1 /*
2 * Default XSM hooks - IS_PRIV and IS_PRIV_FOR checks
3 *
4 * Author: Daniel De Graaf <dgdegra@tyhco.nsa.gov>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2,
8 * as published by the Free Software Foundation.
9 *
10 *
11 * Each XSM hook implementing an access check should have its first parameter
12 * preceded by XSM_DEFAULT_ARG (or use XSM_DEFAULT_VOID if it has no
13 * arguments). The first non-declaration statement shold be XSM_ASSERT_ACTION
14 * with the expected type of the hook, which will either define or check the
15 * value of action.
16 */
17
18 #include <xen/sched.h>
19 #include <xsm/xsm.h>
20
21 /* Cannot use BUILD_BUG_ON here because the expressions we check are not
22 * considered constant at compile time. Instead, rely on constant propagation to
23 * inline out the calls to this invalid function, which will cause linker errors
24 * if references remain at link time.
25 */
26 #define LINKER_BUG_ON(x) do { if (x) __xsm_action_mismatch_detected(); } while (0)
27 /* DO NOT implement this function; it is supposed to trigger link errors */
28 void __xsm_action_mismatch_detected(void);
29
30 #ifdef CONFIG_XSM
31
32 /* In CONFIG_XSM builds, this header file is included from xsm/dummy.c, and
33 * contains static (not inline) functions compiled to the dummy XSM module.
34 * There is no xsm_default_t argument available, so the value from the assertion
35 * is used to initialize the variable.
36 */
37 #define XSM_INLINE /* */
38 #define XSM_DEFAULT_ARG /* */
39 #define XSM_DEFAULT_VOID void
40 #define XSM_ASSERT_ACTION(def) xsm_default_t action = def; (void)action
41
42 #else /* CONFIG_XSM */
43
44 /* In !CONFIG_XSM builds, this header file is included from xsm/xsm.h, and
45 * contains inline functions for each XSM hook. These functions also perform
46 * compile-time checks on the xsm_default_t argument to ensure that the behavior
47 * of the dummy XSM module is the same as the behavior with XSM disabled.
48 */
49 #define XSM_INLINE always_inline
50 #define XSM_DEFAULT_ARG xsm_default_t action,
51 #define XSM_DEFAULT_VOID xsm_default_t action
52 #define XSM_ASSERT_ACTION(def) LINKER_BUG_ON(def != action)
53
54 #endif /* CONFIG_XSM */
55
xsm_default_action(xsm_default_t action,struct domain * src,struct domain * target)56 static always_inline int xsm_default_action(
57 xsm_default_t action, struct domain *src, struct domain *target)
58 {
59 switch ( action ) {
60 case XSM_HOOK:
61 return 0;
62 case XSM_TARGET:
63 if ( src == target )
64 {
65 return 0;
66 case XSM_XS_PRIV:
67 if ( src->is_xenstore )
68 return 0;
69 }
70 /* fall through */
71 case XSM_DM_PRIV:
72 if ( target && src->target == target )
73 return 0;
74 /* fall through */
75 case XSM_PRIV:
76 if ( src->is_privileged )
77 return 0;
78 return -EPERM;
79 default:
80 LINKER_BUG_ON(1);
81 return -EPERM;
82 }
83 }
84
xsm_security_domaininfo(struct domain * d,struct xen_domctl_getdomaininfo * info)85 static XSM_INLINE void xsm_security_domaininfo(struct domain *d,
86 struct xen_domctl_getdomaininfo *info)
87 {
88 return;
89 }
90
xsm_domain_create(XSM_DEFAULT_ARG struct domain * d,u32 ssidref)91 static XSM_INLINE int xsm_domain_create(XSM_DEFAULT_ARG struct domain *d, u32 ssidref)
92 {
93 XSM_ASSERT_ACTION(XSM_HOOK);
94 return xsm_default_action(action, current->domain, d);
95 }
96
xsm_getdomaininfo(XSM_DEFAULT_ARG struct domain * d)97 static XSM_INLINE int xsm_getdomaininfo(XSM_DEFAULT_ARG struct domain *d)
98 {
99 XSM_ASSERT_ACTION(XSM_HOOK);
100 return xsm_default_action(action, current->domain, d);
101 }
102
