From patchwork Wed Mar 12 16:16:00 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 26147 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-ob0-f200.google.com (mail-ob0-f200.google.com [209.85.214.200]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 09E41203AB for ; Wed, 12 Mar 2014 16:17:52 +0000 (UTC) Received: by mail-ob0-f200.google.com with SMTP id gq1sf39597981obb.7 for ; Wed, 12 Mar 2014 09:17:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:in-reply-to :references:cc:subject:precedence:list-id:list-unsubscribe:list-post :list-help:list-subscribe:mime-version:sender:errors-to :x-original-sender:x-original-authentication-results:mailing-list :list-archive:content-type:content-transfer-encoding; bh=JxRy+uYyRjjJhp/HjzLTqCwN5lhHFGb1v9yEQHiPlX4=; b=VTF5URSf2OgfV5SSzfAZV0+NRGCJfUianltq2X2JQhkdLgbPjWW7kufBOEgYIJ6x+4 o59KFR7SheTX0Dk144c5PuXpHMpumysILq+lle7yZo22IsYTLM/zor/8Am0CtKHbs0H6 atQqYFXeiktKWmTDBFTmwDjI2bHJNcckKEYsiwtru0lSmh26VAbGSAqhPTR2KcDpra+4 DJ9CU+3vM9zeUuavzNnCG4PLSfnQSgDffNpM+fuzdLNWQLSG6Q0vJ/XAOAczWHk2Hk6N 3k2GE0t/TQI7VEoIRCZLKe+5XLXEcjFvG9xxglHxncG/ExIIga0a/I6DZH9XVEEqkjaw 2Qmw== X-Gm-Message-State: ALoCoQk3jxnPOYmjxRbZ+lA94MxUYIiBf3fRpmIKihsMRhL/Qo0Six94a/km22hBrJ8z2/0t8mIF X-Received: by 10.50.114.134 with SMTP id jg6mr12745048igb.2.1394641072436; Wed, 12 Mar 2014 09:17:52 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.140.104.142 with SMTP id a14ls3037755qgf.31.gmail; Wed, 12 Mar 2014 09:17:52 -0700 (PDT) X-Received: by 10.58.247.193 with SMTP id yg1mr173558vec.41.1394641072255; Wed, 12 Mar 2014 09:17:52 -0700 (PDT) Received: from mail-vc0-f175.google.com (mail-vc0-f175.google.com [209.85.220.175]) by mx.google.com with ESMTPS id jl10si5221759veb.15.2014.03.12.09.17.52 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 12 Mar 2014 09:17:52 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.175 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) client-ip=209.85.220.175; Received: by mail-vc0-f175.google.com with SMTP id lh14so8418325vcb.34 for ; Wed, 12 Mar 2014 09:17:52 -0700 (PDT) X-Received: by 10.52.251.199 with SMTP id zm7mr23064878vdc.21.1394641072173; Wed, 12 Mar 2014 09:17:52 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.220.78.9 with SMTP id i9csp301334vck; Wed, 12 Mar 2014 09:17:51 -0700 (PDT) X-Received: by 10.220.114.135 with SMTP id e7mr2213333vcq.23.1394641071857; Wed, 12 Mar 2014 09:17:51 -0700 (PDT) Received: from lists.xen.org (lists.xen.org. [50.57.142.19]) by mx.google.com with ESMTPS id y6si6951367veb.139.2014.03.12.09.17.51 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Wed, 12 Mar 2014 09:17:51 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xen.org designates 50.57.142.19 as permitted sender) client-ip=50.57.142.19; Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WNlpX-0007IN-SJ; Wed, 12 Mar 2014 16:16:31 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1WNlpU-0007H3-Vv for xen-devel@lists.xenproject.org; Wed, 12 Mar 2014 16:16:29 +0000 Received: from [85.158.143.35:52403] by server-1.bemta-4.messagelabs.com id 7A/0E-09853-C5880235; Wed, 12 Mar 2014 16:16:28 +0000 X-Env-Sender: julien.grall@linaro.org X-Msg-Ref: server-14.tower-21.messagelabs.com!1394640987!1624684!1 X-Originating-IP: [74.125.82.173] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.11.1; banners=-,-,- X-VirusChecked: Checked Received: (qmail 12639 invoked from network); 12 Mar 2014 16:16:27 -0000 Received: from mail-we0-f173.google.com (HELO mail-we0-f173.google.com) (74.125.82.173) by server-14.tower-21.messagelabs.com with RC4-SHA encrypted SMTP; 12 Mar 2014 16:16:27 -0000 Received: by mail-we0-f173.google.com with SMTP id w61so11577018wes.32 for ; Wed, 12 Mar 2014 09:16:27 -0700 (PDT) X-Received: by 10.180.106.40 with SMTP id gr8mr8354023wib.31.1394640987032; Wed, 12 Mar 2014 09:16:27 -0700 (PDT) Received: from belegaer.uk.xensource.com. ([185.25.64.249]) by mx.google.com with ESMTPSA id dk9sm70840335wjb.4.2014.03.12.09.16.24 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 12 Mar 2014 09:16:24 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Wed, 12 Mar 2014 16:16:00 +0000 Message-Id: <1394640969-25583-6-git-send-email-julien.grall@linaro.org> X-Mailer: