@@ -318,6 +318,12 @@ struct domain *domain_create(domid_t domid, unsigned int domcr_flags,
hardware_domain = d;
}
+ if ( domcr_flags & DOMCRF_xs_domain )
+ {
+ d->is_xenstore = 1;
+ d->disable_migrate = 1;
+ }
+
rangeset_domain_initialise(d);
init_status |= INIT_rangeset;
@@ -183,10 +183,11 @@ void getdomaininfo(struct domain *d, struct xen_domctl_getdomaininfo *info)
info->cpu_time = cpu_time;
info->flags = (info->nr_online_vcpus ? flags : 0) |
- ((d->is_dying == DOMDYING_dead) ? XEN_DOMINF_dying : 0) |
- (d->is_shut_down ? XEN_DOMINF_shutdown : 0) |
- (d->controller_pause_count > 0 ? XEN_DOMINF_paused : 0) |
- (d->debugger_attached ? XEN_DOMINF_debugged : 0) |
+ ((d->is_dying == DOMDYING_dead) ? XEN_DOMINF_dying : 0) |
+ (d->is_shut_down ? XEN_DOMINF_shutdown : 0) |
+ (d->controller_pause_count > 0 ? XEN_DOMINF_paused : 0) |
+ (d->debugger_attached ? XEN_DOMINF_debugged : 0) |
+ (d->is_xenstore ? XEN_DOMINF_xs_domain : 0) |
d->shutdown_code << XEN_DOMINF_shutdownshift;
switch ( d->guest_type )
@@ -551,7 +552,8 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
| XEN_DOMCTL_CDF_pvh_guest
| XEN_DOMCTL_CDF_hap
| XEN_DOMCTL_CDF_s3_integrity
- | XEN_DOMCTL_CDF_oos_off)) )
+ | XEN_DOMCTL_CDF_oos_off
+ | XEN_DOMCTL_CDF_xs_domain)) )
break;
dom = op->domain;
@@ -593,6 +595,8 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
domcr_flags |= DOMCRF_s3_integrity;
if ( op->u.createdomain.flags & XEN_DOMCTL_CDF_oos_off )
domcr_flags |= DOMCRF_oos_off;
+ if ( op->u.createdomain.flags & XEN_DOMCTL_CDF_xs_domain )
+ domcr_flags |= DOMCRF_xs_domain;
d = domain_create(dom, domcr_flags, op->u.createdomain.ssidref,
&op->u.createdomain.config);
@@ -63,6 +63,9 @@ struct xen_domctl_createdomain {
/* Is this a PVH guest (as opposed to an HVM or PV guest)? */
#define _XEN_DOMCTL_CDF_pvh_guest 4
#define XEN_DOMCTL_CDF_pvh_guest (1U<<_XEN_DOMCTL_CDF_pvh_guest)
+ /* Is this a xenstore domain? */
+#define _XEN_DOMCTL_CDF_xs_domain 5
+#define XEN_DOMCTL_CDF_xs_domain (1U<<_XEN_DOMCTL_CDF_xs_domain)
uint32_t flags;
struct xen_arch_domainconfig config;
};
@@ -97,6 +100,9 @@ struct xen_domctl_getdomaininfo {
/* domain is PVH */
#define _XEN_DOMINF_pvh_guest 7
#define XEN_DOMINF_pvh_guest (1U<<_XEN_DOMINF_pvh_guest)
+/* domain is a xenstore domain */
+#define _XEN_DOMINF_xs_domain 8
+#define XEN_DOMINF_xs_domain (1U<<_XEN_DOMINF_xs_domain)
/* XEN_DOMINF_shutdown guest-supplied code. */
#define XEN_DOMINF_shutdownmask 255
#define XEN_DOMINF_shutdownshift 16
@@ -374,6 +374,8 @@ struct domain
bool_t auto_node_affinity;
/* Is this guest fully privileged (aka dom0)? */
bool_t is_privileged;
+ /* Is this a xenstore domain (not dom0)? */
+ bool_t is_xenstore;
/* Domain's VCPUs are pinned 1:1 to physical CPUs? */
bool_t is_pinned;
/* Non-migratable and non-restoreable? */
@@ -533,6 +535,9 @@ struct domain *domain_create(domid_t domid, unsigned int domcr_flags,
/* DOMCRF_pvh: Create PV domain in HVM container. */
#define _DOMCRF_pvh 5
#define DOMCRF_pvh (1U<<_DOMCRF_pvh)
+ /* DOMCRF_xs_domain: xenstore domain */
+#define _DOMCRF_xs_domain 6
+#define DOMCRF_xs_domain (1U<<_DOMCRF_xs_domain)
/*
* rcu_lock_domain_by_id() is more efficient than get_domain_by_id().
@@ -71,6 +71,10 @@ static always_inline int xsm_default_action(
if ( src->is_privileged )
return 0;
return -EPERM;
+ case XSM_XS_PRIV:
+ if ( src->is_xenstore || src->is_privileged )
+ return 0;
+ return -EPERM;
default:
LINKER_BUG_ON(1);
return -EPERM;
@@ -123,6 +127,8 @@ static XSM_INLINE int xsm_domctl(XSM_DEFAULT_ARG struct domain *d, int cmd)
case XEN_DOMCTL_bind_pt_irq:
case XEN_DOMCTL_unbind_pt_irq:
return xsm_default_action(XSM_DM_PRIV, current->domain, d);
+ case XEN_DOMCTL_getdomaininfo:
+ return xsm_default_action(XSM_XS_PRIV, current->domain, d);
default:
return xsm_default_action(XSM_PRIV, current->domain, d);
}
@@ -35,6 +35,7 @@ enum xsm_default {
XSM_DM_PRIV, /* Device model can perform on its target domain */
XSM_TARGET, /* Can perform on self or your target domain */
XSM_PRIV, /* Privileged - normally restricted to dom0 */
+ XSM_XS_PRIV, /* Xenstore domain can obtain domain info */
XSM_OTHER /* Something more complex */
};
typedef enum xsm_default xsm_default_t;