xsm_domctl_scheduler_op(XSM_DEFAULT_ARG struct domain * d,int cmd)103 static XSM_INLINE int xsm_domctl_scheduler_op(XSM_DEFAULT_ARG struct domain *d, int cmd)
104 {
105 XSM_ASSERT_ACTION(XSM_HOOK);
106 return xsm_default_action(action, current->domain, d);
107 }
108
xsm_sysctl_scheduler_op(XSM_DEFAULT_ARG int cmd)109 static XSM_INLINE int xsm_sysctl_scheduler_op(XSM_DEFAULT_ARG int cmd)
110 {
111 XSM_ASSERT_ACTION(XSM_HOOK);
112 return xsm_default_action(action, current->domain, NULL);
113 }
114
xsm_set_target(XSM_DEFAULT_ARG struct domain * d,struct domain * e)115 static XSM_INLINE int xsm_set_target(XSM_DEFAULT_ARG struct domain *d, struct domain *e)
116 {
117 XSM_ASSERT_ACTION(XSM_HOOK);
118 return xsm_default_action(action, current->domain, NULL);
119 }
120
xsm_domctl(XSM_DEFAULT_ARG struct domain * d,int cmd)121 static XSM_INLINE int xsm_domctl(XSM_DEFAULT_ARG struct domain *d, int cmd)
122 {
123 XSM_ASSERT_ACTION(XSM_OTHER);
124 switch ( cmd )
125 {
126 case XEN_DOMCTL_ioport_mapping:
127 case XEN_DOMCTL_memory_mapping:
128 case XEN_DOMCTL_bind_pt_irq:
129 case XEN_DOMCTL_unbind_pt_irq:
130 return xsm_default_action(XSM_DM_PRIV, current->domain, d);
131 case XEN_DOMCTL_getdomaininfo:
132 return xsm_default_action(XSM_XS_PRIV, current->domain, d);
133 default:
134 return xsm_default_action(XSM_PRIV, current->domain, d);
135 }
136 }
137
xsm_sysctl(XSM_DEFAULT_ARG int cmd)138 static XSM_INLINE int xsm_sysctl(XSM_DEFAULT_ARG int cmd)
139 {
140 XSM_ASSERT_ACTION(XSM_PRIV);
141 return xsm_default_action(action, current->domain, NULL);
142 }
143
xsm_readconsole(XSM_DEFAULT_ARG uint32_t clear)144 static XSM_INLINE int xsm_readconsole(XSM_DEFAULT_ARG uint32_t clear)
145 {
146 XSM_ASSERT_ACTION(XSM_HOOK);
147 return xsm_default_action(action, current->domain, NULL);
148 }
149
xsm_alloc_security_domain(struct domain * d)150 static XSM_INLINE int xsm_alloc_security_domain(struct domain *d)
151 {
152 return 0;
153 }
154
xsm_free_security_domain(struct domain * d)155 static XSM_INLINE void xsm_free_security_domain(struct domain *d)
156 {
157 return;
158 }
159
xsm_grant_mapref(XSM_DEFAULT_ARG struct domain * d1,struct domain * d2,uint32_t flags)160 static XSM_INLINE int xsm_grant_mapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2,
161 uint32_t flags)
162 {
163 XSM_ASSERT_ACTION(XSM_HOOK);
164 return xsm_default_action(action, d1, d2);
165 }
166
xsm_grant_unmapref(XSM_DEFAULT_ARG struct domain * d1,struct domain * d2)167 static XSM_INLINE int xsm_grant_unmapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
168 {
169 XSM_ASSERT_ACTION(XSM_HOOK);
170 return xsm_default_action(action, d1, d2);
171 }
172
xsm_grant_setup(XSM_DEFAULT_ARG struct domain * d1,struct domain * d2)173 static XSM_INLINE int xsm_grant_setup(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
174 {
175 XSM_ASSERT_ACTION(XSM_TARGET);
176 return xsm_default_action(action, d1, d2);
177 }
178
xsm_grant_transfer(XSM_DEFAULT_ARG struct domain * d1,struct domain * d2)179 static XSM_INLINE int xsm_grant_transfer(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
180 {
181 XSM_ASSERT_ACTION(XSM_HOOK);
182 return xsm_default_action(action, d1, d2);
183 }
184
xsm_grant_copy(XSM_DEFAULT_ARG struct domain * d1,struct domain * d2)185 static XSM_INLINE int xsm_grant_copy(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
186 {
187 XSM_ASSERT_ACTION(XSM_HOOK);
188 return xsm_default_action(action, d1, d2);
189 }
190
xsm_grant_query_size(XSM_DEFAULT_ARG struct domain * d1,struct domain * d2)191 static XSM_INLINE int xsm_grant_query_size(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
