/root/src/xen/xen/include/xsm/xsm.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * This file contains the XSM hook definitions for Xen. |
3 | | * |
4 | | * This work is based on the LSM implementation in Linux 2.6.13.4. |
5 | | * |
6 | | * Author: George Coker, <gscoker@alpha.ncsc.mil> |
7 | | * |
8 | | * Contributors: Michael LeMay, <mdlemay@epoch.ncsc.mil> |
9 | | * |
10 | | * This program is free software; you can redistribute it and/or modify |
11 | | * it under the terms of the GNU General Public License version 2, |
12 | | * as published by the Free Software Foundation. |
13 | | */ |
14 | | |
15 | | #ifndef __XSM_H__ |
16 | | #define __XSM_H__ |
17 | | |
18 | | #include <xen/sched.h> |
19 | | #include <xen/multiboot.h> |
20 | | |
21 | | typedef void xsm_op_t; |
22 | | DEFINE_XEN_GUEST_HANDLE(xsm_op_t); |
23 | | |
24 | | /* policy magic number (defined by XSM_MAGIC) */ |
25 | | typedef u32 xsm_magic_t; |
26 | | |
27 | | #ifdef CONFIG_FLASK |
28 | | #define XSM_MAGIC 0xf97cff8c |
29 | | #else |
30 | | #define XSM_MAGIC 0x0 |
31 | | #endif |
32 | | |
33 | | /* These annotations are used by callers and in dummy.h to document the |
34 | | * default actions of XSM hooks. They should be compiled out otherwise. |
35 | | */ |
36 | | enum xsm_default { |
37 | | XSM_HOOK, /* Guests can normally access the hypercall */ |
38 | | XSM_DM_PRIV, /* Device model can perform on its target domain */ |
39 | | XSM_TARGET, /* Can perform on self or your target domain */ |
40 | | XSM_PRIV, /* Privileged - normally restricted to dom0 */ |
41 | | XSM_XS_PRIV, /* Xenstore domain - can do some privileged operations */ |
42 | | XSM_OTHER /* Something more complex */ |
43 | | }; |
44 | | typedef enum xsm_default xsm_default_t; |
45 | | |
46 | | struct xsm_operations { |
47 | | void (*security_domaininfo) (struct domain *d, |
48 | | struct xen_domctl_getdomaininfo *info); |
49 | | int (*domain_create) (struct domain *d, u32 ssidref); |
50 | | int (*getdomaininfo) (struct domain *d); |
51 | | int (*domctl_scheduler_op) (struct domain *d, int op); |
52 | | int (*sysctl_scheduler_op) (int op); |
53 | | int (*set_target) (struct domain *d, struct domain *e); |
54 | | int (*domctl) (struct domain *d, int cmd); |
55 | | int (*sysctl) (int cmd); |
56 | | int (*readconsole) (uint32_t clear); |
57 | | |
58 | | int (*evtchn_unbound) (struct domain *d, struct evtchn *chn, domid_t id2); |
59 | | int (*evtchn_interdomain) (struct domain *d1, struct evtchn *chn1, |
60 | | struct domain *d2, struct evtchn *chn2); |
61 | | void (*evtchn_close_post) (struct evtchn *chn); |
62 | | int (*evtchn_send) (struct domain *d, struct evtchn *chn); |
63 | | int (*evtchn_status) (struct domain *d, struct evtchn *chn); |
64 | | int (*evtchn_reset) (struct domain *d1, struct domain *d2); |
65 | | |
66 | | int (*grant_mapref) (struct domain *d1, struct domain *d2, uint32_t flags); |
67 | | int (*grant_unmapref) (struct domain *d1, struct domain *d2); |
68 | | int (*grant_setup) (struct domain *d1, struct domain *d2); |
69 | | int (*grant_transfer) (struct domain *d1, struct domain *d2); |
70 | | int (*grant_copy) (struct domain *d1, struct domain *d2); |
71 | | int (*grant_query_size) (struct domain *d1, struct domain *d2); |
72 | | |
73 | | int (*alloc_security_domain) (struct domain *d); |
74 | | void (*free_security_domain) (struct domain *d); |
75 | | int (*alloc_security_evtchn) (struct evtchn *chn); |
76 | | void (*free_security_evtchn) (struct evtchn *chn); |
77 | | char *(*show_security_evtchn) (struct domain *d, const struct evtchn *chn); |
78 | | int (*init_hardware_domain) (struct domain *d); |
79 | | |
80 | | int (*get_pod_target) (struct domain *d); |
81 | | int (*set_pod_target) (struct domain *d); |
82 | | int (*memory_exchange) (struct domain *d); |
83 | | int (*memory_adjust_reservation) (struct domain *d1, struct domain *d2); |
84 | | int (*memory_stat_reservation) (struct domain *d1, struct domain *d2); |
