Remove DOM0_IOPL_PERMISSION since it doesn't make much sense.
All admin checks go throu the bitmap mask. Even privileged domains
(inc. domain0) must have a mask.
Signed-off-by: Keir Fraser <keir@xensource.com>
}
break;
- case DOM0_IOPL_PERMISSION:
- {
- struct domain *d;
-
- ret = -EINVAL;
- if ( op->u.iopl_permission.max_iopl > 3 )
- break;
-
- ret = -ESRCH;
- if ( unlikely((d = find_domain_by_id(
- op->u.iopl_permission.domain)) == NULL) )
- break;
-
- ret = 0;
- d->arch.max_iopl = op->u.iopl_permission.max_iopl;
-
- put_domain(d);
- }
- break;
-
case DOM0_IOPORT_PERMISSION:
{
struct domain *d;
struct domain *d = ed->domain;
u16 x;
- if ( IS_PRIV(d) || (d->arch.max_iopl >= (KERNEL_MODE(ed, regs) ? 1 : 3)) )
- return 1;
-
if ( d->arch.iobmp_mask != NULL )
{
x = *(u16 *)(d->arch.iobmp_mask + (port >> 3));
/* Domain 0 has read access to all devices. */
-void physdev_init_dom0(struct domain *p)
+void physdev_init_dom0(struct domain *d)
{
struct pci_dev *dev;
phys_dev_t *pdev;
- INFO("Give DOM0 read access to all PCI devices\n");
+ /* Access to all I/O ports. */
+ d->arch.iobmp_mask = xmalloc_array(u8, IOBMP_BYTES);
+ BUG_ON(d->arch.iobmp_mask == NULL);
+ memset(d->arch.iobmp_mask, 0, IOBMP_BYTES);
+ /* Access to all PCI devices. */
pci_for_each_dev(dev)
{
if ( pcidev_dom0_hidden(dev) )
continue;
}
-
- if ( (pdev = xmalloc(phys_dev_t)) == NULL ) {
- INFO("failed to allocate physical device structure!\n");
- break;
- }
+ pdev = xmalloc(phys_dev_t);
+ BUG_ON(pdev == NULL);
pdev->dev = dev;
pdev->flags = ACC_WRITE;
pdev->state = 0;
- pdev->owner = p;
- list_add(&pdev->node, &p->pcidev_list);
+ pdev->owner = d;
+ list_add(&pdev->node, &d->pcidev_list);
}
- set_bit(DF_PHYSDEV, &p->d_flags);
+ set_bit(DF_PHYSDEV, &d->d_flags);
}
/* I/O-port access bitmap mask. */
u8 *iobmp_mask; /* Address of IO bitmap mask, or NULL. */
- int max_iopl; /* Maximum achievable IOPL. */
/* shadow mode status and controls */
unsigned int shadow_mode; /* flags to control shadow table operation */
u32 _pad0;
} PACKED dom0_microcode_t; /* 16 bytes */
-#define DOM0_IOPL_PERMISSION 36
-typedef struct {
- domid_t domain; /* 0: domain to be affected */
- u16 max_iopl; /* 2: new effective IOPL limit */
-} PACKED dom0_iopl_permission_t; /* 4 bytes */
-
-#define DOM0_IOPORT_PERMISSION 37
+#define DOM0_IOPORT_PERMISSION 36
typedef struct {
domid_t domain; /* 0: domain to be affected */
u16 first_port; /* 2: first port int range */
dom0_read_memtype_t read_memtype;
dom0_perfccontrol_t perfccontrol;
dom0_microcode_t microcode;
- dom0_iopl_permission_t iopl_permission;
dom0_ioport_permission_t ioport_permission;
} PACKED u;
} PACKED dom0_op_t; /* 80 bytes */
projects / xen.git / commitdiff