192 {
193 XSM_ASSERT_ACTION(XSM_TARGET);
194 return xsm_default_action(action, d1, d2);
195 }
196
xsm_memory_exchange(XSM_DEFAULT_ARG struct domain * d)197 static XSM_INLINE int xsm_memory_exchange(XSM_DEFAULT_ARG struct domain *d)
198 {
199 XSM_ASSERT_ACTION(XSM_TARGET);
200 return xsm_default_action(action, current->domain, d);
201 }
202
xsm_memory_adjust_reservation(XSM_DEFAULT_ARG struct domain * d1,struct domain * d2)203 static XSM_INLINE int xsm_memory_adjust_reservation(XSM_DEFAULT_ARG struct domain *d1,
204 struct domain *d2)
205 {
206 XSM_ASSERT_ACTION(XSM_TARGET);
207 return xsm_default_action(action, d1, d2);
208 }
209
xsm_memory_stat_reservation(XSM_DEFAULT_ARG struct domain * d1,struct domain * d2)210 static XSM_INLINE int xsm_memory_stat_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
211 {
212 XSM_ASSERT_ACTION(XSM_TARGET);
213 return xsm_default_action(action, d1, d2);
214 }
215
xsm_console_io(XSM_DEFAULT_ARG struct domain * d,int cmd)216 static XSM_INLINE int xsm_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd)
217 {
218 XSM_ASSERT_ACTION(XSM_OTHER);
219 #ifdef CONFIG_VERBOSE_DEBUG
220 if ( cmd == CONSOLEIO_write )
221 return xsm_default_action(XSM_HOOK, d, NULL);
222 #endif
223 return xsm_default_action(XSM_PRIV, d, NULL);
224 }
225
xsm_profile(XSM_DEFAULT_ARG struct domain * d,int op)226 static XSM_INLINE int xsm_profile(XSM_DEFAULT_ARG struct domain *d, int op)
227 {
228 XSM_ASSERT_ACTION(XSM_HOOK);
229 return xsm_default_action(action, d, NULL);
230 }
231
xsm_kexec(XSM_DEFAULT_VOID)232 static XSM_INLINE int xsm_kexec(XSM_DEFAULT_VOID)
233 {
234 XSM_ASSERT_ACTION(XSM_PRIV);
235 return xsm_default_action(action, current->domain, NULL);
236 }
237
xsm_schedop_shutdown(XSM_DEFAULT_ARG struct domain * d1,struct domain * d2)238 static XSM_INLINE int xsm_schedop_shutdown(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
239 {
240 XSM_ASSERT_ACTION(XSM_DM_PRIV);
241 return xsm_default_action(action, d1, d2);
242 }
243
xsm_memory_pin_page(XSM_DEFAULT_ARG struct domain * d1,struct domain * d2,struct page_info * page)244 static XSM_INLINE int xsm_memory_pin_page(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2,
245 struct page_info *page)
246 {
247 XSM_ASSERT_ACTION(XSM_HOOK);
248 return xsm_default_action(action, d1, d2);
249 }
250
xsm_claim_pages(XSM_DEFAULT_ARG struct domain * d)251 static XSM_INLINE int xsm_claim_pages(XSM_DEFAULT_ARG struct domain *d)
252 {
253 XSM_ASSERT_ACTION(XSM_PRIV);
254 return xsm_default_action(action, current->domain, d);
255 }
256
xsm_evtchn_unbound(XSM_DEFAULT_ARG struct domain * d,struct evtchn * chn,domid_t id2)257 static XSM_INLINE int xsm_evtchn_unbound(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn,
258 domid_t id2)
259 {
260 XSM_ASSERT_ACTION(XSM_TARGET);
261 return xsm_default_action(action, current->domain, d);
262 }
263
xsm_evtchn_interdomain(XSM_DEFAULT_ARG struct domain * d1,struct evtchn * chan1,struct domain * d2,struct evtchn * chan2)264 static XSM_INLINE int xsm_evtchn_interdomain(XSM_DEFAULT_ARG struct domain *d1, struct evtchn
265 *chan1, struct domain *d2, struct evtchn *chan2)
266 {
267 XSM_ASSERT_ACTION(XSM_HOOK);
268 return xsm_default_action(action, d1, d2);
269 }
270
xsm_evtchn_close_post(struct evtchn * chn)271 static XSM_INLINE void xsm_evtchn_close_post(struct evtchn *chn)
272 {
273 return;
274 }
275
xsm_evtchn_send(XSM_DEFAULT_ARG struct domain * d,struct evtchn * chn)276 static XSM_INLINE int xsm_evtchn_send(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn)
277 {
278 XSM_ASSERT_ACTION(XSM_HOOK);