85 | | int (*memory_pin_page) (struct domain *d1, struct domain *d2, struct page_info *page); |
86 | | int (*add_to_physmap) (struct domain *d1, struct domain *d2); |
87 | | int (*remove_from_physmap) (struct domain *d1, struct domain *d2); |
88 | | int (*map_gmfn_foreign) (struct domain *d, struct domain *t); |
89 | | int (*claim_pages) (struct domain *d); |
90 | | |
91 | | int (*console_io) (struct domain *d, int cmd); |
92 | | |
93 | | int (*profile) (struct domain *d, int op); |
94 | | |
95 | | int (*kexec) (void); |
96 | | int (*schedop_shutdown) (struct domain *d1, struct domain *d2); |
97 | | |
98 | | char *(*show_irq_sid) (int irq); |
99 | | int (*map_domain_pirq) (struct domain *d); |
100 | | int (*map_domain_irq) (struct domain *d, int irq, void *data); |
101 | | int (*unmap_domain_pirq) (struct domain *d); |
102 | | int (*unmap_domain_irq) (struct domain *d, int irq, void *data); |
103 | | int (*bind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); |
104 | | int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); |
105 | | int (*irq_permission) (struct domain *d, int pirq, uint8_t allow); |
106 | | int (*iomem_permission) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow); |
107 | | int (*iomem_mapping) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow); |
108 | | int (*pci_config_permission) (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access); |
109 | | |
110 | | #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) |
111 | | int (*get_device_group) (uint32_t machine_bdf); |
112 | | int (*assign_device) (struct domain *d, uint32_t machine_bdf); |
113 | | int (*deassign_device) (struct domain *d, uint32_t machine_bdf); |
114 | | #endif |
115 | | |
116 | | #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE) |
117 | | int (*assign_dtdevice) (struct domain *d, const char *dtpath); |
118 | | int (*deassign_dtdevice) (struct domain *d, const char *dtpath); |
119 | | #endif |
120 | | |
121 | | int (*resource_plug_core) (void); |
122 | | int (*resource_unplug_core) (void); |
123 | | int (*resource_plug_pci) (uint32_t machine_bdf); |
124 | | int (*resource_unplug_pci) (uint32_t machine_bdf); |
125 | | int (*resource_setup_pci) (uint32_t machine_bdf); |
126 | | int (*resource_setup_gsi) (int gsi); |
127 | | int (*resource_setup_misc) (void); |
128 | | |
129 | | int (*page_offline)(uint32_t cmd); |
130 | | int (*tmem_op)(void); |
131 | | |
132 | | long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); |
133 | | #ifdef CONFIG_COMPAT |
134 | | int (*do_compat_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); |
135 | | #endif |
136 | | |
137 | | int (*hvm_param) (struct domain *d, unsigned long op); |
138 | | int (*hvm_control) (struct domain *d, unsigned long op); |
139 | | int (*hvm_param_nested) (struct domain *d); |
140 | | int (*hvm_param_altp2mhvm) (struct domain *d); |
141 | | int (*hvm_altp2mhvm_op) (struct domain *d, uint64_t mode, uint32_t op); |
142 | | int (*get_vnumainfo) (struct domain *d); |
143 | | |
144 | | int (*vm_event_control) (struct domain *d, int mode, int op); |
145 | | |
146 | | #ifdef CONFIG_HAS_MEM_ACCESS |
147 | | int (*mem_access) (struct domain *d); |
148 | | #endif |
149 | | |
150 | | #ifdef CONFIG_HAS_MEM_PAGING |
151 | | int (*mem_paging) (struct domain *d); |
152 | | #endif |
153 | | |
154 | | #ifdef CONFIG_HAS_MEM_SHARING |
155 | | int (*mem_sharing) (struct domain *d); |
156 | | #endif |
157 | | |
158 | | int (*platform_op) (uint32_t cmd); |
159 | | |
160 | | #ifdef CONFIG_X86 |
161 | | int (*do_mca) (void); |
162 | | int (*shadow_control) (struct domain *d, uint32_t op); |
163 | | int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op); |
164 | | int (*apic) (struct domain *d, int cmd); |
165 | | int (*memtype) (uint32_t access); |
166 | | int (*machine_memory_map) (void); |
167 | | int (*domain_memory_map) (struct domain *d); |
