From patchwork Wed Sep 11 20:05:03 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Andrew Cooper X-Patchwork-Id: 11141843 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 52CA717E6 for ; Wed, 11 Sep 2019 20:07:09 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 22DD520838 for ; Wed, 11 Sep 2019 20:07:09 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=citrix.com header.i=@citrix.com header.b="d9V7Nu+P" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 22DD520838 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i88ru-00034e-Ar; Wed, 11 Sep 2019 20:05:34 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i88rt-000346-5Y for xen-devel@lists.xenproject.org; Wed, 11 Sep 2019 20:05:33 +0000 X-Inumbo-ID: 784cd580-d4cf-11e9-83dd-12813bfff9fa Received: from esa1.hc3370-68.iphmx.com (unknown [216.71.145.142]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 784cd580-d4cf-11e9-83dd-12813bfff9fa; Wed, 11 Sep 2019 20:05:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1568232316; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=GifxMjGTHY9r+VAau+BqTozFP4UmkZ1smS1EjoSb2Gk=; b=d9V7Nu+PqRC5OS7q+sdlsF1x3Tfi7NadfjCP2Gq6axH1xOUMJuk7WsGM FSxF42PBbtYhcp/dKyMYBHECHRXcv6+sJrClcahhK5NidNjx60rk7Oa5t NzadMKAEkktSWwWoNLutgXsFeeU/IbNIcGOEqZsgTN8T4esgdDSKtwoSH Y=; Authentication-Results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@citrix.com; spf=Pass smtp.mailfrom=Andrew.Cooper3@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: None (esa1.hc3370-68.iphmx.com: no sender authenticity information available from domain of andrew.cooper3@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa1.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="andrew.cooper3@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa1.hc3370-68.iphmx.com: domain of Andrew.Cooper3@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa1.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="Andrew.Cooper3@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa1.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa1.hc3370-68.iphmx.com; envelope-from="Andrew.Cooper3@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: QJ3TOWKBR+GY3A4AqH0bXAC9iMRHXNL4CY/sA6REK4lbe+9+XSgoSTMzQI3OPh9WJPCztASYHY zGnJ9fI4ETj2nzHk7Hegtb5pekW7+PZcRYfgfzLSaWutlfKaiMg+1RHakaVJOS0MnPg/8etmr9 oabfvsVI+5bwtsUBbzh5b3FSXyIaxsjBoALRh20RcWWVJ1ACszMF5Dimzc7hrdpqr0Cvy/5H0d CC1dOKA90IFxHfNHb8Nu1BmG9GVObaeOWBgrnQGbcCFtv9MnM2Z6o67LnGvqRm2bm066HXjcnV 5jw= X-SBRS: 2.7 X-MesageID: 5506248 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,494,1559534400"; d="scan'208";a="5506248" From: Andrew Cooper To: Xen-devel Date: Wed, 11 Sep 2019 21:05:03 +0100 Message-ID: <20190911200504.5693-8-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190911200504.5693-1-andrew.cooper3@citrix.com> References: <20190911200504.5693-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Subject: [Xen-devel] [PATCH 7/8] x86/domctl: Drop XEN_DOMCTL_set_cpuid X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Daniel De Graaf , Wei Liu , Jan Beulich , =?utf-8?q?Roger_Pau_Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" With the final users moved over to using XEN_DOMCTL_set_cpumsr_policy, drop this domctl and associated infrastructure. Rename the preexisting