279 return xsm_default_action(action, d, NULL);
280 }
281
xsm_evtchn_status(XSM_DEFAULT_ARG struct domain * d,struct evtchn * chn)282 static XSM_INLINE int xsm_evtchn_status(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn)
283 {
284 XSM_ASSERT_ACTION(XSM_TARGET);
285 return xsm_default_action(action, current->domain, d);
286 }
287
xsm_evtchn_reset(XSM_DEFAULT_ARG struct domain * d1,struct domain * d2)288 static XSM_INLINE int xsm_evtchn_reset(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
289 {
290 XSM_ASSERT_ACTION(XSM_TARGET);
291 return xsm_default_action(action, d1, d2);
292 }
293
xsm_alloc_security_evtchn(struct evtchn * chn)294 static XSM_INLINE int xsm_alloc_security_evtchn(struct evtchn *chn)
295 {
296 return 0;
297 }
298
xsm_free_security_evtchn(struct evtchn * chn)299 static XSM_INLINE void xsm_free_security_evtchn(struct evtchn *chn)
300 {
301 return;
302 }
303
xsm_show_security_evtchn(struct domain * d,const struct evtchn * chn)304 static XSM_INLINE char *xsm_show_security_evtchn(struct domain *d, const struct evtchn *chn)
305 {
306 return NULL;
307 }
308
xsm_init_hardware_domain(XSM_DEFAULT_ARG struct domain * d)309 static XSM_INLINE int xsm_init_hardware_domain(XSM_DEFAULT_ARG struct domain *d)
310 {
311 XSM_ASSERT_ACTION(XSM_HOOK);
312 return xsm_default_action(action, current->domain, d);
313 }
314
xsm_get_pod_target(XSM_DEFAULT_ARG struct domain * d)315 static XSM_INLINE int xsm_get_pod_target(XSM_DEFAULT_ARG struct domain *d)
316 {
317 XSM_ASSERT_ACTION(XSM_PRIV);
318 return xsm_default_action(action, current->domain, d);
319 }
320
xsm_set_pod_target(XSM_DEFAULT_ARG struct domain * d)321 static XSM_INLINE int xsm_set_pod_target(XSM_DEFAULT_ARG struct domain *d)
322 {
323 XSM_ASSERT_ACTION(XSM_PRIV);
324 return xsm_default_action(action, current->domain, d);
325 }
326
xsm_get_vnumainfo(XSM_DEFAULT_ARG struct domain * d)327 static XSM_INLINE int xsm_get_vnumainfo(XSM_DEFAULT_ARG struct domain *d)
328 {
329 XSM_ASSERT_ACTION(XSM_TARGET);
330 return xsm_default_action(action, current->domain, d);
331 }
332
333 #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI)
xsm_get_device_group(XSM_DEFAULT_ARG uint32_t machine_bdf)334 static XSM_INLINE int xsm_get_device_group(XSM_DEFAULT_ARG uint32_t machine_bdf)
335 {
336 XSM_ASSERT_ACTION(XSM_HOOK);
337 return xsm_default_action(action, current->domain, NULL);
338 }
339
xsm_assign_device(XSM_DEFAULT_ARG struct domain * d,uint32_t machine_bdf)340 static XSM_INLINE int xsm_assign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf)
341 {
342 XSM_ASSERT_ACTION(XSM_HOOK);
343 return xsm_default_action(action, current->domain, d);
344 }
345
xsm_deassign_device(XSM_DEFAULT_ARG struct domain * d,uint32_t machine_bdf)346 static XSM_INLINE int xsm_deassign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf)
347 {
348 XSM_ASSERT_ACTION(XSM_HOOK);
349 return xsm_default_action(action, current->domain, d);
350 }
351
352 #endif /* HAS_PASSTHROUGH && HAS_PCI */
353
354 #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE)
xsm_assign_dtdevice(XSM_DEFAULT_ARG struct domain * d,const char * dtpath)355 static XSM_INLINE int xsm_assign_dtdevice(XSM_DEFAULT_ARG struct domain *d,
356 const char *dtpath)
357 {
358 XSM_ASSERT_ACTION(XSM_HOOK);
359 return xsm_default_action(action, current->domain, d);
360 }
361
xsm_deassign_dtdevice(XSM_DEFAULT_ARG struct domain * d,const char * dtpath)362 static XSM_INLINE int xsm_deassign_dtdevice(XSM_DEFAULT_ARG struct domain *d,
363 const char *dtpath)
364 {
365 XSM_ASSERT_ACTION(XSM_HOOK);
