From patchwork Mon Jun 20 12:52:41 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Beulich X-Patchwork-Id: 9187345 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 069996075E for ; Mon, 20 Jun 2016 12:57:44 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E364A2684F for ; Mon, 20 Jun 2016 12:57:43 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D793127D76; Mon, 20 Jun 2016 12:57:43 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id AFBA82684F for ; Mon, 20 Jun 2016 12:57:42 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1bEyjr-0006ih-FB; Mon, 20 Jun 2016 12:55:39 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1bEyjq-0006iL-6u for xen-devel@lists.xenproject.org; Mon, 20 Jun 2016 12:55:38 +0000 Received: from [85.158.137.68] by server-8.bemta-3.messagelabs.com id 72/FF-03780-9C7E7675; Mon, 20 Jun 2016 12:55:37 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrFIsWRWlGSWpSXmKPExsXS6fjDS3fF8/R wg2UH9Sy+b5nM5MDocfjDFZYAxijWzLyk/IoE1oyZW2exFVyfw1jxo/EeWwPjhdouRk4OIYE8 iT1LbzKD2LwCdhJv3+9hArElBAwl9s1fxdbFyMHBIqAqceZpFkiYTUBdou3ZdlaQsIiAgcS5o 0ldjFwczAJ7mSTapn1iAakRFrCXWLKvmR1ivJ3Em1sfwMZzAsVXTt4A1ssrICjxd4cwSJgZqO TY6e+MExh5ZiFkZiHJQNhaEg9/3WKBsLUlli18zQxSziwgLbH8HwdE2Fji568jbKhKIMbs+NL HvoCRYxWjRnFqUVlqka6hsV5SUWZ6RkluYmaOrqGBsV5uanFxYnpqTmJSsV5yfu4mRmC4MgDB DsZt2z0PMUpyMCmJ8toUp4cL8SXlp1RmJBZnxBeV5qQWH2KU4eBQkuA1vwWUEyxKTU+tSMvMA UYOTFqCg0dJhHclSJq3uCAxtzgzHSJ1ilGX49jcG2uZhFjy8vNSpcR5vUGKBECKMkrz4EbAov gSo6yUMC8j0FFCPAWpRbmZJajyrxjFORiVhHktQabwZOaVwG16BXQEE9ARy/rBjihJREhJNTA Gc5yILtaojZi6+tv8b/UiZ6yfvn92OyzJLYTlmfA65pZa3WCWwDuNSy7UXV+x51/Qs1d1XNuW PVXZ833Pj42lZ2Lcl85KNvVoecgR+vRSlVuo4xf9u2lHFYW7tPfG6//b46Y4+4TXDOf72yJm1 Ya1Oycv3row9cv10D+ZSf5TO5/skmQ1vW2gxFKckWioxVxUnAgAwJb0jt0CAAA= X-Env-Sender: JBeulich@suse.com X-Msg-Ref: server-13.tower-31.messagelabs.com!1466427164!45698979!1 X-Originating-IP: [137.65.248.74] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 8.46; banners=-,-,- X-VirusChecked: Checked Received: (qmail 63133 invoked from network); 20 Jun 2016 12:53:24 -0000 Received: from prv-mh.provo.novell.com (HELO prv-mh.provo.novell.com) (137.65.248.74) by server-13.tower-31.messagelabs.com with DHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 20 Jun 2016 12:53:24 -0000 Received: from INET-PRV-MTA by prv-mh.provo.novell.com with Novell_GroupWise; Mon, 20 Jun 2016 06:52:44 -0600 Message-Id: <5768033902000078000F6BBE@prv-mh.provo.novell.com> X-Mailer: Novell GroupWise Internet Agent 14.2.0 Date: Mon, 20 Jun 2016 06:52:41 -0600 From: "Jan Beulich" To: "xen-devel" References: <5768002C02000078000F6B8D@prv-mh.provo.novell.com> In-Reply-To: <5768002C02000078000F6B8D@prv-mh.provo.novell.com> Mime-Version: 1.0 Cc: Stefano Stabellini , Wei Liu , George Dunlap , Andrew Cooper , Ian Jackson , Tim Deegan , Paul Durrant , dgdegra@tycho.nsa.gov Subject: [Xen-devel] [PATCH 01/11] public / x86: introduce hvmctl hypercall X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP ... as a means to replace all HVMOP_* which a domain can't issue on itself (i.e. intended for use by only the control domain or device model). Signed-off-by: Jan Beulich public / x86: introduce hvmctl hypercall ... as a means to replace all HVMOP_* which a domain can't issue on itself (i.e. intended for use by only the control domain or device model). Signed-off-by: Jan Beulich --- a/xen/arch/x86/hvm/Makefile +++ b/xen/arch/x86/hvm/Makefile @@ -2,6 +2,7 @@ subdir-y += svm subdir-y += vmx obj-y += asid.o +obj-y += control.o obj-y += emulate.o obj-y += event.o obj-y += hpet.o --- /dev/null +++ b/xen/arch/x86/hvm/control.c @@ -0,0 +1,96 @@ +/* + * control.c: Hardware virtual machine control operations. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; If not, see . + */ + +#include +#include +#include +#include + +/* + * Note that this value is effectively part of the ABI, even if we don't need + * to make it a formal part of it. Hence this value may only be changed if + * accompanied by a suitable interface version increase. + */ +#define HVMCTL_iter_shift 8 +#define HVMCTL_iter_mask ((1U << HVMCTL_iter_shift) - 1) +#define HVMCTL_iter_max (1U << (16 + HVMCTL_iter_shift)) + +long do_hvmctl(XEN_GUEST_HANDLE_PARAM(xen_hvmctl_t) u_hvmctl) +{ + xen_hvmctl_t op; + struct domain *d; + unsigned int iter; + int rc; + + BUILD_BUG_ON(sizeof(op.u) > sizeof(op.u.pad)); + + if ( copy_from_guest(&op, u_hvmctl, 1) ) + return -EFAULT; + + if ( op.interface_version != XEN_HVMCTL_INTERFACE_VERSION ) + return -EACCES; + + rc = rcu_lock_remote_domain_by_id(op.domain, &d); + if ( rc ) + return rc; + + if ( !has_hvm_container_domain(d) ) + { + rcu_unlock_domain(d); + return -EINVAL; + } + + rc = xsm_hvm_control(XSM_DM_PRIV, d, op.cmd); + if ( rc ) + { + rcu_unlock_domain(d); + return rc; + } + + iter = op.opaque << HVMCTL_iter_shift; + + switch ( op.cmd ) + { + default: + rc = -EOPNOTSUPP; + break; + } + + rcu_unlock_domain(d); + + if ( rc == -ERESTART ) + { + ASSERT(!(iter & HVMCTL_iter_mask)); + op.opaque = iter >> HVMCTL_iter_shift; + if ( unlikely(copy_field_to_guest(u_hvmctl, &op, opaque)) ) + rc = -EFAULT; + else + rc = hypercall_create_continuation(__HYPERVISOR_hvmctl, "h", + u_hvmctl); + } + + return rc; +} + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * tab-width: 4 + * indent-tabs-mode: nil + * End: + */ --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -4113,6 +4113,7 @@ static const struct { COMPAT_CALL(platform_op), COMPAT_CALL(mmuext_op), HYPERCALL(xenpmu_op), + HYPERCALL(hvmctl), HYPERCALL(arch_1) }; --- a/xen/arch/x86/x86_64/compat/entry.S +++ b/xen/arch/x86/x86_64/compat/entry.S @@ -469,6 +469,7 @@ ENTRY(compat_hypercall_table) .quad do_tmem_op .quad do_ni_hypercall /* reserved for XenClient */ .quad do_xenpmu_op /* 40 */ + .quad do_hvmctl .rept __HYPERVISOR_arch_0-((.-compat_hypercall_table)/8) .quad compat_ni_hypercall .endr @@ -520,6 +521,7 @@ ENTRY(compat_hypercall_args_table) .byte 1 /* do_tmem_op */ .byte 0 /* reserved for XenClient */ .byte 2 /* do_xenpmu_op */ /* 40 */ + .byte 1 /* do_hvmctl */ .rept __HYPERVISOR_arch_0-(.-compat_hypercall_args_table) .byte 0 /* compat_ni_hypercall */ .endr --- a/xen/arch/x86/x86_64/entry.S +++ b/xen/arch/x86/x86_64/entry.S @@ -791,6 +791,7 @@ ENTRY(hypercall_table) .quad do_tmem_op .quad do_ni_hypercall /* reserved for XenClient */ .quad do_xenpmu_op /* 40 */ + .quad do_hvmctl .rept __HYPERVISOR_arch_0-((.