Function iommu_do_domctl() is the main entry for all iommu-related domctl-op,
and shall be wrapped with CONFIG_MGMT_HYPERCALLS.
Tracking its calling chain, the following functions shall all be wrapped
with CONFIG_MGMT_HYPERCALLS:
- iommu_do_pci_domctl
- iommu_get_device_group
- amd_iommu_group_id/intel_iommu_group_id
- device_assigned
- assign_device
- intel_iommu_assign_device/amd_iommu_assign_device
- deassign_device
- reassign_device_ownership/reassign_device
- make PCI_PASSTHROUGH depend on MGMT_HYPERCALLS
- iommu_do_dt_domctl
- iommu_deassign_dt_device
- arm_smmu_reassign_dev
- arm_smmu_deassign_dev
- arm_smmu_detach_dev
- arm_smmu_domain_remove_master
- ipmmu_reassign_device
- ipmmu_deassign_device
- ipmmu_detach_device
- iommu_remove_dt_device
- iommu_dt_device_is_assigned_locked
- dt_find_node_by_gpath
- xsm_get_device_group
- xsm_assign_device
- xsm_deassign_device
- xsm_assign_dtdevice
- xsm_deassign_dtdevice
Otherwise all the functions will become unreachable when MGMT_HYPERCALLS=n,
and hence violating Misra rule 2.1
Signed-off-by: Penny Zheng <Penny.Zheng@amd.com>
---
v1 -> v2:
- adapt to changes of "unify DOMCTL to MGMT_HYPERCALLS"
- wrap XEN_DOMCTL_assign_device{test_assign_device,deassign_device,
get_device_group}-case transiently
---
v2 -> v3:
- make PCI_PASSTHROUGH(, then HAS_VPCI_GUEST_SUPPORT) depend on MGMT_HYPERCALLS
- add wrapping for iommu_remove_dt_device/iommu_dt_device_is_assigned_locked/
arm_smmu_detach_dev/arm_smmu_domain_remove_master
- fold commit
"xen/xsm: wrap xsm-iommu-related functions with CONFIG_MGMT_HYPERCALLS" in
- fix overly long #ifdef
- add missing wrapping in xsm/dummy.h
- address "violating Misra rule 2.1" in commit message
- remove transient wrapping of
XEN_DOMCTL_assign_device{test_assign_device,deassign_device,get_device_group}-case
---
xen/arch/arm/Kconfig | 2 +-
xen/common/device-tree/device-tree.c | 2 ++
xen/drivers/passthrough/amd/pci_amd_iommu.c | 8 ++++++++
xen/drivers/passthrough/arm/ipmmu-vmsa.c | 8 ++++++++
xen/drivers/passthrough/arm/smmu-v3.c | 4 ++++
xen/drivers/passthrough/arm/smmu.c | 10 ++++++++++
xen/drivers/passthrough/device_tree.c | 6 ++++++
xen/drivers/passthrough/iommu.c | 2 ++
xen/drivers/passthrough/pci.c | 6 +++++-
xen/drivers/passthrough/vtd/iommu.c | 6 ++++++
xen/include/xsm/dummy.h | 12 ++++++------
xen/include/xsm/xsm.h | 21 ++++++++++++---------
xen/xsm/dummy.c | 10 ++++++----
xen/xsm/flask/hooks.c | 20 ++++++++++++--------
14 files changed, 88 insertions(+), 29 deletions(-)
diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig
index cf6af68299..5a5d7810c8 100644
--- a/xen/arch/arm/Kconfig
+++ b/xen/arch/arm/Kconfig
@@ -270,7 +270,7 @@ source "arch/arm/firmware/Kconfig"
config PCI_PASSTHROUGH
bool "PCI passthrough" if EXPERT
- depends on ARM_64 && HAS_PASSTHROUGH
+ depends on ARM_64 && HAS_PASSTHROUGH && MGMT_HYPERCALLS
help
This option enables PCI device passthrough
diff --git a/xen/common/device-tree/device-tree.c b/xen/common/device-tree/device-tree.c
index 0b5375f151..70bd8e7da5 100644
--- a/xen/common/device-tree/device-tree.c
+++ b/xen/common/device-tree/device-tree.c
@@ -371,6 +371,7 @@ struct dt_device_node *dt_find_node_by_path_from(struct dt_device_node *from,
return np;
}
+#ifdef CONFIG_MGMT_HYPERCALLS
int dt_find_node_by_gpath(XEN_GUEST_HANDLE(char) u_path, uint32_t u_plen,
struct dt_device_node **node)
{
@@ -386,6 +387,7 @@ int dt_find_node_by_gpath(XEN_GUEST_HANDLE(char) u_path, uint32_t u_plen,
return (*node == NULL) ? -ESRCH : 0;