366 return xsm_default_action(action, current->domain, d);
367 }
368
369 #endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE */
370
xsm_resource_plug_core(XSM_DEFAULT_VOID)371 static XSM_INLINE int xsm_resource_plug_core(XSM_DEFAULT_VOID)
372 {
373 XSM_ASSERT_ACTION(XSM_HOOK);
374 return xsm_default_action(action, current->domain, NULL);
375 }
376
xsm_resource_unplug_core(XSM_DEFAULT_VOID)377 static XSM_INLINE int xsm_resource_unplug_core(XSM_DEFAULT_VOID)
378 {
379 XSM_ASSERT_ACTION(XSM_HOOK);
380 return xsm_default_action(action, current->domain, NULL);
381 }
382
xsm_resource_plug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf)383 static XSM_INLINE int xsm_resource_plug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf)
384 {
385 XSM_ASSERT_ACTION(XSM_PRIV);
386 return xsm_default_action(action, current->domain, NULL);
387 }
388
xsm_resource_unplug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf)389 static XSM_INLINE int xsm_resource_unplug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf)
390 {
391 XSM_ASSERT_ACTION(XSM_PRIV);
392 return xsm_default_action(action, current->domain, NULL);
393 }
394
xsm_resource_setup_pci(XSM_DEFAULT_ARG uint32_t machine_bdf)395 static XSM_INLINE int xsm_resource_setup_pci(XSM_DEFAULT_ARG uint32_t machine_bdf)
396 {
397 XSM_ASSERT_ACTION(XSM_PRIV);
398 return xsm_default_action(action, current->domain, NULL);
399 }
400
xsm_resource_setup_gsi(XSM_DEFAULT_ARG int gsi)401 static XSM_INLINE int xsm_resource_setup_gsi(XSM_DEFAULT_ARG int gsi)
402 {
403 XSM_ASSERT_ACTION(XSM_PRIV);
404 return xsm_default_action(action, current->domain, NULL);
405 }
406
xsm_resource_setup_misc(XSM_DEFAULT_VOID)407 static XSM_INLINE int xsm_resource_setup_misc(XSM_DEFAULT_VOID)
408 {
409 XSM_ASSERT_ACTION(XSM_PRIV);
410 return xsm_default_action(action, current->domain, NULL);
411 }
412
xsm_page_offline(XSM_DEFAULT_ARG uint32_t cmd)413 static XSM_INLINE int xsm_page_offline(XSM_DEFAULT_ARG uint32_t cmd)
414 {
415 XSM_ASSERT_ACTION(XSM_HOOK);
416 return xsm_default_action(action, current->domain, NULL);
417 }
418
xsm_tmem_op(XSM_DEFAULT_VOID)419 static XSM_INLINE int xsm_tmem_op(XSM_DEFAULT_VOID)
420 {
421 XSM_ASSERT_ACTION(XSM_HOOK);
422 return xsm_default_action(action, current->domain, NULL);
423 }
424
xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM (xsm_op_t)op)425 static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
426 {
427 return -ENOSYS;
428 }
429
430 #ifdef CONFIG_COMPAT
xsm_do_compat_op(XEN_GUEST_HANDLE_PARAM (xsm_op_t)op)431 static XSM_INLINE int xsm_do_compat_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
432 {
433 return -ENOSYS;
434 }
435 #endif
436
xsm_show_irq_sid(int irq)437 static XSM_INLINE char *xsm_show_irq_sid(int irq)
438 {
439 return NULL;
440 }
441
xsm_map_domain_pirq(XSM_DEFAULT_ARG struct domain * d)442 static XSM_INLINE int xsm_map_domain_pirq(XSM_DEFAULT_ARG struct domain *d)
443 {
444 XSM_ASSERT_ACTION(XSM_DM_PRIV);
445 return xsm_default_action(action, current->domain, d);
446 }
447
xsm_map_domain_irq(XSM_DEFAULT_ARG struct domain * d,int irq,void * data)448 static XSM_INLINE int xsm_map_domain_irq(XSM_DEFAULT_ARG struct domain *d, int irq, void *data)
449 {
450 XSM_ASSERT_ACTION(XSM_HOOK);
451 return xsm_default_action(action, current->domain, d);
452 }
453
xsm_unmap_domain_pirq(XSM_DEFAULT_ARG struct domain * d)454 static XSM_INLINE int xsm_unmap_domain_pirq(XSM_DEFAULT_ARG struct domain *d)
455 {
456 XSM_ASSERT_ACTION(XSM_DM_PRIV);
457 return xsm_default_action(action, current->domain, d);
458 }
459