set_cpuid XSM vector to set_cpu_policy, now that it is back to having a single user. Signed-off-by: Andrew Cooper Acked-by: Jan Beulich --- CC: Jan Beulich CC: Wei Liu CC: Roger Pau Monné CC: Daniel De Graaf --- tools/flask/policy/modules/dom0.te | 2 +- tools/flask/policy/modules/xen.if | 2 +- xen/arch/x86/domctl.c | 101 ------------------------------------ xen/include/public/domctl.h | 11 +--- xen/xsm/flask/hooks.c | 3 +- xen/xsm/flask/policy/access_vectors | 3 +- 6 files changed, 5 insertions(+), 117 deletions(-) diff --git a/tools/flask/policy/modules/dom0.te b/tools/flask/policy/modules/dom0.te index 9970f9dc08..272f6a4f75 100644 --- a/tools/flask/policy/modules/dom0.te +++ b/tools/flask/policy/modules/dom0.te @@ -38,7 +38,7 @@ allow dom0_t dom0_t:domain { getpodtarget setpodtarget set_misc_info set_virq_handler }; allow dom0_t dom0_t:domain2 { - set_cpuid gettsc settsc setscheduler set_vnumainfo + set_cpu_policy gettsc settsc setscheduler set_vnumainfo get_vnumainfo psr_cmt_op psr_alloc get_cpu_policy }; allow dom0_t dom0_t:resource { add remove }; diff --git a/tools/flask/policy/modules/xen.if b/tools/flask/policy/modules/xen.if index de5fb331bf..8eb2293a52 100644 --- a/tools/flask/policy/modules/xen.if +++ b/tools/flask/policy/modules/xen.if @@ -50,7 +50,7 @@ define(`create_domain_common', ` getdomaininfo hypercall setvcpucontext getscheduler getvcpuinfo getaddrsize getaffinity setaffinity settime setdomainhandle getvcpucontext set_misc_info }; - allow $1 $2:domain2 { set_cpuid settsc setscheduler setclaim + allow $1 $2:domain2 { set_cpu_policy settsc setscheduler setclaim set_vnumainfo get_vnumainfo cacheflush psr_cmt_op psr_alloc soft_reset resource_map get_cpu_policy }; diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c index 99bc2fb10d..ec50a88156 100644 --- a/xen/arch/x86/domctl.c +++ b/xen/arch/x86/domctl.c @@ -206,94 +206,6 @@ static void domain_cpu_policy_changed(struct domain *d) } } -static int update_domain_cpuid_info(struct domain *d, - const struct xen_domctl_cpuid *ctl) -{ - struct cpuid_policy *p = d->arch.cpuid; - const struct cpuid_leaf leaf = { ctl->eax, ctl->ebx, ctl->ecx, ctl->edx }; - - /* - * Skip update for leaves we don't care about, to avoid the overhead of - * recalculate_cpuid_policy(). - */ - switch ( ctl->input[0] ) - { - case 0x00000000 ... ARRAY_SIZE(p->basic.raw) - 1: - if ( ctl->input[0] == 4 && - ctl->input[1] >= ARRAY_SIZE(p->cache.raw) ) - return 0; - - if ( ctl->input[0] == 7 && - ctl->input[1] >= ARRAY_SIZE(p->feat.raw) ) - return 0; - - if ( ctl->input[0] == 0xb && - ctl->input[1] >= ARRAY_SIZE(p->topo.raw) ) - return 0; - - BUILD_BUG_ON(ARRAY_SIZE(p->xstate.raw) < 2); - if ( ctl->input[0] == XSTATE_CPUID && - ctl->input[1] != 1 ) /* Everything else automatically calculated. */ - return 0; - break; - - case 0x40000000: case 0x40000100: - /* Only care about the max_leaf limit. */ - - case 0x80000000 ... 0x80000000 + ARRAY_SIZE(p->extd.raw) - 1: - break; - - default: - return 0; - } - - /* Insert ctl data into cpuid_policy. */ - switch ( ctl->input[0] ) - { - case 0x00000000 ... ARRAY_SIZE(p->basic.raw) - 1: - switch ( ctl->input[0] ) - { - case 4: - p->cache.raw[ctl->input[1]] = leaf; - break; - - case 7: - p->feat.raw[ctl->input[1]] = leaf; - break; - - case 0xb: - p->topo.raw[ctl->input[1]] = leaf; - break; - - case XSTATE_CPUID: - p->xstate.raw[ctl->input[1]] = leaf; - break; - - default: - p->basic.raw[ctl->input[0]] = leaf; - break; - } - break; - - case 0x40000000: - p->hv_limit = ctl->eax; - break; - - case 0x40000100: - p->hv2_limit = ctl->eax; - break; - - case 0x80000000 ... 