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
struct dt_device_node *dt_find_node_by_alias(const char *alias)
{
diff --git a/xen/drivers/passthrough/amd/pci_amd_iommu.c b/xen/drivers/passthrough/amd/pci_amd_iommu.c
index 3a14770855..5786bf0c59 100644
--- a/xen/drivers/passthrough/amd/pci_amd_iommu.c
+++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c
@@ -461,6 +461,7 @@ static void amd_iommu_disable_domain_device(const struct domain *domain,
spin_unlock_irqrestore(&iommu->lock, flags);
}
+#ifdef CONFIG_MGMT_HYPERCALLS
static int cf_check reassign_device(
struct domain *source, struct domain *target, u8 devfn,
struct pci_dev *pdev)
@@ -550,6 +551,7 @@ static int cf_check amd_iommu_assign_device(
return rc;
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
static void cf_check amd_iommu_clear_root_pgtable(struct domain *d)
{
@@ -698,12 +700,14 @@ static int cf_check amd_iommu_remove_device(u8 devfn, struct pci_dev *pdev)
return 0;
}
+#ifdef CONFIG_MGMT_HYPERCALLS
static int cf_check amd_iommu_group_id(u16 seg, u8 bus, u8 devfn)
{
unsigned int bdf = PCI_BDF(bus, devfn);
return (bdf < ivrs_bdf_entries) ? get_dma_requestor_id(seg, bdf) : bdf;
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
#include <asm/io_apic.h>
@@ -772,14 +776,18 @@ static const struct iommu_ops __initconst_cf_clobber _iommu_ops = {
.quarantine_init = amd_iommu_quarantine_init,
.add_device = amd_iommu_add_device,
.remove_device = amd_iommu_remove_device,
+#ifdef CONFIG_MGMT_HYPERCALLS
.assign_device = amd_iommu_assign_device,
+#endif
.teardown = amd_iommu_domain_destroy,
.clear_root_pgtable = amd_iommu_clear_root_pgtable,
.map_page = amd_iommu_map_page,
.unmap_page = amd_iommu_unmap_page,
.iotlb_flush = amd_iommu_flush_iotlb_pages,
+#ifdef CONFIG_MGMT_HYPERCALLS
.reassign_device = reassign_device,
.get_device_group_id = amd_iommu_group_id,
+#endif
.enable_x2apic = iov_enable_xt,
.update_ire_from_apic = amd_iommu_ioapic_update_ire,
.update_ire_from_msi = amd_iommu_msi_msg_update_ire,
diff --git a/xen/drivers/passthrough/arm/ipmmu-vmsa.c b/xen/drivers/passthrough/arm/ipmmu-vmsa.c
index ea9fa9ddf3..023febc424 100644
--- a/xen/drivers/passthrough/arm/ipmmu-vmsa.c
+++ b/xen/drivers/passthrough/arm/ipmmu-vmsa.c
@@ -739,6 +739,7 @@ static int ipmmu_attach_device(struct ipmmu_vmsa_domain *domain,
return 0;
}
+#ifdef CONFIG_MGMT_HYPERCALLS
static void ipmmu_detach_device(struct ipmmu_vmsa_domain *domain,
struct device *dev)
{
@@ -748,6 +749,7 @@ static void ipmmu_detach_device(struct ipmmu_vmsa_domain *domain,
for ( i = 0; i < fwspec->num_ids; ++i )
ipmmu_utlb_disable(domain, fwspec->ids[i]);
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
static int ipmmu_init_platform_device(struct device *dev,
const struct dt_phandle_args *args)
@@ -1138,7 +1140,9 @@ static void ipmmu_free_root_domain(struct ipmmu_vmsa_domain *domain)
xfree(domain);
}
+#ifdef CONFIG_MGMT_HYPERCALLS
static int ipmmu_deassign_device(struct domain *d, struct device *dev);
+#endif
static int ipmmu_assign_device(struct domain *d, u8 devfn, struct device *dev,
uint32_t flag)
@@ -1254,6 +1258,7 @@ out:
return ret;
}
+#ifdef CONFIG_MGMT_HYPERCALLS
static int ipmmu_deassign_device(struct domain *d, struct device *dev)
{
struct ipmmu_vmsa_xen_domain *xen_domain = dom_iommu(d)->arch.priv;
@@ -1309,6 +1314,7 @@ static int ipmmu_reassign_device(struct domain *s, struct domain *t,
return 0;
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
static int ipmmu_dt_xlate(struct device *dev,
const struct dt_phandle_args *spec)