168 | 0 | #define XSM_MMU_UPDATE_READ 1 |
169 | 0 | #define XSM_MMU_UPDATE_WRITE 2 |
170 | 0 | #define XSM_MMU_NORMAL_UPDATE 4 |
171 | 0 | #define XSM_MMU_MACHPHYS_UPDATE 8 |
172 | | int (*mmu_update) (struct domain *d, struct domain *t, |
173 | | struct domain *f, uint32_t flags); |
174 | | int (*mmuext_op) (struct domain *d, struct domain *f); |
175 | | int (*update_va_mapping) (struct domain *d, struct domain *f, l1_pgentry_t pte); |
176 | | int (*priv_mapping) (struct domain *d, struct domain *t); |
177 | | int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); |
178 | | int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); |
179 | | int (*pmu_op) (struct domain *d, unsigned int op); |
180 | | int (*dm_op) (struct domain *d); |
181 | | #endif |
182 | | int (*xen_version) (uint32_t cmd); |
183 | | }; |
184 | | |
185 | | #ifdef CONFIG_XSM |
186 | | |
187 | | extern struct xsm_operations *xsm_ops; |
188 | | |
189 | | #ifndef XSM_NO_WRAPPERS |
190 | | |
191 | | static inline void xsm_security_domaininfo (struct domain *d, |
192 | | struct xen_domctl_getdomaininfo *info) |
193 | | { |
194 | | xsm_ops->security_domaininfo(d, info); |
195 | | } |
196 | | |
197 | | static inline int xsm_domain_create (xsm_default_t def, struct domain *d, u32 ssidref) |
198 | | { |
199 | | return xsm_ops->domain_create(d, ssidref); |
200 | | } |
201 | | |
202 | | static inline int xsm_getdomaininfo (xsm_default_t def, struct domain *d) |
203 | | { |
204 | | return xsm_ops->getdomaininfo(d); |
205 | | } |
206 | | |
207 | | static inline int xsm_domctl_scheduler_op (xsm_default_t def, struct domain *d, int cmd) |
208 | | { |
209 | | return xsm_ops->domctl_scheduler_op(d, cmd); |
210 | | } |
211 | | |
212 | | static inline int xsm_sysctl_scheduler_op (xsm_default_t def, int cmd) |
213 | | { |
214 | | return xsm_ops->sysctl_scheduler_op(cmd); |
215 | | } |
216 | | |
217 | | static inline int xsm_set_target (xsm_default_t def, struct domain *d, struct domain *e) |
218 | | { |
219 | | return xsm_ops->set_target(d, e); |
220 | | } |
221 | | |
222 | | static inline int xsm_domctl (xsm_default_t def, struct domain *d, int cmd) |
223 | | { |
224 | | return xsm_ops->domctl(d, cmd); |
225 | | } |
226 | | |
227 | | static inline int xsm_sysctl (xsm_default_t def, int cmd) |
228 | | { |
229 | | return xsm_ops->sysctl(cmd); |
230 | | } |
231 | | |
232 | | static inline int xsm_readconsole (xsm_default_t def, uint32_t clear) |
233 | | { |
234 | | return xsm_ops->readconsole(clear); |
235 | | } |
236 | | |
237 | | static inline int xsm_evtchn_unbound (xsm_default_t def, struct domain *d1, struct evtchn *chn, |
238 | | domid_t id2) |
239 | | { |
240 | | return xsm_ops->evtchn_unbound(d1, chn, id2); |
241 | | } |
242 | | |
243 | | static inline int xsm_evtchn_interdomain (xsm_default_t def, struct domain *d1, |
244 | | struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) |
245 | | { |
246 | | return xsm_ops->evtchn_interdomain(d1, chan1, d2, chan2); |
247 | | } |
248 | | |
249 | | static inline void xsm_evtchn_close_post (struct evtchn *chn) |
250 | | { |
251 | | xsm_ops->evtchn_close_post(chn); |
252 | | } |
253 | | |
254 | | static inline int xsm_evtchn_send (xsm_default_t def, struct domain *d, struct evtchn *chn) |
255 | | { |
256 | | return xsm_ops->evtchn_send(d, chn); |
257 | | } |
258 | | |
259 | | static inline int xsm_evtchn_status (xsm_default_t def, struct domain *d, struct evtchn *chn) |
260 | | { |
261 | | return xsm_ops->evtchn_status(d, chn); |
262 | | } |
263 | | |
264 | | static inline int xsm_evtchn_reset (xsm_default_t def, struct domain *d1, struct domain *d2) |
265 | | { |
266 | | return xsm_ops->evtchn_reset(d1, d2); |
267 | | } |
268 | | |
269 | | static inline int xsm_grant_mapref (xsm_default_t def, struct domain *d1, struct domain *d2, |
270 | | uint32_t flags) |
271 | | { |
272 | | return xsm_ops->grant_mapref(d1, d2, flags); |
