From nobody Sun Sep 14 08:23:09 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=amd.com); dmarc=pass(p=quarantine dis=none) header.from=amd.com ARC-Seal: i=2; a=rsa-sha256; t=1757490390; cv=pass; d=zohomail.com; s=zohoarc; b=BaxCu6yXOLjpzJn8nnl+DH93f5/C+wOfJ6CCsFmLIA1wdq77WNSL5gj7jPy+KEqUUyKLtl6NDQ7nApYKnk1m2pPJ1q5DeWo4/gxNbLwpGrvEDitWu5vmDOLIfEh4my0HisphfxOnwfZuNp709h2ohjSvt6kiDnoMOIgTgNNTqOs= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1757490390; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=sPLCxnD1ZJb6r1rXSz/MjuR5iKDACsR2gEr90FFhFxk=; b=iMC/BqOyTGa5P2mnBgfgFGGN+C8KABe/uIIaZQucj2HMYfUiUE6e1cG/b6l8alir6h8f7Gkr2gXYYTOr8s+n0JAoNKA757uZ3NU04NC4GyenT1sZ0dCAU0Ctz3G5W98yAeCUNV9v79cPTAul2gbT235vuYiU+m95qwRO1KmbjOc= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=amd.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1757490390881603.027659713298; Wed, 10 Sep 2025 00:46:30 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1117678.1463795 (Exim 4.92) (envelope-from ) id 1uwFWt-0005WE-Sb; Wed, 10 Sep 2025 07:46:11 +0000 Received: by outflank-mailman (output) from mailman id 1117678.1463795; Wed, 10 Sep 2025 07:46:11 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1uwFWt-0005W1-OA; Wed, 10 Sep 2025 07:46:11 +0000 Received: by outflank-mailman (input) for mailman id 1117678; Wed, 10 Sep 2025 07:46:10 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1uwFQm-0005yt-6J for xen-devel@lists.xenproject.org; Wed, 10 Sep 2025 07:39:52 +0000 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on20604.outbound.protection.outlook.com [2a01:111:f403:2413::604]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 52992622-8e19-11f0-9d13-b5c5bf9af7f9; Wed, 10 Sep 2025 09:39:47 +0200 (CEST) Received: from BYAPR02CA0057.namprd02.prod.outlook.com (2603:10b6:a03:54::34) by DS0PR12MB7778.namprd12.prod.outlook.com (2603:10b6:8:151::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9094.22; Wed, 10 Sep 2025 07:39:43 +0000 Received: from SN1PEPF000252A3.namprd05.prod.outlook.com (2603:10b6:a03:54:cafe::6f) by BYAPR02CA0057.outlook.office365.com (2603:10b6:a03:54::34) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9115.15 via Frontend Transport; Wed, 10 Sep 2025 07:39:42 +0000 Received: from satlexmb07.amd.com (165.204.84.17) by SN1PEPF000252A3.mail.protection.outlook.com (10.167.242.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9115.13 via Frontend Transport; Wed, 10 Sep 2025 07:39:42 +0000 Received: from penny-System-Product-Name.amd.com (10.180.168.240) by satlexmb07.amd.com (10.181.42.216) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.17; Wed, 10 Sep 2025 00:39:40 -0700 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 52992622-8e19-11f0-9d13-b5c5bf9af7f9 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Ly7DLNkdRMxRw6S9/Y8rj/ZyB99eietlVtejRl0k6r8zacNApW8UekguDSPVI0uWl477AaFMQoJ7JVCdZkVNyesZL43ltXsngRGjE9d42f+2eP0J4T+4AwbSvMmFyRW2HQLxO1s4/zoDwRoCzG/7f7lwie/sqIJZgNlXCR2CL11BxWOUkr1/x6e+ro20RFtjhaHFiKDJrziMKCJJjpiDiDCpAzC4/QFwTN6Pypxx8eX53JQImB0ZH1qcR5R9KP8JWoStAzOpW6zmk1gEMxGUywnRArqZ6l0PxxdSFYlNq+6+1AuQXMFXLqCzj29f91SepG5iyhfRIkGXZdKWtfXAwA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sPLCxnD1ZJb6r1rXSz/MjuR5iKDACsR2gEr90FFhFxk=; b=papn7aqDBMcvjvGcGClg1nriNzzStuchjIVmkjgpYsusP41MEnZRXZbnXSIkoQx2ZyHefd613XvC8gXiQg8j9t2GwZ6kdKKtmV8/e+8uDzGClX4etbniSlo6xHeHE4SxavGVaIUgCYvy0Ut5/amfH71JsLwKy0jF8y3lUCAwkbHTCm02s9eebi4IFM7UJhFXZT7ys8oF6Ut0SbSwoPEHg4hSbeT6RtNn8aNt7SQfmNR20ZRntXKQTVQ3lENmUmEOasTv9AZZ8jQPbsY3x2dzboah4SBNwdDoGP1hEUZ0cEyuzYVCl5zvIa1f9QNx9JovY4lS00nRLDp2APOBtHYU+A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sPLCxnD1ZJb6r1rXSz/MjuR5iKDACsR2gEr90FFhFxk=; b=meC+3NRmLur1NAjJxMIHSKVTr3XTskVM8Ua5wy310jeLWZmeo0aj0FRl62b0iAycXYPEUob9JVfInzkQJzQ+Veej659828d2V1+B5s9YkVXZgCw7lo8ILasJ0lgvz2p+JVSWGJ1dYdFRDU+m8iOEzThMlvQstiVd9uh6Ci5UcYM= X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=satlexmb07.amd.com; pr=C