@@ -1487,7 +1493,9 @@ static const struct iommu_ops ipmmu_iommu_ops =
.teardown = ipmmu_iommu_domain_teardown,
.iotlb_flush = ipmmu_iotlb_flush,
.assign_device = ipmmu_assign_device,
+#ifdef CONFIG_MGMT_HYPERCALLS
.reassign_device = ipmmu_reassign_device,
+#endif
.map_page = arm_iommu_map_page,
.unmap_page = arm_iommu_unmap_page,
.dt_xlate = ipmmu_dt_xlate,
diff --git a/xen/drivers/passthrough/arm/smmu-v3.c b/xen/drivers/passthrough/arm/smmu-v3.c
index bf153227db..22def57b03 100644
--- a/xen/drivers/passthrough/arm/smmu-v3.c
+++ b/xen/drivers/passthrough/arm/smmu-v3.c
@@ -2759,6 +2759,7 @@ out:
return ret;
}
+#ifdef CONFIG_MGMT_HYPERCALLS
static int arm_smmu_deassign_dev(struct domain *d, uint8_t devfn, struct device *dev)
{
struct iommu_domain *io_domain = arm_smmu_get_domain(d, dev);
@@ -2826,6 +2827,7 @@ static int arm_smmu_reassign_dev(struct domain *s, struct domain *t,
return 0;
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
static int arm_smmu_iommu_xen_domain_init(struct domain *d)
{
@@ -2862,7 +2864,9 @@ static const struct iommu_ops arm_smmu_iommu_ops = {
.teardown = arm_smmu_iommu_xen_domain_teardown,
.iotlb_flush = arm_smmu_iotlb_flush,
.assign_device = arm_smmu_assign_dev,
+#ifdef CONFIG_MGMT_HYPERCALLS
.reassign_device = arm_smmu_reassign_dev,
+#endif
.map_page = arm_iommu_map_page,
.unmap_page = arm_iommu_unmap_page,
.dt_xlate = arm_smmu_dt_xlate,
diff --git a/xen/drivers/passthrough/arm/smmu.c b/xen/drivers/passthrough/arm/smmu.c
index 22d306d0cb..51c1bf4f08 100644
--- a/xen/drivers/passthrough/arm/smmu.c
+++ b/xen/drivers/passthrough/arm/smmu.c
@@ -894,8 +894,10 @@ static int register_smmu_master(struct arm_smmu_device *smmu,
/* Forward declaration */
static int arm_smmu_assign_dev(struct domain *d, u8 devfn,
struct device *dev, u32 flag);
+#ifdef CONFIG_MGMT_HYPERCALLS
static int arm_smmu_deassign_dev(struct domain *d, uint8_t devfn,
struct device *dev);
+#endif
/*
* The driver which supports generic IOMMU DT bindings must have this
@@ -1699,6 +1701,7 @@ static int arm_smmu_domain_add_master(struct arm_smmu_domain *smmu_domain,
return 0;
}
+#ifdef CONFIG_MGMT_HYPERCALLS
static void arm_smmu_domain_remove_master(
const struct arm_smmu_domain *smmu_domain,
struct arm_smmu_master_cfg *cfg)
@@ -1713,6 +1716,7 @@ static void arm_smmu_domain_remove_master(
arm_smmu_write_s2cr(smmu, idx);
}
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
static int arm_smmu_attach_dev(struct iommu_domain *domain, struct device *dev)
{
@@ -1761,6 +1765,7 @@ static int arm_smmu_attach_dev(struct iommu_domain *domain, struct device *dev)
return arm_smmu_domain_add_master(smmu_domain, cfg);
}
+#ifdef CONFIG_MGMT_HYPERCALLS
static void arm_smmu_detach_dev(struct iommu_domain *domain, struct device *dev)
{
struct arm_smmu_domain *smmu_domain = domain->priv;
@@ -1770,6 +1775,7 @@ static void arm_smmu_detach_dev(struct iommu_domain *domain, struct device *dev)
arm_smmu_domain_remove_master(smmu_domain, cfg);
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
#if 0 /*
* Xen: The page table is shared with the processor, therefore
@@ -2849,6 +2855,7 @@ out:
return ret;
}
+#ifdef CONFIG_MGMT_HYPERCALLS
static int arm_smmu_deassign_dev(struct domain *d, uint8_t devfn,
struct device *dev)
{
@@ -2918,6 +2925,7 @@ static int arm_smmu_reassign_dev(struct domain *s, struct domain *t,
return 0;
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
static int arm_smmu_iommu_domain_init(struct domain *d)
{
@@ -2956,7 +2964,9 @@ static const struct iommu_ops arm_smmu_iommu_ops = {