273 | | } |
274 | | |
275 | | static inline int xsm_grant_unmapref (xsm_default_t def, struct domain *d1, struct domain *d2) |
276 | | { |
277 | | return xsm_ops->grant_unmapref(d1, d2); |
278 | | } |
279 | | |
280 | | static inline int xsm_grant_setup (xsm_default_t def, struct domain *d1, struct domain *d2) |
281 | | { |
282 | | return xsm_ops->grant_setup(d1, d2); |
283 | | } |
284 | | |
285 | | static inline int xsm_grant_transfer (xsm_default_t def, struct domain *d1, struct domain *d2) |
286 | | { |
287 | | return xsm_ops->grant_transfer(d1, d2); |
288 | | } |
289 | | |
290 | | static inline int xsm_grant_copy (xsm_default_t def, struct domain *d1, struct domain *d2) |
291 | | { |
292 | | return xsm_ops->grant_copy(d1, d2); |
293 | | } |
294 | | |
295 | | static inline int xsm_grant_query_size (xsm_default_t def, struct domain *d1, struct domain *d2) |
296 | | { |
297 | | return xsm_ops->grant_query_size(d1, d2); |
298 | | } |
299 | | |
300 | | static inline int xsm_alloc_security_domain (struct domain *d) |
301 | | { |
302 | | return xsm_ops->alloc_security_domain(d); |
303 | | } |
304 | | |
305 | | static inline void xsm_free_security_domain (struct domain *d) |
306 | | { |
307 | | xsm_ops->free_security_domain(d); |
308 | | } |
309 | | |
310 | | static inline int xsm_alloc_security_evtchn (struct evtchn *chn) |
311 | | { |
312 | | return xsm_ops->alloc_security_evtchn(chn); |
313 | | } |
314 | | |
315 | | static inline void xsm_free_security_evtchn (struct evtchn *chn) |
316 | | { |
317 | | (void)xsm_ops->free_security_evtchn(chn); |
318 | | } |
319 | | |
320 | | static inline char *xsm_show_security_evtchn (struct domain *d, const struct evtchn *chn) |
321 | | { |
322 | | return xsm_ops->show_security_evtchn(d, chn); |
323 | | } |
324 | | |
325 | | static inline int xsm_init_hardware_domain (xsm_default_t def, struct domain *d) |
326 | | { |
327 | | return xsm_ops->init_hardware_domain(d); |
328 | | } |
329 | | |
330 | | static inline int xsm_get_pod_target (xsm_default_t def, struct domain *d) |
331 | | { |
332 | | return xsm_ops->get_pod_target(d); |
333 | | } |
334 | | |
335 | | static inline int xsm_set_pod_target (xsm_default_t def, struct domain *d) |
336 | | { |
337 | | return xsm_ops->set_pod_target(d); |
338 | | } |
339 | | |
340 | | static inline int xsm_memory_exchange (xsm_default_t def, struct domain *d) |
341 | | { |
342 | | return xsm_ops->memory_exchange(d); |
343 | | } |
344 | | |
345 | | static inline int xsm_memory_adjust_reservation (xsm_default_t def, struct domain *d1, struct |
346 | | domain *d2) |
347 | | { |
348 | | return xsm_ops->memory_adjust_reservation(d1, d2); |
349 | | } |
350 | | |
351 | | static inline int xsm_memory_stat_reservation (xsm_default_t def, struct domain *d1, |
352 | | struct domain *d2) |
353 | | { |
354 | | return xsm_ops->memory_stat_reservation(d1, d2); |
355 | | } |
356 | | |
357 | | static inline int xsm_memory_pin_page(xsm_default_t def, struct domain *d1, struct domain *d2, |
358 | | struct page_info *page) |
359 | | { |
360 | | return xsm_ops->memory_pin_page(d1, d2, page); |
361 | | } |
362 | | |
363 | | static inline int xsm_add_to_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) |
364 | | { |
365 | | return xsm_ops->add_to_physmap(d1, d2); |
366 | | } |
367 | | |
368 | | static inline int xsm_remove_from_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) |
369 | | { |
370 | | return xsm_ops->remove_from_physmap(d1, d2); |
371 | | } |
372 | | |
373 | | static inline int xsm_map_gmfn_foreign (xsm_default_t def, struct domain *d, struct domain *t) |
374 | | { |
375 | | return xsm_ops->map_gmfn_foreign(d, t); |
376 | | } |
377 | | |
378 | | static inline int xsm_claim_pages(xsm_default_t def, struct domain *d) |
379 | | { |
380 | | return xsm_ops->claim_pages(d); |
381 | | } |
382 | | |
383 | | static inline int xsm_console_io (xsm_default_t def, struct domain *d, int cmd) |