From: Penny Zheng To: CC: , Penny Zheng , "Daniel P. Smith" Subject: [PATCH v2 15/26] xen/domctl: wrap xsm_{irq_permission,iomem_permission} with CONFIG_MGMT_HYPERCALLS Date: Wed, 10 Sep 2025 15:38:16 +0800 Message-ID: <20250910073827.3622177-16-Penny.Zheng@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20250910073827.3622177-1-Penny.Zheng@amd.com> References: <20250910073827.3622177-1-Penny.Zheng@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: satlexmb07.amd.com (10.181.42.216) To satlexmb07.amd.com (10.181.42.216) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000252A3:EE_|DS0PR12MB7778:EE_ X-MS-Office365-Filtering-Correlation-Id: 274d4229-6ff2-4e03-6e8f-08ddf03d34e3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|36860700013|82310400026; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?Rm9v+Dp0w+e9+A7hbzulm57Gx5UmucCEiuyv8WBsVqHPa59ELVJMRnoQetyc?= =?us-ascii?Q?5G104Lua3BwoymLZ++QLWLIxhS+yLSvjbVfncJ5FxwSRi5s0kVut3dZwGokY?= =?us-ascii?Q?KcjiwknvKKnQ8lx9nGnjhQ78wNnm0oTUyTwzg9a+MaDjtMsq2Q2hGbiIvfch?= =?us-ascii?Q?uDPNvcOV7XieoO+kzeMv9guAZ0skzK9wg2fiYDiArZ2P4S9hxGngpadX+oKi?= =?us-ascii?Q?9oB/AgjJ2quqxR7qQ9aCfpA8XY72BRHljW+ue+mokVhPRgcmvj79qntFlr+X?= =?us-ascii?Q?iVAgLSZGTsTymPtxSn/1KXwjxwKiCCJ7XrvH3EnFZpSZguSUHbq+Z1PY8bXz?= =?us-ascii?Q?qJojJ6spwlO5PCusOQ2kTvZxSpMKGn2lGuEZCgkPi/sdQEtDkCreMUN4deG1?= =?us-ascii?Q?N4oabXDHYVD6SF9keaFRLan/x4QIOVQ9x3JFwN5h8dkrF7qPkgvxtUNmRPIc?= =?us-ascii?Q?32WeB38T9xE0ZiLnyD4aToKWJB0D6XYtg6+RTAaJyc++G/M7R4WZTvygOgFD?= =?us-ascii?Q?9rHb7pt06ZhcD7iLDLLBZQCsKjrcdeWTZbcOs/JSP5xm8/SgAq9N9M3ZZ6KQ?= =?us-ascii?Q?VNJ2n9wCCFODF3y6DSRnN+K9KgLNHwHRD3jbOUpMt1odPCDHAzCeT5vRuNgX?= =?us-ascii?Q?Wk6MwxnLCSoTcXJwONuQdJBBG7qWlmbXAz7GyOh9qox0HSL1i4f81REnA4QW?= =?us-ascii?Q?WCsKDpKa35tvxxyIspOnG91boTYuK4g6WTR7lf/1mWtXejjTt5wzM/9O8KQR?= =?us-ascii?Q?x2fo4nIVXetMLGXH/9Xe9xGRbew3tfIHo+CJ0K4yrG8sAUIXXZO8y3UHRrWL?= =?us-ascii?Q?uu7f2IcHArm+pDGsx7ClsyGCJm46/4XRawoRtqJ0vOT9BbZg18G/1zbf4dJg?= =?us-ascii?Q?w25SUvLhPOcFKwnMoGkJjFZrR6Y2nm+z3ZWc97rTssiWSGLxvndkv/b5VR4F?= =?us-ascii?Q?WtttbRyfTxYLS6iZd/vBhcn1R4rKFh/QPDiue4Fa9s0Sh3K+ouWOInR2CcJb?= =?us-ascii?Q?T3kvWeCrF/JECHX08xK9i/8C2bDjuZXO4UN/Yg6avSwe+PkC2epK8GdymGdE?= =?us-ascii?Q?ftgVvHN0O3BI1NxiPivV8Lu6jGV7pctfej0qwMDtYDgvXUpIT7CpSmcVFWTO?= =?us-ascii?Q?JDNoPsbtcrMpuNWTcdKAcZON7sXZjzhrhTX3fxuQ7ucKZtfQhhgaT7BTI0rI?= =?us-ascii?Q?KhD6CEzjUP9UjWeJatzCLoM6KScCRWmem97dVO1yobDjP9CGnzucHXHysKpB?= =?us-ascii?Q?mVZc+V6AdJ9Q7IVDzjvL6N4VVh14IFCrNz07w2S80yjPpT1LvGQl1b5BSdWG?= =?us-ascii?Q?WWemsnhqiVH62mtW5dBy1uqpeLrOxRLUp/Mi83ndq3tbw8Xd+8DmTTx52301?= =?us-ascii?Q?WEBWUr5Bs7mCJKI1dFEmkZuj4G9X8RD5YN81BtikhFD0pI4RVCKIsUYgk5k9?= =?us-ascii?Q?a+AUFJQWB+9JD+9HpTDEeiGu8w1uXBDqGwfT2FPaaX28pF0mVuSBojZDpa22?= =?us-ascii?Q?2n/4qYbYAqcsl3c6zSkrhiIc7zHgWEf1ud4u?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:satlexmb07.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(1800799024)(36860700013)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Sep 2025 07:39:42.6747 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 274d4229-6ff2-4e03-6e8f-08ddf03d34e3 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[satlexmb07.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000252A3.