.teardown = arm_smmu_iommu_domain_teardown,
.iotlb_flush = arm_smmu_iotlb_flush,
.assign_device = arm_smmu_assign_dev,
+#ifdef CONFIG_MGMT_HYPERCALLS
.reassign_device = arm_smmu_reassign_dev,
+#endif
.map_page = arm_iommu_map_page,
.unmap_page = arm_iommu_unmap_page,
.dt_xlate = arm_smmu_dt_xlate_generic,
diff --git a/xen/drivers/passthrough/device_tree.c b/xen/drivers/passthrough/device_tree.c
index 015ffa15d4..09ac740fb2 100644
--- a/xen/drivers/passthrough/device_tree.c
+++ b/xen/drivers/passthrough/device_tree.c
@@ -59,6 +59,7 @@ fail:
return rc;
}
+#ifdef CONFIG_MGMT_HYPERCALLS
int iommu_deassign_dt_device(struct domain *d, struct dt_device_node *dev)
{
const struct domain_iommu *hd = dom_iommu(d);
@@ -100,6 +101,7 @@ static bool iommu_dt_device_is_assigned_locked(const struct dt_device_node *dev)
return assigned;
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
int iommu_dt_domain_init(struct domain *d)
{
@@ -212,6 +214,7 @@ int iommu_add_dt_pci_sideband_ids(struct pci_dev *pdev)
}
#endif /* CONFIG_HAS_PCI */
+#ifdef CONFIG_MGMT_HYPERCALLS
int iommu_remove_dt_device(struct dt_device_node *np)
{
const struct iommu_ops *ops = iommu_get_ops();
@@ -256,6 +259,7 @@ int iommu_remove_dt_device(struct dt_device_node *np)
spin_unlock(&dtdevs_lock);
return rc;
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
int iommu_add_dt_device(struct dt_device_node *np)
{
@@ -320,6 +324,7 @@ int iommu_add_dt_device(struct dt_device_node *np)
return rc;
}
+#ifdef CONFIG_MGMT_HYPERCALLS
int iommu_do_dt_domctl(struct xen_domctl *domctl, struct domain *d,
XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
{
@@ -431,3 +436,4 @@ int iommu_do_dt_domctl(struct xen_domctl *domctl, struct domain *d,
return ret;
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
diff --git a/xen/drivers/passthrough/iommu.c b/xen/drivers/passthrough/iommu.c
index c9425d6971..8812e38174 100644
--- a/xen/drivers/passthrough/iommu.c
+++ b/xen/drivers/passthrough/iommu.c
@@ -625,6 +625,7 @@ void iommu_resume(void)
iommu_vcall(iommu_get_ops(), resume);
}
+#ifdef CONFIG_MGMT_HYPERCALLS
int iommu_do_domctl(
struct xen_domctl *domctl, struct domain *d,
XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
@@ -645,6 +646,7 @@ int iommu_do_domctl(
return ret;
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
void iommu_crash_shutdown(void)
{
diff --git a/xen/drivers/passthrough/pci.c b/xen/drivers/passthrough/pci.c
index cd855108c2..aa07a7e748 100644
--- a/xen/drivers/passthrough/pci.c
+++ b/xen/drivers/passthrough/pci.c
@@ -877,6 +877,7 @@ int pci_remove_device(u16 seg, u8 bus, u8 devfn)
return ret;
}
+#ifdef CONFIG_MGMT_HYPERCALLS
/* Caller should hold the pcidevs_lock */
static int deassign_device(struct domain *d, uint16_t seg, uint8_t bus,
uint8_t devfn)
@@ -945,7 +946,6 @@ static int deassign_device(struct domain *d, uint16_t seg, uint8_t bus,
return ret;
}
-#ifdef CONFIG_MGMT_HYPERCALLS
int pci_release_devices(struct domain *d)
{
int combined_ret;
@@ -1483,6 +1483,7 @@ static int iommu_remove_device(struct pci_dev *pdev)
return iommu_call(hd->platform_ops, remove_device, devfn, pci_to_dev(pdev));
}
+#ifdef CONFIG_MGMT_HYPERCALLS
static int device_assigned(u16 seg, u8 bus, u8 devfn)
{
struct pci_dev *pdev;
@@ -1646,6 +1647,7 @@ static int iommu_get_device_group(
return i;
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
void iommu_dev_iotlb_flush_timeout(struct domain *d, struct pci_dev *pdev)
{