xsm_bind_pt_irq(XSM_DEFAULT_ARG struct domain * d,struct xen_domctl_bind_pt_irq * bind)460 static XSM_INLINE int xsm_bind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind)
461 {
462 XSM_ASSERT_ACTION(XSM_HOOK);
463 return xsm_default_action(action, current->domain, d);
464 }
465
xsm_unbind_pt_irq(XSM_DEFAULT_ARG struct domain * d,struct xen_domctl_bind_pt_irq * bind)466 static XSM_INLINE int xsm_unbind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind)
467 {
468 XSM_ASSERT_ACTION(XSM_HOOK);
469 return xsm_default_action(action, current->domain, d);
470 }
471
xsm_unmap_domain_irq(XSM_DEFAULT_ARG struct domain * d,int irq,void * data)472 static XSM_INLINE int xsm_unmap_domain_irq(XSM_DEFAULT_ARG struct domain *d, int irq, void *data)
473 {
474 XSM_ASSERT_ACTION(XSM_HOOK);
475 return xsm_default_action(action, current->domain, d);
476 }
477
xsm_irq_permission(XSM_DEFAULT_ARG struct domain * d,int pirq,uint8_t allow)478 static XSM_INLINE int xsm_irq_permission(XSM_DEFAULT_ARG struct domain *d, int pirq, uint8_t allow)
479 {
480 XSM_ASSERT_ACTION(XSM_HOOK);
481 return xsm_default_action(action, current->domain, d);
482 }
483
xsm_iomem_permission(XSM_DEFAULT_ARG struct domain * d,uint64_t s,uint64_t e,uint8_t allow)484 static XSM_INLINE int xsm_iomem_permission(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
485 {
486 XSM_ASSERT_ACTION(XSM_HOOK);
487 return xsm_default_action(action, current->domain, d);
488 }
489
xsm_iomem_mapping(XSM_DEFAULT_ARG struct domain * d,uint64_t s,uint64_t e,uint8_t allow)490 static XSM_INLINE int xsm_iomem_mapping(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
491 {
492 XSM_ASSERT_ACTION(XSM_HOOK);
493 return xsm_default_action(action, current->domain, d);
494 }
495
xsm_pci_config_permission(XSM_DEFAULT_ARG struct domain * d,uint32_t machine_bdf,uint16_t start,uint16_t end,uint8_t access)496 static XSM_INLINE int xsm_pci_config_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf,
497 uint16_t start, uint16_t end,
498 uint8_t access)
499 {
500 XSM_ASSERT_ACTION(XSM_HOOK);
501 return xsm_default_action(action, current->domain, d);
502 }
503
xsm_add_to_physmap(XSM_DEFAULT_ARG struct domain * d1,struct domain * d2)504 static XSM_INLINE int xsm_add_to_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
505 {
506 XSM_ASSERT_ACTION(XSM_TARGET);
507 return xsm_default_action(action, d1, d2);
508 }
509
xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain * d1,struct domain * d2)510 static XSM_INLINE int xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2)
511 {
512 XSM_ASSERT_ACTION(XSM_TARGET);
513 return xsm_default_action(action, d1, d2);
514 }
515
xsm_map_gmfn_foreign(XSM_DEFAULT_ARG struct domain * d,struct domain * t)516 static XSM_INLINE int xsm_map_gmfn_foreign(XSM_DEFAULT_ARG struct domain *d, struct domain *t)
517 {
518 XSM_ASSERT_ACTION(XSM_TARGET);
519 return xsm_default_action(action, d, t);
520 }
521
xsm_hvm_param(XSM_DEFAULT_ARG struct domain * d,unsigned long op)522 static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned long op)
523 {
524 XSM_ASSERT_ACTION(XSM_TARGET);
525 return xsm_default_action(action, current->domain, d);
526 }
527
xsm_hvm_control(XSM_DEFAULT_ARG struct domain * d,unsigned long op)528 static XSM_INLINE int xsm_hvm_control(XSM_DEFAULT_ARG struct domain *d, unsigned long op)
529 {
530 XSM_ASSERT_ACTION(XSM_DM_PRIV);
531 return xsm_default_action(action, current->domain, d);
532 }
533
xsm_hvm_param_nested(XSM_DEFAULT_ARG struct domain * d)534 static XSM_INLINE int xsm_hvm_param_nested(XSM_DEFAULT_ARG struct domain *d)
535 {
536 XSM_ASSERT_ACTION(XSM_PRIV);
