_pt_irq, .unbind_pt_irq = flask_unbind_pt_irq, .ioport_permission = flask_ioport_permission, .ioport_mapping = flask_ioport_mapping, #endif + #ifdef CONFIG_ARM .map_gmfn_foreign = flask_map_gmfn_foreign, #endif