@@ -1671,6 +1673,7 @@ void iommu_dev_iotlb_flush_timeout(struct domain *d, struct pci_dev *pdev)
pcidevs_unlock();
}
+#ifdef CONFIG_MGMT_HYPERCALLS
int iommu_do_pci_domctl(
struct xen_domctl *domctl, struct domain *d,
XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
@@ -1804,6 +1807,7 @@ int iommu_do_pci_domctl(
return ret;
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
struct segment_iter {
int (*handler)(struct pci_dev *pdev, void *arg);
diff --git a/xen/drivers/passthrough/vtd/iommu.c b/xen/drivers/passthrough/vtd/iommu.c
index b4105163cc..8913dd4d5f 100644
--- a/xen/drivers/passthrough/vtd/iommu.c
+++ b/xen/drivers/passthrough/vtd/iommu.c
@@ -2731,6 +2731,7 @@ static int __init cf_check vtd_setup(void)
return ret;
}
+#ifdef CONFIG_MGMT_HYPERCALLS
static int cf_check reassign_device_ownership(
struct domain *source,
struct domain *target,
@@ -2926,6 +2927,7 @@ static int cf_check intel_iommu_group_id(u16 seg, u8 bus, u8 devfn)
return PCI_BDF(bus, devfn);
}
+#endif /* CONFIG_MGMT_HYPERCALLS */
static int __must_check cf_check vtd_suspend(void)
{
@@ -3234,14 +3236,18 @@ static const struct iommu_ops __initconst_cf_clobber vtd_ops = {
.add_device = intel_iommu_add_device,
.enable_device = intel_iommu_enable_device,
.remove_device = intel_iommu_remove_device,
+#ifdef CONFIG_MGMT_HYPERCALLS
.assign_device = intel_iommu_assign_device,
+#endif
.teardown = iommu_domain_teardown,
.clear_root_pgtable = iommu_clear_root_pgtable,
.map_page = intel_iommu_map_page,
.unmap_page = intel_iommu_unmap_page,
.lookup_page = intel_iommu_lookup_page,
+#ifdef CONFIG_MGMT_HYPERCALLS
.reassign_device = reassign_device_ownership,
.get_device_group_id = intel_iommu_group_id,
+#endif
.enable_x2apic = intel_iommu_enable_eim,
.disable_x2apic = intel_iommu_disable_eim,
.update_ire_from_apic = io_apic_write_remap_rte,
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index a598d74f1f..f53492bedc 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -407,7 +407,8 @@ static XSM_INLINE int cf_check xsm_get_vnumainfo(
return xsm_default_action(action, current->domain, d);
}
-#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI)
+#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_MGMT_HYPERCALLS)
+#ifdef CONFIG_HAS_PCI
static XSM_INLINE int cf_check xsm_get_device_group(
XSM_DEFAULT_ARG uint32_t machine_bdf)
{
@@ -428,10 +429,9 @@ static XSM_INLINE int cf_check xsm_deassign_device(
XSM_ASSERT_ACTION(XSM_HOOK);
return xsm_default_action(action, current->domain, d);
}
+#endif /* CONFIG_HAS_PCI */
-#endif /* HAS_PASSTHROUGH && HAS_PCI */
-
-#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY)
+#ifdef CONFIG_HAS_DEVICE_TREE_DISCOVERY
static XSM_INLINE int cf_check xsm_assign_dtdevice(
XSM_DEFAULT_ARG struct domain *d, const char *dtpath)
{
@@ -445,8 +445,8 @@ static XSM_INLINE int cf_check xsm_deassign_dtdevice(
XSM_ASSERT_ACTION(XSM_HOOK);
return xsm_default_action(action, current->domain, d);
}
-
-#endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE_DISCOVERY */
+#endif /* CONFIG_HAS_DEVICE_TREE_DISCOVERY */
+#endif /* CONFIG_HAS_PASSTHROUGH && CONFIG_MGMT_HYPERCALLS */
static XSM_INLINE int cf_check xsm_resource_plug_core(XSM_DEFAULT_VOID)
{
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 154a4b8a92..c9a2b895b1 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -123,16 +123,18 @@ struct xsm_ops {
int (*pci_config_permission)(struct domain *d, uint32_t machine_bdf,
uint16_t start, uint16_t end, uint8_t access);
-#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI)