384 | | { |
385 | | return xsm_ops->console_io(d, cmd); |
386 | | } |
387 | | |
388 | | static inline int xsm_profile (xsm_default_t def, struct domain *d, int op) |
389 | | { |
390 | | return xsm_ops->profile(d, op); |
391 | | } |
392 | | |
393 | | static inline int xsm_kexec (xsm_default_t def) |
394 | | { |
395 | | return xsm_ops->kexec(); |
396 | | } |
397 | | |
398 | | static inline int xsm_schedop_shutdown (xsm_default_t def, struct domain *d1, struct domain *d2) |
399 | | { |
400 | | return xsm_ops->schedop_shutdown(d1, d2); |
401 | | } |
402 | | |
403 | | static inline char *xsm_show_irq_sid (int irq) |
404 | | { |
405 | | return xsm_ops->show_irq_sid(irq); |
406 | | } |
407 | | |
408 | | static inline int xsm_map_domain_pirq (xsm_default_t def, struct domain *d) |
409 | | { |
410 | | return xsm_ops->map_domain_pirq(d); |
411 | | } |
412 | | |
413 | | static inline int xsm_map_domain_irq (xsm_default_t def, struct domain *d, int irq, void *data) |
414 | | { |
415 | | return xsm_ops->map_domain_irq(d, irq, data); |
416 | | } |
417 | | |
418 | | static inline int xsm_unmap_domain_pirq (xsm_default_t def, struct domain *d) |
419 | | { |
420 | | return xsm_ops->unmap_domain_pirq(d); |
421 | | } |
422 | | |
423 | | static inline int xsm_unmap_domain_irq (xsm_default_t def, struct domain *d, int irq, void *data) |
424 | | { |
425 | | return xsm_ops->unmap_domain_irq(d, irq, data); |
426 | | } |
427 | | |
428 | | static inline int xsm_bind_pt_irq(xsm_default_t def, struct domain *d, |
429 | | struct xen_domctl_bind_pt_irq *bind) |
430 | | { |
431 | | return xsm_ops->bind_pt_irq(d, bind); |
432 | | } |
433 | | |
434 | | static inline int xsm_unbind_pt_irq(xsm_default_t def, struct domain *d, |
435 | | struct xen_domctl_bind_pt_irq *bind) |
436 | | { |
437 | | return xsm_ops->unbind_pt_irq(d, bind); |
438 | | } |
439 | | |
440 | | static inline int xsm_irq_permission (xsm_default_t def, struct domain *d, int pirq, uint8_t allow) |
441 | | { |
442 | | return xsm_ops->irq_permission(d, pirq, allow); |
443 | | } |
444 | | |
445 | | static inline int xsm_iomem_permission (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) |
446 | | { |
447 | | return xsm_ops->iomem_permission(d, s, e, allow); |
448 | | } |
449 | | |
450 | | static inline int xsm_iomem_mapping (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) |
451 | | { |
452 | | return xsm_ops->iomem_mapping(d, s, e, allow); |
453 | | } |
454 | | |
455 | | static inline int xsm_pci_config_permission (xsm_default_t def, struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) |
456 | | { |
457 | | return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access); |
458 | | } |
459 | | |
460 | | #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) |
461 | | static inline int xsm_get_device_group(xsm_default_t def, uint32_t machine_bdf) |
462 | | { |
463 | | return xsm_ops->get_device_group(machine_bdf); |
464 | | } |
465 | | |
466 | | static inline int xsm_assign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) |
467 | | { |
468 | | return xsm_ops->assign_device(d, machine_bdf); |
469 | | } |
470 | | |
471 | | static inline int xsm_deassign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) |
472 | | { |
473 | | return xsm_ops->deassign_device(d, machine_bdf); |
474 | | } |
475 | | #endif /* HAS_PASSTHROUGH && HAS_PCI) */ |
476 | | |
477 | | #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE) |
478 | | static inline int xsm_assign_dtdevice(xsm_default_t def, struct domain *d, |
479 | | const char *dtpath) |
480 | | { |
481 | | return xsm_ops->assign_dtdevice(d, dtpath); |
482 | | } |
483 | | |
484 | | static inline int xsm_deassign_dtdevice(xsm_default_t def, struct domain *d, |
485 | | const char *dtpath) |
486 | | { |
487 | | return xsm_ops->deassign_dtdevice(d, dtpath); |
488 | | } |
489 | | |
490 | | #endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE */ |
491 | | |
492 | | static inline int xsm_resource_plug_pci (xsm_default_t def, uint32_t machine_bdf) |
493 | | { |
494 | | return xsm_ops->resource_plug_pci(machine_bdf); |
495 | | } |
496 | | |
497 | | static inline int xsm_resource_unplug_pci (xsm_default_t def, uint32_t machine_bdf) |
498 | | { |
499 | | return xsm_ops->resource_unplug_pci(machine_bdf); |
500 | | } |
501 | | |
502 | | static inline int xsm_resource_plug_core (xsm_default_t def) |
503 | | { |
504 | | return xsm_ops->resource_plug_core(); |
505 | | } |
506 | | |
507 | | static inline int xsm_resource_unplug_core (xsm_default_t def) |
508 | | { |
509 | | return xsm_ops->resource_unplug_core(); |
510 | | } |
511 | | |
512 | | static inline int xsm_resource_setup_pci (xsm_default_t def, uint32_t machine_bdf) |
513 | | { |
514 | | return xsm_ops->resource_setup_pci(machine_bdf); |
515 | | } |
516 | | |
517 | | static inline int xsm_resource_setup_gsi (xsm_default_t def, int gsi) |
518 | | { |
519 | | return xsm_ops->resource_setup_gsi(gsi); |
520 | | } |
521 | | |
522 | | static inline int xsm_resource_setup_misc (xsm_default_t def) |
523 | | { |
524 | | return xsm_ops->resource_setup_misc(); |
525 | | } |
526 | | |
527 | | static inline int xsm_page_offline(xsm_default_t def, uint32_t cmd) |
528 | | { |
529 | | return xsm_ops->page_offline(cmd); |
530 | | } |
531 | | |
532 | | static inline int xsm_tmem_op(xsm_default_t def) |
533 | | { |
534 | | return xsm_ops->tmem_op(); |
535 | | } |
536 | | |
537 | | static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) |
538 | | { |
539 | | return xsm_ops->do_xsm_op(op); |
540 | | } |
541 | | |
542 | | #ifdef CONFIG_COMPAT |
543 | | static inline int xsm_do_compat_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) |
544 | | { |
545 | | return xsm_ops->do_compat_op(op); |
546 | | } |
547 | | #endif |
548 | | |
549 | | static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op) |
550 | | { |
551 | | return xsm_ops->hvm_param(d, op); |
552 | | } |
553 | | |
554 | | static inline int xsm_hvm_control(xsm_default_t def, struct domain *d, unsigned long op) |
555 | | { |
556 | | return xsm_ops->hvm_control(d, op); |
557 | | } |
558 | | |
559 | | static inline int xsm_hvm_param_nested (xsm_default_t def, struct domain *d) |
560 | | { |
561 | | return xsm_ops->hvm_param_nested(d); |
562 | | } |
563 | | |
564 | | static inline int xsm_hvm_param_altp2mhvm (xsm_default_t def, struct domain *d) |
565 | | { |
566 | | return xsm_ops->hvm_param_altp2mhvm(d); |
567 | | } |
568 | | |
569 | | static inline int xsm_hvm_altp2mhvm_op (xsm_default_t def, struct domain *d, uint64_t mode, uint32_t op) |
570 | | { |
571 | | return xsm_ops->hvm_altp2mhvm_op(d, mode, op); |
572 | | } |
573 | | |
574 | | static inline int xsm_get_vnumainfo (xsm_default_t def, struct domain *d) |
575 | | { |
576 | | return xsm_ops->get_vnumainfo(d); |
577 | | } |
578 | | |
579 | | static inline int xsm_vm_event_control (xsm_default_t def, struct domain *d, int mode, int op) |
580 | | { |
581 | | return xsm_ops->vm_event_control(d, mode, op); |
582 | | } |
583 | | |
584 | | #ifdef CONFIG_HAS_MEM_ACCESS |
585 | | static inline int xsm_mem_access (xsm_default_t def, struct domain *d) |
586 | | { |
587 | | return xsm_ops->mem_access(d); |
588 | | } |
589 | | #endif |
590 | | |
591 | | #ifdef CONFIG_HAS_MEM_PAGING |
592 | | static inline int xsm_mem_paging (xsm_default_t def, struct domain *d) |
593 | | { |
594 | | return xsm_ops->mem_paging(d); |
595 | | } |
596 | | #endif |
597 | | |
598 | | #ifdef CONFIG_HAS_MEM_SHARING |
599 | | static inline int xsm_mem_sharing (xsm_default_t def, struct domain *d) |
600 | | { |
601 | | return xsm_ops->mem_sharing(d); |
602 | | } |
603 | | #endif |
604 | | |
605 | | static inline int xsm_platform_op (xsm_default_t def, uint32_t op) |
606 | | { |
607 | | return xsm_ops->platform_op(op); |
608 | | } |
609 | | |
610 | | #ifdef CONFIG_X86 |
