status
notify
create
- vector
reset
}
###############################################################################
define(`create_passthrough_resource', `
type $3, resource_type;
- allow $1 $3:event vector;
allow $1 $2:resource {add remove};
allow $1 ioport_t:resource {add_ioport use};
allow $1 iomem_t:resource {add_iomem use};
allow dom0_t domio_t:mmu {map_read map_write};
allow dom0_t iomem_t:mmu {map_read map_write};
-allow dom0_t pirq_t:event {vector};
allow dom0_t xen_t:mmu {memorymap};
allow dom0_t dom0_t:mmu {pinpage map_read map_write adjust updatemp};
if ( !IS_PRIV(v->domain) )
break;
- ret = xsm_assign_vector(v->domain, irq_op.irq);
- if ( ret )
- break;
-
/* Vector is only used by hypervisor, and dom0 shouldn't
touch it in its world, return irq_op.irq as the vecotr,
and make this hypercall dummy, and also defer the vector
int (*hvm_set_pci_link_route) (struct domain *d);
int (*hvm_inject_msi) (struct domain *d);
int (*apic) (struct domain *d, int cmd);
- int (*assign_vector) (struct domain *d, uint32_t pirq);
int (*xen_settime) (void);
int (*memtype) (uint32_t access);
int (*microcode) (void);
return xsm_call(apic(d, cmd));
}
-static inline int xsm_assign_vector (struct domain *d, uint32_t pirq)
-{
- return xsm_call(assign_vector(d, pirq));
-}
-
static inline int xsm_xen_settime (void)
{
return xsm_call(xen_settime());
return 0;
}
-static int dummy_assign_vector (struct domain *d, uint32_t pirq)
-{
- return 0;
-}
-
static int dummy_xen_settime (void)
{
return 0;
set_to_dummy_if_null(ops, hvm_set_isa_irq_level);
set_to_dummy_if_null(ops, hvm_set_pci_link_route);
set_to_dummy_if_null(ops, apic);
- set_to_dummy_if_null(ops, assign_vector);
set_to_dummy_if_null(ops, xen_settime);
set_to_dummy_if_null(ops, memtype);
set_to_dummy_if_null(ops, microcode);
return domain_has_xen(d, perm);
}
-static int flask_assign_vector(struct domain *d, uint32_t pirq)
-{
- u32 psid;
- struct domain_security_struct *dsec;
- dsec = d->ssid;
-
- if ( security_pirq_sid(pirq, &psid) )
- return -EPERM;
-
- return avc_has_perm(dsec->sid, psid, SECCLASS_EVENT, EVENT__VECTOR, NULL);
-}
-
static int flask_xen_settime(void)
{
return domain_has_xen(current->domain, XEN__SETTIME);
.hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level,
.hvm_set_pci_link_route = flask_hvm_set_pci_link_route,
.apic = flask_apic,
- .assign_vector = flask_assign_vector,
.xen_settime = flask_xen_settime,
.memtype = flask_memtype,
.microcode = flask_microcode,
S_(SECCLASS_HVM, HVM__GETHVMC, "gethvmc")
S_(SECCLASS_HVM, HVM__SETPARAM, "setparam")
S_(SECCLASS_HVM, HVM__GETPARAM, "getparam")
- S_(SECCLASS_HVM, HVM__TRACKDIRTYVRAM, "trackdirtyvram")
S_(SECCLASS_HVM, HVM__PCILEVEL, "pcilevel")
S_(SECCLASS_HVM, HVM__IRQLEVEL, "irqlevel")
S_(SECCLASS_HVM, HVM__PCIROUTE, "pciroute")
S_(SECCLASS_HVM, HVM__BIND_IRQ, "bind_irq")
S_(SECCLASS_HVM, HVM__CACHEATTR, "cacheattr")
+ S_(SECCLASS_HVM, HVM__TRACKDIRTYVRAM, "trackdirtyvram")
S_(SECCLASS_EVENT, EVENT__BIND, "bind")
S_(SECCLASS_EVENT, EVENT__SEND, "send")
S_(SECCLASS_EVENT, EVENT__STATUS, "status")
S_(SECCLASS_EVENT, EVENT__NOTIFY, "notify")
S_(SECCLASS_EVENT, EVENT__CREATE, "create")
- S_(SECCLASS_EVENT, EVENT__VECTOR, "vector")
S_(SECCLASS_EVENT, EVENT__RESET, "reset")
S_(SECCLASS_GRANT, GRANT__MAP_READ, "map_read")
S_(SECCLASS_GRANT, GRANT__MAP_WRITE, "map_write")
#define EVENT__STATUS 0x00000004UL
#define EVENT__NOTIFY 0x00000008UL
#define EVENT__CREATE 0x00000010UL
-#define EVENT__VECTOR 0x00000020UL
-#define EVENT__RESET 0x00000040UL
+#define EVENT__RESET 0x00000020UL
#define GRANT__MAP_READ 0x00000001UL
#define GRANT__MAP_WRITE 0x00000002UL
projects / xen.git / commitdiff