+#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_MGMT_HYPERCALLS)
+#ifdef CONFIG_HAS_PCI
int (*get_device_group)(uint32_t machine_bdf);
int (*assign_device)(struct domain *d, uint32_t machine_bdf);
int (*deassign_device)(struct domain *d, uint32_t machine_bdf);
-#endif
+#endif /* CONFIG_HAS_PCI */
-#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY)
+#ifdef CONFIG_HAS_DEVICE_TREE_DISCOVERY
int (*assign_dtdevice)(struct domain *d, const char *dtpath);
int (*deassign_dtdevice)(struct domain *d, const char *dtpath);
-#endif
+#endif /* CONFIG_HAS_DEVICE_TREE_DISCOVERY */
+#endif /* CONFIG_HAS_PASSTHROUGH && CONFIG_MGMT_HYPERCALLS */
int (*resource_plug_core)(void);
int (*resource_unplug_core)(void);
@@ -524,7 +526,8 @@ static inline int xsm_pci_config_permission(
return alternative_call(xsm_ops.pci_config_permission, d, machine_bdf, start, end, access);
}
-#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI)
+#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_MGMT_HYPERCALLS)
+#ifdef CONFIG_HAS_PCI
static inline int xsm_get_device_group(xsm_default_t def, uint32_t machine_bdf)
{
return alternative_call(xsm_ops.get_device_group, machine_bdf);
@@ -541,9 +544,9 @@ static inline int xsm_deassign_device(
{
return alternative_call(xsm_ops.deassign_device, d, machine_bdf);
}
-#endif /* HAS_PASSTHROUGH && HAS_PCI) */
+#endif /* CONFIG_HAS_PCI */
-#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY)
+#ifdef CONFIG_HAS_DEVICE_TREE_DISCOVERY
static inline int xsm_assign_dtdevice(
xsm_default_t def, struct domain *d, const char *dtpath)
{
@@ -555,8 +558,8 @@ static inline int xsm_deassign_dtdevice(
{
return alternative_call(xsm_ops.deassign_dtdevice, d, dtpath);
}
-
-#endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE_DISCOVERY */
+#endif /* CONFIG_HAS_DEVICE_TREE_DISCOVERY */
+#endif /* CONFIG_HAS_PASSTHROUGH && CONFIG_MGMT_HYPERCALLS */
static inline int xsm_resource_plug_pci(xsm_default_t def, uint32_t machine_bdf)
{
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 9774bb3bdb..f2a22fed92 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -80,16 +80,18 @@ static const struct xsm_ops __initconst_cf_clobber dummy_ops = {
.pci_config_permission = xsm_pci_config_permission,
.get_vnumainfo = xsm_get_vnumainfo,
-#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI)
+#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_MGMT_HYPERCALLS)
+#ifdef CONFIG_HAS_PCI
.get_device_group = xsm_get_device_group,
.assign_device = xsm_assign_device,
.deassign_device = xsm_deassign_device,
-#endif
+#endif /* CONFIG_HAS_PCI */
-#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY)
+#ifdef CONFIG_HAS_DEVICE_TREE_DISCOVERY
.assign_dtdevice = xsm_assign_dtdevice,
.deassign_dtdevice = xsm_deassign_dtdevice,
-#endif
+#endif /* CONFIG_HAS_DEVICE_TREE_DISCOVERY */
+#endif /* CONFIG_HAS_PASSTHROUGH && CONFIG_MGMT_HYPERCALLS */
.resource_plug_core = xsm_resource_plug_core,
.resource_unplug_core = xsm_resource_unplug_core,
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 9b63c516e6..f761f8b384 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1388,7 +1388,8 @@ static int cf_check flask_mem_sharing(struct domain *d)
}
#endif
-#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI)
+#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_MGMT_HYPERCALLS)
+#ifdef CONFIG_HAS_PCI
static int cf_check flask_get_device_group(uint32_t machine_bdf)
{
uint32_t rsid;
@@ -1459,9 +1460,9 @@ static int cf_check flask_deassign_device(
return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL);
