1. Patchew
  2. Xen
  3. [PATCH v2 00/26] Disable domctl-op via CONFIG_MGMT_HYPERCALLS
  4. View patch

[PATCH v2 18/26] xen/domctl: wrap xsm_getdomaininfo() with CONFIG_MGMT_HYPERCALLS

Penny Zheng posted 26 patches 3 days, 22 hours ago
[PATCH v2 18/26] xen/domctl: wrap xsm_getdomaininfo() with CONFIG_MGMT_HYPERCALLS
Posted by Penny Zheng 3 days, 22 hours ago 
Function xsm_getdomaininfo() is only invoked in XEN_DOMCTL_getdomaininfo
domctl-op, and it shall be wrapped with CONFIG_MGMT_HYPERCALLS

Signed-off-by: Penny Zheng <Penny.Zheng@amd.com>
---
v1 -> v2:
- adapt to changes of "unify DOMCTL to MGMT_HYPERCALLS"
---
 xen/include/xsm/xsm.h | 6 +++++-
 xen/xsm/dummy.c       | 2 +-
 xen/xsm/flask/hooks.c | 4 ++--
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 678cb0f346..2a107b2cde 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -55,8 +55,8 @@ struct xsm_ops {
     void (*security_domaininfo)(struct domain *d,
                                 struct xen_domctl_getdomaininfo *info);
     int (*domain_create)(struct domain *d, uint32_t ssidref);
-    int (*getdomaininfo)(struct domain *d);
 #ifdef CONFIG_MGMT_HYPERCALLS
+    int (*getdomaininfo)(struct domain *d);
     int (*domctl_scheduler_op)(struct domain *d, int op);
     int (*sysctl_scheduler_op)(int op);
     int (*set_target)(struct domain *d, struct domain *e);
@@ -234,7 +234,11 @@ static inline int xsm_domain_create(
 
 static inline int xsm_getdomaininfo(xsm_default_t def, struct domain *d)
 {
+#ifdef CONFIG_MGMT_HYPERCALLS
     return alternative_call(xsm_ops.getdomaininfo, d);
+#else
+    return -EOPNOTSUPP;
+#endif
 }
 
 static inline int xsm_get_domain_state(xsm_default_t def, struct domain *d)
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index f6986dd2bb..7c4e6176aa 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -17,8 +17,8 @@ static const struct xsm_ops __initconst_cf_clobber dummy_ops = {
     .set_system_active             = xsm_set_system_active,
     .security_domaininfo           = xsm_security_domaininfo,
     .domain_create                 = xsm_domain_create,
-    .getdomaininfo                 = xsm_getdomaininfo,
 #ifdef CONFIG_MGMT_HYPERCALLS
+    .getdomaininfo                 = xsm_getdomaininfo,
     .domctl_scheduler_op           = xsm_domctl_scheduler_op,
     .sysctl_scheduler_op           = xsm_sysctl_scheduler_op,
     .set_target                    = xsm_set_target,
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index ed4e466302..7392e95e55 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -604,12 +604,12 @@ static int cf_check flask_domain_create(struct domain *d, uint32_t ssidref)
     return rc;
 }
 
+#ifdef CONFIG_MGMT_HYPERCALLS
 static int cf_check flask_getdomaininfo(struct domain *d)
 {
     return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETDOMAININFO);
 }
 
-#ifdef CONFIG_MGMT_HYPERCALLS
 static int cf_check flask_domctl_scheduler_op(struct domain *d, int op)
 {
     switch ( op )
@@ -1889,8 +1889,8 @@ static const struct xsm_ops __initconst_cf_clobber flask_ops = {
     .set_system_active = flask_set_system_active,
     .security_domaininfo = flask_security_domaininfo,
     .domain_create = flask_domain_create,
-    .getdomaininfo = flask_getdomaininfo,
 #ifdef CONFIG_MGMT_HYPERCALLS
+    .getdomaininfo = flask_getdomaininfo,
     .domctl_scheduler_op = flask_domctl_scheduler_op,
     .sysctl_scheduler_op = flask_sysctl_scheduler_op,
     .set_target = flask_set_target,
-- 
2.34.1
Re: [PATCH v2 18/26] xen/domctl: wrap xsm_getdomaininfo() with CONFIG_MGMT_HYPERCALLS
Posted by Jan Beulich 2 days, 17 hours ago 
On 10.09.2025 09:38, Penny Zheng wrote:
> --- a/xen/include/xsm/xsm.h
> +++ b/xen/include/xsm/xsm.h
> @@ -55,8 +55,8 @@ struct xsm_ops {
>      void (*security_domaininfo)(struct domain *d,
>                                  struct xen_domctl_getdomaininfo *info);
>      int (*domain_create)(struct domain *d, uint32_t ssidref);
> -    int (*getdomaininfo)(struct domain *d);
>  #ifdef CONFIG_MGMT_HYPERCALLS
> +    int (*getdomaininfo)(struct domain *d);
>      int (*domctl_scheduler_op)(struct domain *d, int op);
>      int (*sysctl_scheduler_op)(int op);
>      int (*set_target)(struct domain *d, struct domain *e);
> @@ -234,7 +234,11 @@ static inline int xsm_domain_create(
>  
>  static inline int xsm_getdomaininfo(xsm_default_t def, struct domain *d)
>  {
> +#ifdef CONFIG_MGMT_HYPERCALLS
>      return alternative_call(xsm_ops.getdomaininfo, d);
> +#else
> +    return -EOPNOTSUPP;
> +#endif
>  }

This is in use by a Xenstore sysctl and a Xenstore domctl. The sysctl is
hence already broken with the earlier series. Now the domctl is also being
screwed up. I don't think MGMT_HYPERCALLS really ought to extend to any
operations available to other than the core toolstack. That's the Xenstore
ones here, but also the ones used by qemu (whether run in Dom0 or a stubdom).
IOW I think there's a conceptual issue with this work which needs resolving
first.

Jan

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.