git-send-email 1.7.10.4 In-Reply-To: <1394640969-25583-1-git-send-email-julien.grall@linaro.org> References: <1394640969-25583-1-git-send-email-julien.grall@linaro.org> Cc: stefano.stabellini@citrix.com, Daniel De Graaf , Julien Grall , tim@xen.org, ian.campbell@citrix.com Subject: [Xen-devel] [RFC 05/14] xen/xsm: xsm functions for PCI passthrough is not x86 specific X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Post: , List-Help: , List-Subscribe: , MIME-Version: 1.0 Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: julien.grall@linaro.org X-Original-Authentication-Results: mx.google.com; spf=neutral (google.com: 209.85.220.175 is neither permitted nor denied by best guess record for domain of patch+caf_=patchwork-forward=linaro.org@linaro.org) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 List-Archive: Protect xsm functions for PCI passthrough by HAS_PASSTHROUGH && HAS_PCI Signed-off-by: Julien Grall Cc: Daniel De Graaf Acked-by: Daniel De Graaf Acked-by: Ian Campbell --- xen/include/xsm/dummy.h | 3 + xen/include/xsm/xsm.h | 4 ++ xen/xsm/dummy.c | 2 + xen/xsm/flask/hooks.c | 143 +++++++++++++++++++++++++---------------------- 4 files changed, 84 insertions(+), 68 deletions(-) diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index 3bcd941..76f9280 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -317,6 +317,7 @@ static XSM_INLINE int xsm_set_pod_target(XSM_DEFAULT_ARG struct domain *d) return xsm_default_action(action, current->domain, d); } +#if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) static XSM_INLINE int xsm_get_device_group(XSM_DEFAULT_ARG uint32_t machine_bdf) { XSM_ASSERT_ACTION(XSM_HOOK); @@ -341,6 +342,8 @@ static XSM_INLINE int xsm_deassign_device(XSM_DEFAULT_ARG struct domain *d, uint return xsm_default_action(action, current->domain, d); } +#endif /* HAS_PASSTHROUGH && HAS_PCI */ + static XSM_INLINE int xsm_resource_plug_core(XSM_DEFAULT_VOID) { XSM_ASSERT_ACTION(XSM_HOOK); diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index de9cf86..11218b6 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -111,10 +111,12 @@ struct xsm_operations { int (*iomem_mapping) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow); int (*pci_config_permission) (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access); +#if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) int (*get_device_group) (uint32_t machine_bdf); int (*test_assign_device) (uint32_t machine_bdf); int (*assign_device) (struct domain *d, uint32_t machine_bdf); int (*deassign_device) (struct domain *d, uint32_t machine_bdf); +#endif int (*resource_plug_core) (void); int (*resource_unplug_core) (void); @@ -427,6 +429,7 @@ static inline int xsm_pci_config_permission (xsm_default_t def, struct domain *d return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access); } +#if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) static inline int xsm_get_device_group(xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->get_device_group(machine_bdf); @@ -446,6 +449,7 @@ static inline int xsm_deassign_device(xsm_default_t def, struct domain *d, uint3 { return xsm_ops->deassign_device(d, machine_bdf); } +#endif /* HAS_PASSTHROUGH && HAS_PCI) */ static inline int xsm_resource_plug_pci (xsm_default_t def, uint32_t machine_bdf) { diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c index 3fe4c59..627edcc 100644 --- a/xen/xsm/dummy.c +++ b/xen/xsm/dummy.c @@ -85,10 +85,12 @@ void xsm_fixup_ops (struct xsm_operations *ops) set_to_dummy_if_null(ops, iomem_mapping); set_to_dummy_if_null(ops, pci_config_permission); +#if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) set_to_dummy_if_null(ops, get_device_group); set_to_dummy_if_null(ops, test_assign_device); set_to_dummy_if_null(ops, assign_device); set_to_dummy_if_null(ops, deassign_device); +#endif set_to_dummy_if_null(ops, resource_plug_core); set_to_dummy_if_null(ops, resource_unplug_core); diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index 96276ac..7329f31 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1102,6 +1102,72 @@ static int flask_hvm_param_nested(struct domain *d) return current_has_perm(d, SECCLASS_HVM, HVM__NESTED); } +#if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) +static