0x80000000 + ARRAY_SIZE(p->extd.raw) - 1: - p->extd.raw[ctl->input[0] - 0x80000000] = leaf; - break; - } - - recalculate_cpuid_policy(d); - domain_cpu_policy_changed(d); - - return 0; -} - static int update_domain_cpu_policy(struct domain *d, xen_domctl_cpu_policy_t *xdpc) { @@ -951,19 +863,6 @@ long arch_do_domctl( break; } - case XEN_DOMCTL_set_cpuid: - if ( d == currd ) /* no domain_pause() */ - ret = -EINVAL; - else if ( d->creation_finished ) - ret = -EEXIST; /* No changing once the domain is running. */ - else - { - domain_pause(d); - ret = update_domain_cpuid_info(d, &domctl->u.cpuid); - domain_unpause(d); - } - break; - case XEN_DOMCTL_gettscinfo: if ( d == currd ) /* no domain_pause() */ ret = -EINVAL; diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h index 0471d3c680..548b917bdb 100644 --- a/xen/include/public/domctl.h +++ b/xen/include/public/domctl.h @@ -648,14 +648,6 @@ struct xen_domctl_set_target { #if defined(__i386__) || defined(__x86_64__) # define XEN_CPUID_INPUT_UNUSED 0xFFFFFFFF -/* XEN_DOMCTL_set_cpuid */ -struct xen_domctl_cpuid { - uint32_t input[2]; - uint32_t eax; - uint32_t ebx; - uint32_t ecx; - uint32_t edx; -}; /* * XEN_DOMCTL_{get,set}_cpu_policy (x86 specific) @@ -1166,7 +1158,7 @@ struct xen_domctl { #define XEN_DOMCTL_set_target 46 #define XEN_DOMCTL_deassign_device 47 #define XEN_DOMCTL_unbind_pt_irq 48 -#define XEN_DOMCTL_set_cpuid 49 +/* #define XEN_DOMCTL_set_cpuid 49 - Obsolete - use set_cpu_policy */ #define XEN_DOMCTL_get_device_group 50 /* #define XEN_DOMCTL_set_machine_address_size 51 - Obsolete */ /* #define XEN_DOMCTL_get_machine_address_size 52 - Obsolete */ @@ -1243,7 +1235,6 @@ struct xen_domctl { struct xen_domctl_vm_event_op vm_event_op; struct xen_domctl_mem_sharing_op mem_sharing_op; #if defined(__i386__) || defined(__x86_64__) - struct xen_domctl_cpuid cpuid; struct xen_domctl_cpu_policy cpu_policy; struct xen_domctl_vcpuextstate vcpuextstate; struct xen_domctl_vcpu_msrs vcpu_msrs; diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index b23772786a..fd8d23c185 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -716,8 +716,7 @@ static int flask_domctl(struct domain *d, int cmd) return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); case XEN_DOMCTL_set_cpu_policy: - case XEN_DOMCTL_set_cpuid: - return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPUID); + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPU_POLICY); case XEN_DOMCTL_gettscinfo: return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__GETTSC); diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/access_vectors index 6f3f9493f8..c055c14c26 100644 --- a/xen/xsm/flask/policy/access_vectors +++ b/xen/xsm/flask/policy/access_vectors @@ -208,8 +208,7 @@ class domain2 # target = the new target domain set_as_target # XEN_DOMCTL_set_cpu_policy -# XEN_DOMCTL_set_cpuid - set_cpuid + set_cpu_policy # XEN_DOMCTL_gettscinfo gettsc # XEN_DOMCTL_settscinfo