}
-#endif /* HAS_PASSTHROUGH && HAS_PCI */
+#endif /* CONFIG_HAS_PCI */
-#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY)
+#ifdef CONFIG_HAS_DEVICE_TREE_DISCOVERY
static int flask_test_assign_dtdevice(const char *dtpath)
{
uint32_t rsid;
@@ -1522,7 +1523,8 @@ static int cf_check flask_deassign_dtdevice(
return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE,
NULL);
}
-#endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE_DISCOVERY */
+#endif /* CONFIG_HAS_DEVICE_TREE_DISCOVERY */
+#endif /* CONFIG_HAS_PASSTHROUGH && CONFIG_MGMT_HYPERCALLS */
static int cf_check flask_platform_op(uint32_t op)
{
@@ -1987,16 +1989,18 @@ static const struct xsm_ops __initconst_cf_clobber flask_ops = {
.remove_from_physmap = flask_remove_from_physmap,
.map_gmfn_foreign = flask_map_gmfn_foreign,
-#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI)
+#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_MGMT_HYPERCALLS)
+#ifdef CONFIG_HAS_PCI
.get_device_group = flask_get_device_group,
.assign_device = flask_assign_device,
.deassign_device = flask_deassign_device,
-#endif
+#endif /* CONFIG_HAS_PCI */
-#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY)
+#ifdef CONFIG_HAS_DEVICE_TREE_DISCOVERY
.assign_dtdevice = flask_assign_dtdevice,
.deassign_dtdevice = flask_deassign_dtdevice,
-#endif
+#endif /* CONFIG_HAS_DEVICE_TREE_DISCOVERY */
+#endif /* CONFIG_HAS_PASSTHROUGH && CONFIG_MGMT_HYPERCALLS */
.platform_op = flask_platform_op,
#ifdef CONFIG_X86
--
2.34.1On 13.10.2025 12:15, Penny Zheng wrote:
> Function iommu_do_domctl() is the main entry for all iommu-related domctl-op,
> and shall be wrapped with CONFIG_MGMT_HYPERCALLS.
> Tracking its calling chain, the following functions shall all be wrapped
> with CONFIG_MGMT_HYPERCALLS:
> - iommu_do_pci_domctl
> - iommu_get_device_group
> - amd_iommu_group_id/intel_iommu_group_id
> - device_assigned
> - assign_device
> - intel_iommu_assign_device/amd_iommu_assign_device
> - deassign_device
> - reassign_device_ownership/reassign_device
Could this PCI related subset and ...
> - make PCI_PASSTHROUGH depend on MGMT_HYPERCALLS
> - iommu_do_dt_domctl
> - iommu_deassign_dt_device
> - arm_smmu_reassign_dev
> - arm_smmu_deassign_dev
> - arm_smmu_detach_dev
> - arm_smmu_domain_remove_master
> - ipmmu_reassign_device
> - ipmmu_deassign_device
> - ipmmu_detach_device
> - iommu_remove_dt_device
> - iommu_dt_device_is_assigned_locked
> - dt_find_node_by_gpath
... this DT related subset become separate (prereq) patches? Doing so may also reduce
the number of acks you need to collect on individual patches.
The bullet point in between looks unrelated in this list; it's not about any function,
after all. In fact I was about to complain that the aspect isn't mentioned in the
description, until I spotted the misplaced line.
> - xsm_get_device_group
> - xsm_assign_device
> - xsm_deassign_device
> - xsm_assign_dtdevice
> - xsm_deassign_dtdevice
> Otherwise all the functions will become unreachable when MGMT_HYPERCALLS=n,
> and hence violating Misra rule 2.1
>
> Signed-off-by: Penny Zheng <Penny.Zheng@amd.com>
> ---
> v1 -> v2:
> - adapt to changes of "unify DOMCTL to MGMT_HYPERCALLS"
> - wrap XEN_DOMCTL_assign_device{test_assign_device,deassign_device,
> get_device_group}-case transiently
> ---
> v2 -> v3:
> - make PCI_PASSTHROUGH(, then HAS_VPCI_GUEST_SUPPORT) depend on MGMT_HYPERCALLS
Is this correct, though? Isn't PCI pass-through and vPCI guest support also
possible in dom0less / hyperlaunch?