int flask_get_device_group(uint32_t machine_bdf) +{ + u32 rsid; + int rc = -EPERM; + + rc = security_device_sid(machine_bdf, &rsid); + if ( rc ) + return rc; + + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); +} + +static int flask_test_assign_device(uint32_t machine_bdf) +{ + u32 rsid; + int rc = -EPERM; + + rc = security_device_sid(machine_bdf, &rsid); + if ( rc ) + return rc; + + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); +} + +static int flask_assign_device(struct domain *d, uint32_t machine_bdf) +{ + u32 dsid, rsid; + int rc = -EPERM; + struct avc_audit_data ad; + + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); + if ( rc ) + return rc; + + rc = security_device_sid(machine_bdf, &rsid); + if ( rc ) + return rc; + + AVC_AUDIT_DATA_INIT(&ad, DEV); + ad.device = (unsigned long) machine_bdf; + rc = avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, &ad); + if ( rc ) + return rc; + + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); +} + +static int flask_deassign_device(struct domain *d, uint32_t machine_bdf) +{ + u32 rsid; + int rc = -EPERM; + + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); + if ( rc ) + return rc; + + rc = security_device_sid(machine_bdf, &rsid); + if ( rc ) + return rc; + + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); +} +#endif /* HAS_PASSTHROUGH && HAS_PCI */ + #ifdef CONFIG_X86 static int flask_shadow_control(struct domain *d, uint32_t op) { @@ -1355,70 +1421,6 @@ static int flask_priv_mapping(struct domain *d, struct domain *t) return domain_has_perm(d, t, SECCLASS_MMU, MMU__TARGET_HACK); } -static int flask_get_device_group(uint32_t machine_bdf) -{ - u32 rsid; - int rc = -EPERM; - - rc = security_device_sid(machine_bdf, &rsid); - if ( rc ) - return rc; - - return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); -} - -static int flask_test_assign_device(uint32_t machine_bdf) -{ - u32 rsid; - int rc = -EPERM; - - rc = security_device_sid(machine_bdf, &rsid); - if ( rc ) - return rc; - - return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); -} - -static int flask_assign_device(struct domain *d, uint32_t machine_bdf) -{ - u32 dsid, rsid; - int rc = -EPERM; - struct avc_audit_data ad; - - rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); - if ( rc ) - return rc; - - rc = security_device_sid(machine_bdf, &rsid); - if ( rc ) - return rc; - - AVC_AUDIT_DATA_INIT(&ad, DEV); - ad.device = (unsigned long) machine_bdf; - rc = avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, &ad); - if ( rc ) - return rc; - - dsid = domain_sid(d); - return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); -} - -static int flask_deassign_device(struct domain *d, uint32_t machine_bdf) -{ - u32 rsid; - int rc = -EPERM; - - rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); - if ( rc ) - return rc; - - rc = security_device_sid(machine_bdf, &rsid); - if ( rc ) - return rc; - - return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); -} - static int flask_bind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) { u32 dsid, rsid; @@ -1540,6 +1542,14 @@ static struct xsm_operations flask_ops = { .add_to_physmap = flask_add_to_physmap, .remove_from_physmap = flask_remove_from_physmap, + +#if defined(HAS_PASSTHROUGH) && defined(HAS_PCI) + .get_device_group = flask_get_device_group, + .test_assign_device = flask_test_assign_device, + .assign_device = flask_assign_device, + .deassign_device = flask_deassign_device, +#endif + #ifdef CONFIG_X86 .shadow_control = flask_shadow_control, .hvm_set_pci_intx_level = flask_hvm_set_pci_intx_level, @@ -1557,15 +1567,12 @@ static struct xsm_operations flask_ops = { .mmuext_op = flask_mmuext_op, .update_va_mapping = flask_update_va_mapping, .priv_mapping = flask_priv_mapping, - .get_device_group = flask_get_device_group, - .test_assign_device = flask_test_assign_device, - .assign_device = flask_assign_device, - .deassign_device = flask_deassign_device, .bind_pt_irq = flask_bind_pt_irq, .unbind_pt_irq = flask_unbind_pt_irq, .ioport_permission = flask_ioport_permission, .ioport_mapping = flask_ioport_mapping, #endif + #ifdef CONFIG_ARM .map_gmfn_foreign = flask_map_gmfn_foreign, #endif