-hypercall_table)/8) .quad do_ni_hypercall .endr @@ -842,6 +843,7 @@ ENTRY(hypercall_args_table) .byte 1 /* do_tmem_op */ .byte 0 /* reserved for XenClient */ .byte 2 /* do_xenpmu_op */ /* 40 */ + .byte 1 /* do_hvmctl */ .rept __HYPERVISOR_arch_0-(.-hypercall_args_table) .byte 0 /* do_ni_hypercall */ .endr --- a/xen/include/Makefile +++ b/xen/include/Makefile @@ -93,7 +93,7 @@ all: headers.chk headers++.chk PUBLIC_HEADERS := $(filter-out public/arch-% public/dom0_ops.h, $(wildcard public/*.h public/*/*.h) $(public-y)) -PUBLIC_ANSI_HEADERS := $(filter-out public/%ctl.h public/xsm/% public/%hvm/save.h, $(PUBLIC_HEADERS)) +PUBLIC_ANSI_HEADERS := $(filter-out public/%ctl.h public/hvm/control.h public/xsm/% public/%hvm/save.h,$(PUBLIC_HEADERS)) headers.chk: $(PUBLIC_ANSI_HEADERS) Makefile for i in $(filter %.h,$^); do \ --- /dev/null +++ b/xen/include/public/hvm/control.h @@ -0,0 +1,54 @@ +/* + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + * DEALINGS IN THE SOFTWARE. + */ + +#ifndef __XEN_PUBLIC_HVM_CONTROL_H__ +#define __XEN_PUBLIC_HVM_CONTROL_H__ + +#if !defined(__XEN__) && !defined(__XEN_TOOLS__) +#error "HVM control operations are intended for use by control tools only" +#endif + +#include "../xen.h" + +#define XEN_HVMCTL_INTERFACE_VERSION 0x00000001 + +struct xen_hvmctl { + uint16_t interface_version; /* XEN_HVMCTL_INTERFACE_VERSION */ + domid_t domain; + uint16_t cmd; + uint16_t opaque; /* Must be zero on initial invocation. */ + union { + uint8_t pad[120]; + } u; +}; +typedef struct xen_hvmctl xen_hvmctl_t; +DEFINE_XEN_GUEST_HANDLE(xen_hvmctl_t); + +#endif /* __XEN_PUBLIC_HVM_CONTROL_H__ */ + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * tab-width: 4 + * indent-tabs-mode: nil + * End: + */ --- a/xen/include/public/xen.h +++ b/xen/include/public/xen.h @@ -115,6 +115,7 @@ DEFINE_XEN_GUEST_HANDLE(xen_ulong_t); #define __HYPERVISOR_tmem_op 38 #define __HYPERVISOR_xc_reserved_op 39 /* reserved for XenClient */ #define __HYPERVISOR_xenpmu_op 40 +#define __HYPERVISOR_hvmctl 41 /* Architecture-specific hypercall definitions. */ #define __HYPERVISOR_arch_0 48 --- a/xen/include/xen/hypercall.h +++ b/xen/include/xen/hypercall.h @@ -15,6 +15,7 @@ #include #include #include +#include #include #include @@ -46,6 +47,10 @@ arch_do_sysctl( XEN_GUEST_HANDLE_PARAM(xen_sysctl_t) u_sysctl); extern long +do_hvmctl( + XEN_GUEST_HANDLE_PARAM(xen_hvmctl_t) u_hvmctl); + +extern long do_platform_op( XEN_GUEST_HANDLE_PARAM(xen_platform_op_t) u_xenpf_op); --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1183,6 +1183,20 @@ static int flask_hvm_param(struct domain return current_has_perm(d, SECCLASS_HVM, perm); } +static int flask_hvm_control(struct domain *d, unsigned long op) +{ + u32 perm; + + switch ( op ) + { + default: + perm = HVM__HVMCTL; + break; + } + + return current_has_perm(d, SECCLASS_HVM, perm); +} + static int flask_hvm_param_nested(struct domain *d) { return current_has_perm(d, SECCLASS_HVM, HVM__NESTED); @@ -1745,7 +1759,7 @@ static struct xsm_operations flask_ops = .page_offline = flask_page_offline, .tmem_op = flask_tmem_op, .hvm_param = flask_hvm_param, - .hvm_control = flask_hvm_param, + .hvm_control = flask_hvm_control, .hvm_param_nested = flask_hvm_param_nested, .hvm_param_altp2mhvm = flask_hvm_param_altp2mhvm, .hvm_altp2mhvm_op = flask_hvm_altp2mhvm_op, Reviewed-by: Wei Liu --- a/xen/arch/x86/hvm/Makefile +++ b/xen/arch/x86/hvm/Makefile @@ -2,6 +2,7 @@ subdir-y += svm subdir-y += vmx obj-y += asid.o +obj-y += control.o obj-y += emulate.o obj-y += event.o obj-y += hpet.o --- /dev/null +++ b/xen/arch/x86/hvm/control.c @@ -0,0 +1,96 @@ +/* + * control.c: Hardware virtual machine control operations. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; If not, see . + */ + +#include +#include +#include +#include + +/* + * Note that this value is effectively part of the ABI, even if we don't need + * to make it a formal part of it. Hence this value may only be changed if + * accompanied by a suitable interface version increase. + */ +#define HVMCTL_iter_shift 8 +#define HVMCTL_iter_mask ((1U << HVMCTL_iter_shift) - 1) +#define HVMCTL_iter_max (1U << (16 + HVMCTL_iter_shift)) + +long do_hvmctl(XEN_GUEST_HANDLE_PARAM(xen_hvmctl_t) u_hvmctl) +{ + xen_hvmctl_t op; + struct domain *d; + unsigned int iter; + int rc; + + BUILD_BUG_ON(sizeof(op.u) > sizeof(op.u.pad)); + + if ( copy_from_guest(&op, u_hvmctl, 1) ) + return -EFAULT; + + if ( op.interface_version != XEN_HVMCTL_INTERFACE_VERSION ) + return -EACCES; + + rc = rcu_lock_remote_domain_by_id(op.domain, &d); + if ( rc ) + return rc; + + if ( !has_hvm_container_domain(d) ) + { + rcu_unlock_domain(d); + return -EINVAL; + } + + rc = xsm_hvm_control(XSM_DM_PRIV, d, op.cmd); + if ( rc ) + { + rcu_unlock_domain(d); + return rc; + } + + iter = op.opaque << HVMCTL_iter_shift; + + switch ( op.cmd ) + { + default: + rc = -EOPNOTSUPP; + break; + } + + rcu_unlock_domain(d); + + if ( rc == -ERESTART ) + { + ASSERT(!(iter & HVMCTL_iter_mask)); + op.opaque = iter >> HVMCTL_iter_shift; + if ( unlikely(copy_field_to_guest(u_hvmctl, &op, opaque)) ) + rc = -EFAULT; + else + rc = hypercall_create_continuation(__HYPERVISOR_hvmctl, "h", + u_hvmctl); + } + + return rc; +} + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * tab-width: 4 + * indent-tabs-mode: nil + * End: + */ --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -4113,6 +4113,7 @@ static const struct { COMPAT_CALL(platform_op), COMPAT_CALL(mmuext_op), HYPERCALL(xenpmu_op), + HYPERCALL(hvmctl), HYPERCALL(arch_1) }; --- a/xen/arch/x86/x86_64/compat/entry.S +++ b/xen/arch/x86/x86_64/compat/entry.S @@ -469,6 +469,7 @@ ENTRY(compat_hypercall_table) .quad do_tmem_op .quad do_ni_hypercall /* reserved for XenClient */ .quad do_xenpmu_op /* 40 */ + .quad do_hvmctl .rept __HYPERVISOR_arch_0-((.-compat_hypercall_table)/8) .quad compat_ni_hypercall .endr @@ -520,6 +521,7 @@ ENTRY(compat_hypercall_args_table) .byte 1 /* do_tmem_op */ .byte 0 /* reserved for XenClient */ .byte 2 /* do_xenpmu_op */ /* 40 */ + .byte 1 /* do_hvmctl */ .rept __HYPERVISOR_arch_0-(.-compat_hypercall_args_table) .byte 0 /* compat_ni_hypercall */ .endr --- a/xen/arch/x86/x86_64/entry.S +++ b/xen/arch/x86/x86_64/entry.S @@ -791,6 +791,7 @@ ENTRY(hypercall_table) .quad do_tmem_op .quad do_ni_hypercall /* reserved for XenClient */ .quad do_xenpmu_op /* 40 */ + .quad do_hvmctl .rept __HYPERVISOR_arch_0-((.