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB7778 X-ZohoMail-DKIM: pass (identity @amd.com) X-ZM-MESSAGEID: 1757490391779116600 Content-Type: text/plain; charset="utf-8" The following functions are invoked only under XEN_DOMCTL_{irq_permission,iomem_permission} domctl-op, and shall be wrapped with CONFIG_MGMT_HYPERCALLS: - xsm_irq_permission - xsm_iomem_permission Signed-off-by: Penny Zheng --- v1 -> v2: - adapt to changes of "unify DOMCTL to MGMT_HYPERCALLS" --- xen/include/xsm/xsm.h | 10 ++++++++++ xen/xsm/dummy.c | 2 ++ xen/xsm/flask/hooks.c | 4 ++++ 3 files changed, 16 insertions(+) diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index 4d332ceca2..1fcd945336 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -113,9 +113,11 @@ struct xsm_ops { int (*unmap_domain_irq)(struct domain *d, int irq, const void *data); int (*bind_pt_irq)(struct domain *d, struct xen_domctl_bind_pt_irq *bi= nd); int (*unbind_pt_irq)(struct domain *d, struct xen_domctl_bind_pt_irq *= bind); +#ifdef CONFIG_MGMT_HYPERCALLS int (*irq_permission)(struct domain *d, int pirq, uint8_t allow); int (*iomem_permission)(struct domain *d, uint64_t s, uint64_t e, uint8_t allow); +#endif int (*iomem_mapping)(struct domain *d, uint64_t s, uint64_t e, uint8_t allow); int (*pci_config_permission)(struct domain *d, uint32_t machine_bdf, @@ -508,13 +510,21 @@ static inline int xsm_unbind_pt_irq( static inline int xsm_irq_permission( xsm_default_t def, struct domain *d, int pirq, uint8_t allow) { +#ifdef CONFIG_MGMT_HYPERCALLS return alternative_call(xsm_ops.irq_permission, d, pirq, allow); +#else + return -EOPNOTSUPP; +#endif } =20 static inline int xsm_iomem_permission( xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t a= llow) { +#ifdef CONFIG_MGMT_HYPERCALLS return alternative_call(xsm_ops.iomem_permission, d, s, e, allow); +#else + return -EOPNOTSUPP; +#endif } =20 static inline int xsm_iomem_mapping( diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c index 2c878999a3..b216894579 100644 --- a/xen/xsm/dummy.c +++ b/xen/xsm/dummy.c @@ -73,8 +73,10 @@ static const struct xsm_ops __initconst_cf_clobber dummy= _ops =3D { .unmap_domain_irq =3D xsm_unmap_domain_irq, .bind_pt_irq =3D xsm_bind_pt_irq, .unbind_pt_irq =3D xsm_unbind_pt_irq, +#ifdef CONFIG_MGMT_HYPERCALLS .irq_permission =3D xsm_irq_permission, .iomem_permission =3D xsm_iomem_permission, +#endif .iomem_mapping =3D xsm_iomem_mapping, .pci_config_permission =3D xsm_pci_config_permission, .get_vnumainfo =3D xsm_get_vnumainfo, diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index e8a4deb2ea..198053be77 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1111,12 +1111,14 @@ static int cf_check flask_unbind_pt_irq( return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); } =20 +#ifdef CONFIG_MGMT_HYPERCALLS static int cf_check flask_irq_permission( struct domain *d, int pirq, uint8_t access) { /* the PIRQ number is not useful; real IRQ is checked during mapping */ return current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)= ); } +#endif /* CONFIG_MGMT_HYPERCALLS */ =20 struct iomem_has_perm_data { uint32_t ssid; @@ -1943,8 +1945,10 @@ static const struct xsm_ops __initconst_cf_clobber f= lask_ops =3D { .unmap_domain_irq =3D flask_unmap_domain_irq, .bind_pt_irq =3D flask_bind_pt_irq, .unbind_pt_irq =3D flask_unbind_pt_irq, +#ifdef CONFIG_MGMT_HYPERCALLS .irq_permission =3D flask_irq_permission, .iomem_permission =3D flask_iomem_permission, +#endif .iomem_mapping =3D flask_iomem_mapping, .pci_config_permission =3D flask_pci_config_permission, =20 --=20 2.34.1