arm: remove rcu_lock_target_domain_by_id users

This function has been replaced with rcu_lock_domain_by_any_id and an
XSM check.  Two callers already had an XSM check; add a check to the
third.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: George Dunlap <george.dunlap@eu.citrix.com> (for 4.3 release)
Acked-by: Ian Campbell <ian.campbell@citrix.com> (for thae ARM bits)

diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c
index 03492dfa7dbb547078eaad28f3787a5d2611d157..bd6d5f34e95edf90fe6294b74cb3d0bdc8215f3b 100644 (file)
--- a/xen/arch/arm/mm.c
+++ b/xen/arch/arm/mm.c
@@ -753,9 +753,16 @@ static int xenmem_add_to_physmap_one(
     {
         paddr_t maddr;
         struct domain *od;
-        rc = rcu_lock_target_domain_by_id(foreign_domid, &od);
-        if ( rc < 0 )
+        od = rcu_lock_domain_by_any_id(foreign_domid);
+        if ( od == NULL )
+            return -ESRCH;
+
+        rc = xsm_map_gmfn_foreign(XSM_TARGET, d, od);
+        if ( rc )
+        {
+            rcu_unlock_domain(od);
             return rc;
+        }
 
         maddr = p2m_lookup(od, idx << PAGE_SHIFT);
         if ( maddr == INVALID_PADDR )
@@ -847,9 +854,9 @@ long arch_memory_op(int op, XEN_GUEST_HANDLE_PARAM(void) arg)
         if ( xatp.space == XENMAPSPACE_gmfn_foreign )
             return -EINVAL;
 
-        rc = rcu_lock_target_domain_by_id(xatp.domid, &d);
-        if ( rc != 0 )
-            return rc;
+        d = rcu_lock_domain_by_any_id(xatp.domid);
+        if ( d == NULL )
+            return -ESRCH;
 
         rc = xsm_add_to_physmap(XSM_TARGET, current->domain, d);
         if ( rc )
@@ -878,9 +885,9 @@ long arch_memory_op(int op, XEN_GUEST_HANDLE_PARAM(void) arg)
         if ( xatpr.space == XENMAPSPACE_gmfn_range )
             return -EINVAL;
 
-        rc = rcu_lock_target_domain_by_id(xatpr.domid, &d);
-        if ( rc != 0 )
-            return rc;
+        d = rcu_lock_domain_by_any_id(xatpr.domid);
+        if ( d == NULL )
+            return -ESRCH;
 
         rc = xsm_add_to_physmap(XSM_TARGET, current->domain, d);
         if ( rc )

diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index 9bfe5966e41b5c3ce3f81cc313b456fd89346ce2..3912bd93b95b3613b82a3afa81432098a55aa366 100644 (file)
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -616,4 +616,12 @@ static XSM_INLINE int xsm_ioport_mapping(XSM_DEFAULT_ARG struct domain *d, uint3
     return xsm_default_action(action, current->domain, d);
 }
 
+#endif /* CONFIG_X86 */
+
+#ifdef CONFIG_ARM
+static XSM_INLINE int xsm_map_gmfn_foreign(XSM_DEFAULT_ARG struct domain *d, struct domain *t)
+{
+    XSM_ASSERT_ACTION(XSM_TARGET);
+    return xsm_default_action(action, d, t);
+}
 #endif

diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 69fe64a5ff8f7be95075d2c33eb39b76caf9f974..58a4fbb1d1bb7d89f37fb13b38b121ca2646dff1 100644 (file)
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -162,6 +162,9 @@ struct xsm_operations {
     int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow);
     int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow);
 #endif
+#ifdef CONFIG_ARM
+    int (*map_gmfn_foreign) (struct domain *d, struct domain *t);
+#endif
 };
 
 #ifdef XSM_ENABLE
@@ -622,6 +625,14 @@ static inline int xsm_ioport_mapping (xsm_default_t def, struct domain *d, uint3
     return xsm_ops->ioport_mapping(d, s, e, allow);
 }
 #endif /* CONFIG_X86 */
+
+#ifdef CONFIG_ARM
+static inline int xsm_map_gmfn_foreign (struct domain *d, struct domain *t)
+{
+    return xsm_ops->map_gmfn_foreign(d, t);
+}
+#endif /* CONFIG_ARM */
+
 #endif /* XSM_NO_WRAPPERS */
 
 extern int xsm_init(unsigned long *module_map, const multiboot_info_t *mbi,

diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 3d84e73110c1f4010920879585445ca2b41f8ea4..937761f095eef6728fae81be0cf6218641471148 100644 (file)
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -132,4 +132,7 @@ void xsm_fixup_ops (struct xsm_operations *ops)
     set_to_dummy_if_null(ops, ioport_permission);
     set_to_dummy_if_null(ops, ioport_mapping);
 #endif
+#ifdef CONFIG_ARM
+    set_to_dummy_if_null(ops, map_gmfn_foreign);
+#endif
 }

diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 3291aa2e6c00ad80a9d5594daec2a1ae15669a98..bb10de3ae801d044a9df02f634b16b97da1e010e 100644 (file)
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1454,6 +1454,13 @@ static int flask_unbind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq
 {
     return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE);
 }
+#endif /* CONFIG_X86 */
+
+#ifdef CONFIG_ARM
+static int flask_map_gmfn_foreign(struct domain *d, struct domain *t)
+{
+    return domain_has_perm(d, t, SECCLASS_MMU, MMU__MAP_READ | MMU__MAP_WRITE);
+}
 #endif
 
 long do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op);
@@ -1562,6 +1569,9 @@ static struct xsm_operations flask_ops = {
     .ioport_permission = flask_ioport_permission,
     .ioport_mapping = flask_ioport_mapping,
 #endif
+#ifdef CONFIG_ARM
+    .map_gmfn_foreign = flask_map_gmfn_foreign,
+#endif
 };
 
 static __init int flask_init(void)