-hypercall_table)/8) .quad do_ni_hypercall .endr @@ -842,6 +843,7 @@ ENTRY(hypercall_args_table) .byte 1 /* do_tmem_op */ .byte 0 /* reserved for XenClient */ .byte 2 /* do_xenpmu_op */ /* 40 */ + .byte 1 /* do_hvmctl */ .rept __HYPERVISOR_arch_0-(.-hypercall_args_table) .byte 0 /* do_ni_hypercall */ .endr --- a/xen/include/Makefile +++ b/xen/include/Makefile @@ -93,7 +93,7 @@ all: headers.chk headers++.chk PUBLIC_HEADERS := $(filter-out public/arch-% public/dom0_ops.h, $(wildcard public/*.h public/*/*.h) $(public-y)) -PUBLIC_ANSI_HEADERS := $(filter-out public/%ctl.h public/xsm/% public/%hvm/save.h, $(PUBLIC_HEADERS)) +PUBLIC_ANSI_HEADERS := $(filter-out public/%ctl.h public/hvm/control.h public/xsm/% public/%hvm/save.h,$(PUBLIC_HEADERS)) headers.chk: $(PUBLIC_ANSI_HEADERS) Makefile for i in $(filter %.h,$^); do \ --- /dev/null +++ b/xen/include/public/hvm/control.h @@ -0,0 +1,54 @@ +/* + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + * DEALINGS IN THE SOFTWARE. + */ + +#ifndef __XEN_PUBLIC_HVM_CONTROL_H__ +#define __XEN_PUBLIC_HVM_CONTROL_H__ + +#if !defined(__XEN__) && !defined(__XEN_TOOLS__) +#error "HVM control operations are intended for use by control tools only" +#endif + +#include "../xen.h" + +#define XEN_HVMCTL_INTERFACE_VERSION 0x00000001 + +struct xen_hvmctl { + uint16_t interface_version; /* XEN_HVMCTL_INTERFACE_VERSION */ + domid_t domain; + uint16_t cmd; + uint16_t opaque; /* Must be zero on initial invocation. */ + union { + uint8_t pad[120]; + } u; +}; +typedef struct xen_hvmctl xen_hvmctl_t; +DEFINE_XEN_GUEST_HANDLE(xen_hvmctl_t); + +#endif /* __XEN_PUBLIC_HVM_CONTROL_H__ */ + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * tab-width: 4 + * indent-tabs-mode: nil + * End: + */ --- a/xen/include/public/xen.h +++ b/xen/include/public/xen.h @@ -115,6 +115,7 @@ DEFINE_XEN_GUEST_HANDLE(xen_ulong_t); #define __HYPERVISOR_tmem_op 38 #define __HYPERVISOR_xc_reserved_op 39 /* reserved for XenClient */ #define __HYPERVISOR_xenpmu_op 40 +#define __HYPERVISOR_hvmctl 41 /* Architecture-specific hypercall definitions. */ #define __HYPERVISOR_arch_0 48 --- a/xen/include/xen/hypercall.h +++ b/xen/include/xen/hypercall.h @@ -15,6 +15,7 @@ #include #include #include +#include #include #include @@ -46,6 +47,10 @@ arch_do_sysctl( XEN_GUEST_HANDLE_PARAM(xen_sysctl_t) u_sysctl); extern long +do_hvmctl( + XEN_GUEST_HANDLE_PARAM(xen_hvmctl_t) u_hvmctl); + +extern long do_platform_op( XEN_GUEST_HANDLE_PARAM(xen_platform_op_t) u_xenpf_op); --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1183,6 +1183,20 @@ static int flask_hvm_param(struct domain return current_has_perm(d, SECCLASS_HVM, perm); } +static int flask_hvm_control(struct domain *d, unsigned long op) +{ + u32 perm; + + switch ( op ) + { + default: + perm = HVM__HVMCTL; + break; + } + + return current_has_perm(d, SECCLASS_HVM, perm); +} + static int flask_hvm_param_nested(struct domain *d) { return current_has_perm(d, SECCLASS_HVM, HVM__NESTED); @@ -1745,7 +1759,7 @@ static struct xsm_operations flask_ops = .page_offline = flask_page_offline, .tmem_op = flask_tmem_op, .hvm_param = flask_hvm_param, - .hvm_control = flask_hvm_param, + .hvm_control = flask_hvm_control, .hvm_param_nested = flask_hvm_param_nested, .hvm_param_altp2mhvm = flask_hvm_param_altp2mhvm, .hvm_altp2mhvm_op = flask_hvm_altp2mhvm_op,