> --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c
> +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c
> @@ -461,6 +461,7 @@ static void amd_iommu_disable_domain_device(const struct domain *domain,
> spin_unlock_irqrestore(&iommu->lock, flags);
> }
>
> +#ifdef CONFIG_MGMT_HYPERCALLS
> static int cf_check reassign_device(
> struct domain *source, struct domain *target, u8 devfn,
> struct pci_dev *pdev)
> @@ -550,6 +551,7 @@ static int cf_check amd_iommu_assign_device(
>
> return rc;
> }
> +#endif /* CONFIG_MGMT_HYPERCALLS */
>
> static void cf_check amd_iommu_clear_root_pgtable(struct domain *d)
> {
> @@ -698,12 +700,14 @@ static int cf_check amd_iommu_remove_device(u8 devfn, struct pci_dev *pdev)
> return 0;
> }
>
> +#ifdef CONFIG_MGMT_HYPERCALLS
> static int cf_check amd_iommu_group_id(u16 seg, u8 bus, u8 devfn)
> {
> unsigned int bdf = PCI_BDF(bus, devfn);
>
> return (bdf < ivrs_bdf_entries) ? get_dma_requestor_id(seg, bdf) : bdf;
> }
> +#endif /* CONFIG_MGMT_HYPERCALLS */
Might be worth moving some code and ...
> @@ -772,14 +776,18 @@ static const struct iommu_ops __initconst_cf_clobber _iommu_ops = {
> .quarantine_init = amd_iommu_quarantine_init,
> .add_device = amd_iommu_add_device,
> .remove_device = amd_iommu_remove_device,
> +#ifdef CONFIG_MGMT_HYPERCALLS
> .assign_device = amd_iommu_assign_device,
> +#endif
> .teardown = amd_iommu_domain_destroy,
> .clear_root_pgtable = amd_iommu_clear_root_pgtable,
> .map_page = amd_iommu_map_page,
> .unmap_page = amd_iommu_unmap_page,
> .iotlb_flush = amd_iommu_flush_iotlb_pages,
> +#ifdef CONFIG_MGMT_HYPERCALLS
> .reassign_device = reassign_device,
> .get_device_group_id = amd_iommu_group_id,
> +#endif
> .enable_x2apic = iov_enable_xt,
> .update_ire_from_apic = amd_iommu_ioapic_update_ire,
> .update_ire_from_msi = amd_iommu_msi_msg_update_ire,
... some fields / initializers, such that we get away with a single #ifdef each.
> --- a/xen/drivers/passthrough/pci.c
> +++ b/xen/drivers/passthrough/pci.c
> @@ -877,6 +877,7 @@ int pci_remove_device(u16 seg, u8 bus, u8 devfn)
> return ret;
> }
>
> +#ifdef CONFIG_MGMT_HYPERCALLS
> /* Caller should hold the pcidevs_lock */
> static int deassign_device(struct domain *d, uint16_t seg, uint8_t bus,
> uint8_t devfn)
> @@ -945,7 +946,6 @@ static int deassign_device(struct domain *d, uint16_t seg, uint8_t bus,
> return ret;
> }
>
> -#ifdef CONFIG_MGMT_HYPERCALLS
> int pci_release_devices(struct domain *d)
> {
> int combined_ret;
> @@ -1483,6 +1483,7 @@ static int iommu_remove_device(struct pci_dev *pdev)
> return iommu_call(hd->platform_ops, remove_device, devfn, pci_to_dev(pdev));
> }
>
> +#ifdef CONFIG_MGMT_HYPERCALLS
> static int device_assigned(u16 seg, u8 bus, u8 devfn)
> {
> struct pci_dev *pdev;
> @@ -1646,6 +1647,7 @@ static int iommu_get_device_group(
>
> return i;
> }
> +#endif /* CONFIG_MGMT_HYPERCALLS */
>
> void iommu_dev_iotlb_flush_timeout(struct domain *d, struct pci_dev *pdev)
> {
> @@ -1671,6 +1673,7 @@ void iommu_dev_iotlb_flush_timeout(struct domain *d, struct pci_dev *pdev)
> pcidevs_unlock();
> }
>
> +#ifdef CONFIG_MGMT_HYPERCALLS
> int iommu_do_pci_domctl(
> struct xen_domctl *domctl, struct domain *d,
> XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
> @@ -1804,6 +1807,7 @@ int iommu_do_pci_domctl(
>
> return ret;
> }
> +#endif /* CONFIG_MGMT_HYPERCALLS */
Same here - the helpers of iommu_do_pci_domctl() would likely best move immediately
ahead of it, so that all can be covered with a single #ifdef.
Jan
© 2016 - 2025 Red Hat, Inc.