537 return xsm_default_action(action, current->domain, d);
538 }
539
xsm_hvm_param_altp2mhvm(XSM_DEFAULT_ARG struct domain * d)540 static XSM_INLINE int xsm_hvm_param_altp2mhvm(XSM_DEFAULT_ARG struct domain *d)
541 {
542 XSM_ASSERT_ACTION(XSM_PRIV);
543 return xsm_default_action(action, current->domain, d);
544 }
545
xsm_hvm_altp2mhvm_op(XSM_DEFAULT_ARG struct domain * d,uint64_t mode,uint32_t op)546 static XSM_INLINE int xsm_hvm_altp2mhvm_op(XSM_DEFAULT_ARG struct domain *d, uint64_t mode, uint32_t op)
547 {
548 XSM_ASSERT_ACTION(XSM_OTHER);
549
550 switch ( mode )
551 {
552 case XEN_ALTP2M_mixed:
553 return xsm_default_action(XSM_TARGET, current->domain, d);
554 case XEN_ALTP2M_external:
555 return xsm_default_action(XSM_DM_PRIV, current->domain, d);
556 case XEN_ALTP2M_limited:
557 if ( HVMOP_altp2m_vcpu_enable_notify == op )
558 return xsm_default_action(XSM_TARGET, current->domain, d);
559 return xsm_default_action(XSM_DM_PRIV, current->domain, d);
560 default:
561 return -EPERM;
562 }
563 }
564
xsm_vm_event_control(XSM_DEFAULT_ARG struct domain * d,int mode,int op)565 static XSM_INLINE int xsm_vm_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op)
566 {
567 XSM_ASSERT_ACTION(XSM_PRIV);
568 return xsm_default_action(action, current->domain, d);
569 }
570
571 #ifdef CONFIG_HAS_MEM_ACCESS
xsm_mem_access(XSM_DEFAULT_ARG struct domain * d)572 static XSM_INLINE int xsm_mem_access(XSM_DEFAULT_ARG struct domain *d)
573 {
574 XSM_ASSERT_ACTION(XSM_DM_PRIV);
575 return xsm_default_action(action, current->domain, d);
576 }
577 #endif
578
579 #ifdef CONFIG_HAS_MEM_PAGING
xsm_mem_paging(XSM_DEFAULT_ARG struct domain * d)580 static XSM_INLINE int xsm_mem_paging(XSM_DEFAULT_ARG struct domain *d)
581 {
582 XSM_ASSERT_ACTION(XSM_DM_PRIV);
583 return xsm_default_action(action, current->domain, d);
584 }
585 #endif
586
587 #ifdef CONFIG_HAS_MEM_SHARING
xsm_mem_sharing(XSM_DEFAULT_ARG struct domain * d)588 static XSM_INLINE int xsm_mem_sharing(XSM_DEFAULT_ARG struct domain *d)
589 {
590 XSM_ASSERT_ACTION(XSM_DM_PRIV);
591 return xsm_default_action(action, current->domain, d);
592 }
593 #endif
594
xsm_platform_op(XSM_DEFAULT_ARG uint32_t op)595 static XSM_INLINE int xsm_platform_op(XSM_DEFAULT_ARG uint32_t op)
596 {
597 XSM_ASSERT_ACTION(XSM_PRIV);
598 return xsm_default_action(action, current->domain, NULL);
599 }
600
601 #ifdef CONFIG_X86
xsm_do_mca(XSM_DEFAULT_VOID)602 static XSM_INLINE int xsm_do_mca(XSM_DEFAULT_VOID)
603 {
604 XSM_ASSERT_ACTION(XSM_PRIV);
605 return xsm_default_action(action, current->domain, NULL);
606 }
607
xsm_shadow_control(XSM_DEFAULT_ARG struct domain * d,uint32_t op)608 static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op)
609 {
610 XSM_ASSERT_ACTION(XSM_HOOK);
611 return xsm_default_action(action, current->domain, d);
612 }
613
xsm_mem_sharing_op(XSM_DEFAULT_ARG struct domain * d,struct domain * cd,int op)614 static XSM_INLINE int xsm_mem_sharing_op(XSM_DEFAULT_ARG struct domain *d, struct domain *cd, int op)
615 {
616 XSM_ASSERT_ACTION(XSM_DM_PRIV);
617 return xsm_default_action(action, current->domain, cd);
618 }
619
xsm_apic(XSM_DEFAULT_ARG struct domain * d,int cmd)620 static XSM_INLINE int xsm_apic(XSM_DEFAULT_ARG struct domain *d, int cmd)
621 {
622 XSM_ASSERT_ACTION(XSM_PRIV);
623 return xsm_default_action(action, d, NULL);
624 }
625
xsm_machine_memory_map(XSM_DEFAULT_VOID)626 static XSM_INLINE int xsm_machine_memory_map(XSM_DEFAULT_VOID)
627 {
628 XSM_ASSERT_ACTION(XSM_PRIV);
629 return xsm_default_action(action, current->domain, NULL);
630 }
631
