x86/hvm: allow guest_request vm_events coming from userspace

author Alexandru Isaila <aisaila@bitdefender.com>

Wed, 30 Aug 2017 09:04:13 +0000 (11:04 +0200)

committer Jan Beulich <jbeulich@suse.com>

Wed, 30 Aug 2017 09:04:13 +0000 (11:04 +0200)
author Alexandru Isaila <aisaila@bitdefender.com>
Wed, 30 Aug 2017 09:04:13 +0000 (11:04 +0200)
committer Jan Beulich <jbeulich@suse.com>
Wed, 30 Aug 2017 09:04:13 +0000 (11:04 +0200)
diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h

index ad5e6b3d773b98b5fd2f786e0a12005e1d0ee2d4..43151cb415dd8d5cb767a45d6f71a0430ce3e685 100644 (file)
--- a/tools/libxc/include/xenctrl.h
+++ b/tools/libxc/include/xenctrl.h
@@ -2022,7 +2022,7 @@ int xc_monitor_software_breakpoint(xc_interface *xch, domid_t domain_id,
  int xc_monitor_descriptor_access(xc_interface *xch, domid_t domain_id,
                                   bool enable);
  int xc_monitor_guest_request(xc_interface *xch, domid_t domain_id,
-                             bool enable, bool sync);
+                             bool enable, bool sync, bool allow_userspace);
  int xc_monitor_debug_exceptions(xc_interface *xch, domid_t domain_id,
                                  bool enable, bool sync);
  int xc_monitor_cpuid(xc_interface *xch, domid_t domain_id, bool enable);
diff --git a/tools/libxc/xc_monitor.c b/tools/libxc/xc_monitor.c

index b44ce93be71ebfe130d1be46dbed305e337f1804..a67782009d2a5ac3efb75eb8ac16c424fa40827b 100644 (file)
--- a/tools/libxc/xc_monitor.c
+++ b/tools/libxc/xc_monitor.c
@@ -147,7 +147,7 @@ int xc_monitor_descriptor_access(xc_interface *xch, domid_t domain_id,
  }
  
  int xc_monitor_guest_request(xc_interface *xch, domid_t domain_id, bool enable,
-                             bool sync)
+                             bool sync, bool allow_userspace)
  {
      DECLARE_DOMCTL;
  
@@ -157,6 +157,7 @@ int xc_monitor_guest_request(xc_interface *xch, domid_t domain_id, bool enable,
                                      : XEN_DOMCTL_MONITOR_OP_DISABLE;
      domctl.u.monitor_op.event = XEN_DOMCTL_MONITOR_EVENT_GUEST_REQUEST;
      domctl.u.monitor_op.u.guest_request.sync = sync;
+    domctl.u.monitor_op.u.guest_request.allow_userspace = enable ? allow_userspace : false;
  
      return do_domctl(xch, &domctl);
  }
diff --git a/xen/arch/x86/hvm/hypercall.c b/xen/arch/x86/hvm/hypercall.c

index e7238ce2935c7f02e0f51bf15ba80d7910d97258..5742dd1797b47d98e137fa72fea1c3c002ec4dff 100644 (file)
--- a/xen/arch/x86/hvm/hypercall.c
+++ b/xen/arch/x86/hvm/hypercall.c
@@ -155,6 +155,11 @@ int hvm_hypercall(struct cpu_user_regs *regs)
          /* Fallthrough to permission check. */
      case 4:
      case 2:
+        if ( currd->arch.monitor.guest_request_userspace_enabled &&
+            eax == __HYPERVISOR_hvm_op &&
+            (mode == 8 ? regs->rdi : regs->ebx) == HVMOP_guest_request_vm_event )
+            break;
+
          if ( unlikely(hvm_get_cpl(curr)) )
          {
      default:
diff --git a/xen/common/monitor.c b/xen/common/monitor.c

index 451f42f6c3e5f0e89c8f55258d034300b84bc657..4c540e56656cc8167581c160ef8d46abcbd6db66 100644 (file)
--- a/xen/common/monitor.c
+++ b/xen/common/monitor.c
@@ -75,6 +75,7 @@ int monitor_domctl(struct domain *d, struct xen_domctl_monitor_op *mop)
          domain_pause(d);
          d->monitor.guest_request_sync = mop->u.guest_request.sync;
          d->monitor.guest_request_enabled = requested_status;
+        arch_monitor_allow_userspace(d, mop->u.guest_request.allow_userspace);
          domain_unpause(d);
          break;
      }
diff --git a/xen/include/asm-arm/monitor.h b/xen/include/asm-arm/monitor.h

index 1c4fea395fd723307801bbb5ac4a79d183c6c417..7567be66bdc5b314943caaba73d9f891bafab43c 100644 (file)
--- a/xen/include/asm-arm/monitor.h
+++ b/xen/include/asm-arm/monitor.h
@@ -25,6 +25,11 @@
  #include <xen/sched.h>
  #include <public/domctl.h>
  
