@@ -59,7 +59,7 @@ define(`create_domain_common', `
allow $1 $2:mmu { map_read map_write adjust memorymap physmap pinpage mmuext_op updatemp };
allow $1 $2:grant setup;
allow $1 $2:hvm { getparam hvmctl sethvmc
- setparam nested altp2mhvm altp2mhvm_op dm };
+ setparam altp2mhvm altp2mhvm_op dm };
')
# create_domain(priv, target)
@@ -551,12 +551,6 @@ static XSM_INLINE int xsm_hvm_control(XSM_DEFAULT_ARG struct domain *d, unsigned
return xsm_default_action(action, current->domain, d);
}
-static XSM_INLINE int xsm_hvm_param_nested(XSM_DEFAULT_ARG struct domain *d)
-{
- XSM_ASSERT_ACTION(XSM_PRIV);
- return xsm_default_action(action, current->domain, d);
-}
-
static XSM_INLINE int xsm_hvm_param_altp2mhvm(XSM_DEFAULT_ARG struct domain *d)
{
XSM_ASSERT_ACTION(XSM_PRIV);
@@ -136,7 +136,6 @@ struct xsm_operations {
int (*hvm_param) (struct domain *d, unsigned long op);
int (*hvm_control) (struct domain *d, unsigned long op);
- int (*hvm_param_nested) (struct domain *d);
int (*hvm_param_altp2mhvm) (struct domain *d);
int (*hvm_altp2mhvm_op) (struct domain *d, uint64_t mode, uint32_t op);
int (*get_vnumainfo) (struct domain *d);
@@ -564,11 +563,6 @@ static inline int xsm_hvm_control(xsm_default_t def, struct domain *d, unsigned
return xsm_ops->hvm_control(d, op);
}
-static inline int xsm_hvm_param_nested (xsm_default_t def, struct domain *d)
-{
- return xsm_ops->hvm_param_nested(d);
-}
-
static inline int xsm_hvm_param_altp2mhvm (xsm_default_t def, struct domain *d)
{
return xsm_ops->hvm_param_altp2mhvm(d);
@@ -106,7 +106,6 @@ void __init xsm_fixup_ops (struct xsm_operations *ops)
set_to_dummy_if_null(ops, hypfs_op);
set_to_dummy_if_null(ops, hvm_param);
set_to_dummy_if_null(ops, hvm_control);
- set_to_dummy_if_null(ops, hvm_param_nested);
set_to_dummy_if_null(ops, hvm_param_altp2mhvm);
set_to_dummy_if_null(ops, hvm_altp2mhvm_op);
@@ -1208,11 +1208,6 @@ static int flask_hvm_param(struct domain *d, unsigned long op)
return current_has_perm(d, SECCLASS_HVM, perm);
}
-static int flask_hvm_param_nested(struct domain *d)
-{
- return current_has_perm(d, SECCLASS_HVM, HVM__NESTED);
-}
-
static int flask_hvm_param_altp2mhvm(struct domain *d)
{
return current_has_perm(d, SECCLASS_HVM, HVM__ALTP2MHVM);
@@ -1816,7 +1811,6 @@ static struct xsm_operations flask_ops = {
.hypfs_op = flask_hypfs_op,
.hvm_param = flask_hvm_param,
.hvm_control = flask_hvm_param,
- .hvm_param_nested = flask_hvm_param_nested,
.hvm_param_altp2mhvm = flask_hvm_param_altp2mhvm,
.hvm_altp2mhvm_op = flask_hvm_altp2mhvm_op,
@@ -272,8 +272,6 @@ class hvm
# source = domain whose memory is being shared
# target = client domain
share_mem
-# HVMOP_set_param setting HVM_PARAM_NESTEDHVM
- nested
# HVMOP_set_param setting HVM_PARAM_ALTP2MHVM
altp2mhvm
# HVMOP_altp2m_set_domain_state HVMOP_altp2m_get_domain_state
The sole caller has been removed. Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> --- CC: Jan Beulich <JBeulich@suse.com> CC: Roger Pau Monné <roger.pau@citrix.com> CC: Wei Liu <wl@xen.org> --- tools/flask/policy/modules/xen.if | 2 +- xen/include/xsm/dummy.h | 6 ------ xen/include/xsm/xsm.h | 6 ------ xen/xsm/dummy.c | 1 - xen/xsm/flask/hooks.c | 6 ------ xen/xsm/flask/policy/access_vectors | 2 -- 6 files changed, 1 insertion(+), 22 deletions(-)