611 | | static inline int xsm_do_mca(xsm_default_t def) |
612 | | { |
613 | | return xsm_ops->do_mca(); |
614 | | } |
615 | | |
616 | | static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, uint32_t op) |
617 | | { |
618 | | return xsm_ops->shadow_control(d, op); |
619 | | } |
620 | | |
621 | | static inline int xsm_mem_sharing_op (xsm_default_t def, struct domain *d, struct domain *cd, int op) |
622 | | { |
623 | | return xsm_ops->mem_sharing_op(d, cd, op); |
624 | | } |
625 | | |
626 | | static inline int xsm_apic (xsm_default_t def, struct domain *d, int cmd) |
627 | | { |
628 | | return xsm_ops->apic(d, cmd); |
629 | | } |
630 | | |
631 | | static inline int xsm_memtype (xsm_default_t def, uint32_t access) |
632 | | { |
633 | | return xsm_ops->memtype(access); |
634 | | } |
635 | | |
636 | | static inline int xsm_machine_memory_map(xsm_default_t def) |
637 | | { |
638 | | return xsm_ops->machine_memory_map(); |
639 | | } |
640 | | |
641 | | static inline int xsm_domain_memory_map(xsm_default_t def, struct domain *d) |
642 | | { |
643 | | return xsm_ops->domain_memory_map(d); |
644 | | } |
645 | | |
646 | | static inline int xsm_mmu_update (xsm_default_t def, struct domain *d, struct domain *t, |
647 | | struct domain *f, uint32_t flags) |
648 | | { |
649 | | return xsm_ops->mmu_update(d, t, f, flags); |
650 | | } |
651 | | |
652 | | static inline int xsm_mmuext_op (xsm_default_t def, struct domain *d, struct domain *f) |
653 | | { |
654 | | return xsm_ops->mmuext_op(d, f); |
655 | | } |
656 | | |
657 | | static inline int xsm_update_va_mapping(xsm_default_t def, struct domain *d, struct domain *f, |
658 | | l1_pgentry_t pte) |
659 | | { |
660 | | return xsm_ops->update_va_mapping(d, f, pte); |
661 | | } |
662 | | |
663 | | static inline int xsm_priv_mapping(xsm_default_t def, struct domain *d, struct domain *t) |
664 | | { |
665 | | return xsm_ops->priv_mapping(d, t); |
666 | | } |
667 | | |
668 | | static inline int xsm_ioport_permission (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) |
669 | | { |
670 | | return xsm_ops->ioport_permission(d, s, e, allow); |
671 | | } |
672 | | |
673 | | static inline int xsm_ioport_mapping (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) |
674 | | { |
675 | | return xsm_ops->ioport_mapping(d, s, e, allow); |
676 | | } |
677 | | |
678 | | static inline int xsm_pmu_op (xsm_default_t def, struct domain *d, unsigned int op) |
679 | | { |
680 | | return xsm_ops->pmu_op(d, op); |
681 | | } |
682 | | |
683 | | static inline int xsm_dm_op(xsm_default_t def, struct domain *d) |
684 | | { |
685 | | return xsm_ops->dm_op(d); |
686 | | } |
687 | | |
688 | | #endif /* CONFIG_X86 */ |
689 | | |
690 | | static inline int xsm_xen_version (xsm_default_t def, uint32_t op) |
691 | | { |
692 | | return xsm_ops->xen_version(op); |
693 | | } |
694 | | |
695 | | #endif /* XSM_NO_WRAPPERS */ |
696 | | |
697 | | #ifdef CONFIG_MULTIBOOT |
698 | | extern int xsm_multiboot_init(unsigned long *module_map, |
699 | | const multiboot_info_t *mbi, |
700 | | void *(*bootstrap_map)(const module_t *)); |
701 | | extern int xsm_multiboot_policy_init(unsigned long *module_map, |
702 | | const multiboot_info_t *mbi, |
703 | | void *(*bootstrap_map)(const module_t *), |
704 | | void **policy_buffer, |
705 | | size_t *policy_size); |
706 | | #endif |
707 | | |
708 | | #ifdef CONFIG_HAS_DEVICE_TREE |
709 | | extern int xsm_dt_init(void); |
710 | | extern int xsm_dt_policy_init(void **policy_buffer, size_t *policy_size); |
711 | | extern bool has_xsm_magic(paddr_t); |
712 | | #endif |
713 | | |
714 | | extern int register_xsm(struct xsm_operations *ops); |
715 | | |
716 | | extern struct xsm_operations dummy_xsm_ops; |
717 | | extern void xsm_fixup_ops(struct xsm_operations *ops); |
718 | | |
719 | | #ifdef CONFIG_FLASK |
720 | | extern void flask_init(const void *policy_buffer, size_t policy_size); |
721 | | #else |