xsm_domain_memory_map(XSM_DEFAULT_ARG struct domain * d)632 static XSM_INLINE int xsm_domain_memory_map(XSM_DEFAULT_ARG struct domain *d)
633 {
634 XSM_ASSERT_ACTION(XSM_TARGET);
635 return xsm_default_action(action, current->domain, d);
636 }
637
xsm_mmu_update(XSM_DEFAULT_ARG struct domain * d,struct domain * t,struct domain * f,uint32_t flags)638 static XSM_INLINE int xsm_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct domain *t,
639 struct domain *f, uint32_t flags)
640 {
641 int rc = 0;
642 XSM_ASSERT_ACTION(XSM_TARGET);
643 if ( f != dom_io )
644 rc = xsm_default_action(action, d, f);
645 if ( t && !rc )
646 rc = xsm_default_action(action, d, t);
647 return rc;
648 }
649
xsm_mmuext_op(XSM_DEFAULT_ARG struct domain * d,struct domain * f)650 static XSM_INLINE int xsm_mmuext_op(XSM_DEFAULT_ARG struct domain *d, struct domain *f)
651 {
652 XSM_ASSERT_ACTION(XSM_TARGET);
653 return xsm_default_action(action, d, f);
654 }
655
xsm_update_va_mapping(XSM_DEFAULT_ARG struct domain * d,struct domain * f,l1_pgentry_t pte)656 static XSM_INLINE int xsm_update_va_mapping(XSM_DEFAULT_ARG struct domain *d, struct domain *f,
657 l1_pgentry_t pte)
658 {
659 XSM_ASSERT_ACTION(XSM_TARGET);
660 return xsm_default_action(action, d, f);
661 }
662
xsm_priv_mapping(XSM_DEFAULT_ARG struct domain * d,struct domain * t)663 static XSM_INLINE int xsm_priv_mapping(XSM_DEFAULT_ARG struct domain *d, struct domain *t)
664 {
665 XSM_ASSERT_ACTION(XSM_TARGET);
666 return xsm_default_action(action, d, t);
667 }
668
xsm_ioport_permission(XSM_DEFAULT_ARG struct domain * d,uint32_t s,uint32_t e,uint8_t allow)669 static XSM_INLINE int xsm_ioport_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow)
670 {
671 XSM_ASSERT_ACTION(XSM_HOOK);
672 return xsm_default_action(action, current->domain, d);
673 }
674
xsm_ioport_mapping(XSM_DEFAULT_ARG struct domain * d,uint32_t s,uint32_t e,uint8_t allow)675 static XSM_INLINE int xsm_ioport_mapping(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow)
676 {
677 XSM_ASSERT_ACTION(XSM_HOOK);
678 return xsm_default_action(action, current->domain, d);
679 }
680
xsm_pmu_op(XSM_DEFAULT_ARG struct domain * d,unsigned int op)681 static XSM_INLINE int xsm_pmu_op (XSM_DEFAULT_ARG struct domain *d, unsigned int op)
682 {
683 XSM_ASSERT_ACTION(XSM_OTHER);
684 switch ( op )
685 {
686 case XENPMU_init:
687 case XENPMU_finish:
688 case XENPMU_lvtpc_set:
689 case XENPMU_flush:
690 return xsm_default_action(XSM_HOOK, d, current->domain);
691 default:
692 return xsm_default_action(XSM_PRIV, d, current->domain);
693 }
694 }
695
xsm_dm_op(XSM_DEFAULT_ARG struct domain * d)696 static XSM_INLINE int xsm_dm_op(XSM_DEFAULT_ARG struct domain *d)
697 {
698 XSM_ASSERT_ACTION(XSM_DM_PRIV);
699 return xsm_default_action(action, current->domain, d);
700 }
701
702 #endif /* CONFIG_X86 */
703
704 #include <public/version.h>
xsm_xen_version(XSM_DEFAULT_ARG uint32_t op)705 static XSM_INLINE int xsm_xen_version (XSM_DEFAULT_ARG uint32_t op)
706 {
707 XSM_ASSERT_ACTION(XSM_OTHER);
708 switch ( op )
709 {
710 case XENVER_version:
711 case XENVER_platform_parameters:
712 case XENVER_get_features:
713 /* These sub-ops ignore the permission checks and return data. */
714 return 0;
715 case XENVER_extraversion:
716 case XENVER_compile_info:
717 case XENVER_capabilities:
718 case XENVER_changeset:
719 case XENVER_pagesize:
720 case XENVER_guest_handle:
721 /* These MUST always be accessible to any guest by default. */
722 return xsm_default_action(XSM_HOOK, current->domain, NULL);
723 default:
724 return xsm_default_action(XSM_PRIV, current->domain, NULL);
725 }
726 }
727