+static inline
+void arch_monitor_allow_userspace(struct domain *d, bool allow_userspace)
+{
+}
+
  static inline
  int arch_monitor_domctl_op(struct domain *d, struct xen_domctl_monitor_op *mop)
  {
diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h

index c10522b7f552bbd1e9f46929233da083602d80af..de0250725a30a823fb6bfd90d64406b98fff919d 100644 (file)
--- a/xen/include/asm-x86/domain.h
+++ b/xen/include/asm-x86/domain.h
@@ -396,15 +396,16 @@ struct arch_domain
  
      /* Arch-specific monitor options */
      struct {
-        unsigned int write_ctrlreg_enabled       : 4;
-        unsigned int write_ctrlreg_sync          : 4;
-        unsigned int write_ctrlreg_onchangeonly  : 4;
-        unsigned int singlestep_enabled          : 1;
-        unsigned int software_breakpoint_enabled : 1;
-        unsigned int debug_exception_enabled     : 1;
-        unsigned int debug_exception_sync        : 1;
-        unsigned int cpuid_enabled               : 1;
-        unsigned int descriptor_access_enabled   : 1;
+        unsigned int write_ctrlreg_enabled                                 : 4;
+        unsigned int write_ctrlreg_sync                                    : 4;
+        unsigned int write_ctrlreg_onchangeonly                            : 4;
+        unsigned int singlestep_enabled                                    : 1;
+        unsigned int software_breakpoint_enabled                           : 1;
+        unsigned int debug_exception_enabled                               : 1;
+        unsigned int debug_exception_sync                                  : 1;
+        unsigned int cpuid_enabled                                         : 1;
+        unsigned int descriptor_access_enabled                             : 1;
+        unsigned int guest_request_userspace_enabled                       : 1;
          struct monitor_msr_bitmap *msr_bitmap;
          uint64_t write_ctrlreg_mask[4];
      } monitor;
diff --git a/xen/include/asm-x86/monitor.h b/xen/include/asm-x86/monitor.h

index c5c323b6aa518409611c2f7a09efcd573cd8db25..765d0b41d21feb366c75e717859206693b14a251 100644 (file)
--- a/xen/include/asm-x86/monitor.h
+++ b/xen/include/asm-x86/monitor.h
@@ -32,6 +32,12 @@ struct monitor_msr_bitmap {
      DECLARE_BITMAP(high, 8192);
  };
  
+static inline
+void arch_monitor_allow_userspace(struct domain *d, bool allow_userspace)
+{
+    d->arch.monitor.guest_request_userspace_enabled = allow_userspace;
+}
+
  static inline
  int arch_monitor_domctl_op(struct domain *d, struct xen_domctl_monitor_op *mop)
  {
diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h

index 73d8dc85f7727616ba6a9a561f8e2f4b669e07ab..83c7c75835dbfcc1031080dd9b3aef36d32b555c 100644 (file)
--- a/xen/include/public/domctl.h
+++ b/xen/include/public/domctl.h
@@ -1128,6 +1128,7 @@ struct xen_domctl_monitor_op {
          struct {
              /* Pause vCPU until response */
              uint8_t sync;
+            uint8_t allow_userspace;
          } guest_request;
  
          struct {
author	Alexandru Isaila <aisaila@bitdefender.com>
	Wed, 30 Aug 2017 09:04:13 +0000 (11:04 +0200)
committer	Jan Beulich <jbeulich@suse.com>
	Wed, 30 Aug 2017 09:04:13 +0000 (11:04 +0200)
tools/libxc/include/xenctrl.h		patch \| blob \| history
tools/libxc/xc_monitor.c		patch \| blob \| history
xen/arch/x86/hvm/hypercall.c		patch \| blob \| history
xen/common/monitor.c		patch \| blob \| history
xen/include/asm-arm/monitor.h		patch \| blob \| history
xen/include/asm-x86/domain.h		patch \| blob \| history
xen/include/asm-x86/monitor.h		patch \| blob \| history
xen/include/public/domctl.h		patch \| blob \| history