722 | | static inline void flask_init(const void *policy_buffer, size_t policy_size) |
723 | | { |
724 | | } |
725 | | #endif |
726 | | |
727 | | #ifdef CONFIG_XSM_POLICY |
728 | | extern const unsigned char xsm_init_policy[]; |
729 | | extern const unsigned int xsm_init_policy_size; |
730 | | #endif |
731 | | |
732 | | #else /* CONFIG_XSM */ |
733 | | |
734 | | #include <xsm/dummy.h> |
735 | | |
736 | | #ifdef CONFIG_MULTIBOOT |
737 | | static inline int xsm_multiboot_init (unsigned long *module_map, |
738 | | const multiboot_info_t *mbi, |
739 | | void *(*bootstrap_map)(const module_t *)) |
740 | 1 | { |
741 | 1 | return 0; |
742 | 1 | } Unexecuted instantiation: domctl.c:xsm_multiboot_init Unexecuted instantiation: domain.c:xsm_multiboot_init Unexecuted instantiation: event_channel.c:xsm_multiboot_init Unexecuted instantiation: grant_table.c:xsm_multiboot_init Unexecuted instantiation: kernel.c:xsm_multiboot_init Unexecuted instantiation: kexec.c:xsm_multiboot_init Unexecuted instantiation: mem_access.c:xsm_multiboot_init Unexecuted instantiation: memory.c:xsm_multiboot_init Unexecuted instantiation: monitor.c:xsm_multiboot_init Unexecuted instantiation: page_alloc.c:xsm_multiboot_init Unexecuted instantiation: rangeset.c:xsm_multiboot_init Unexecuted instantiation: schedule.c:xsm_multiboot_init Unexecuted instantiation: sysctl.c:xsm_multiboot_init Unexecuted instantiation: vm_event.c:xsm_multiboot_init Unexecuted instantiation: xenoprof.c:xsm_multiboot_init Unexecuted instantiation: tmem.c:xsm_multiboot_init Unexecuted instantiation: tmem_xen.c:xsm_multiboot_init Unexecuted instantiation: tmem_control.c:xsm_multiboot_init Unexecuted instantiation: console.c:xsm_multiboot_init Unexecuted instantiation: iommu.c:xsm_multiboot_init Unexecuted instantiation: pci.c:xsm_multiboot_init Unexecuted instantiation: xsm_core.c:xsm_multiboot_init Unexecuted instantiation: compat.c:xsm_multiboot_init Unexecuted instantiation: hypercall.c:xsm_multiboot_init Unexecuted instantiation: msi.c:xsm_multiboot_init Unexecuted instantiation: irq.c:xsm_multiboot_init Unexecuted instantiation: mm.c:xsm_multiboot_init Unexecuted instantiation: physdev.c:xsm_multiboot_init Unexecuted instantiation: platform_hypercall.c:xsm_multiboot_init setup.c:xsm_multiboot_init Line | Count | Source | 740 | 1 | { | 741 | 1 | return 0; | 742 | 1 | } |
Unexecuted instantiation: traps.c:xsm_multiboot_init Unexecuted instantiation: suspend.c:xsm_multiboot_init Unexecuted instantiation: vpmu.c:xsm_multiboot_init Unexecuted instantiation: mce.c:xsm_multiboot_init Unexecuted instantiation: dm.c:xsm_multiboot_init Unexecuted instantiation: hvm.c:xsm_multiboot_init Unexecuted instantiation: io.c:xsm_multiboot_init Unexecuted instantiation: viridian.c:xsm_multiboot_init Unexecuted instantiation: svm.c:xsm_multiboot_init Unexecuted instantiation: vmx.c:xsm_multiboot_init Unexecuted instantiation: paging.c:xsm_multiboot_init Unexecuted instantiation: p2m.c:xsm_multiboot_init Unexecuted instantiation: mem_paging.c:xsm_multiboot_init Unexecuted instantiation: mem_sharing.c:xsm_multiboot_init Unexecuted instantiation: multi.c:xsm_multiboot_init Unexecuted instantiation: callback.c:xsm_multiboot_init Unexecuted instantiation: descriptor-tables.c:xsm_multiboot_init Unexecuted instantiation: emul-gate-op.c:xsm_multiboot_init Unexecuted instantiation: emul-inv-op.c:xsm_multiboot_init Unexecuted instantiation: emul-priv-op.c:xsm_multiboot_init Unexecuted instantiation: misc-hypercalls.c:xsm_multiboot_init |
743 | | #endif |
744 | | |
745 | | #ifdef CONFIG_HAS_DEVICE_TREE |
746 | | static inline int xsm_dt_init(void) |
747 | | { |
748 | | return 0; |
749 | | } |
750 | | |
751 | | static inline bool has_xsm_magic(paddr_t start) |
752 | | { |
753 | | return false; |
754 | | } |
755 | | #endif /* CONFIG_HAS_DEVICE_TREE */ |
756 | | |
757 | | #endif /* CONFIG_XSM */ |
758 | | |
759 | | #endif /* __XSM_H */ |