1 /*
2 * This file contains the XSM hook definitions for Xen.
3 *
4 * This work is based on the LSM implementation in Linux 2.6.13.4.
5 *
6 * Author: George Coker, <gscoker@alpha.ncsc.mil>
7 *
8 * Contributors: Michael LeMay, <mdlemay@epoch.ncsc.mil>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License version 2,
12 * as published by the Free Software Foundation.
13 */
14
15 #ifndef __XSM_H__
16 #define __XSM_H__
17
18 #include <xen/sched.h>
19 #include <xen/multiboot.h>
20
21 typedef void xsm_op_t;
22 DEFINE_XEN_GUEST_HANDLE(xsm_op_t);
23
24 /* policy magic number (defined by XSM_MAGIC) */
25 typedef u32 xsm_magic_t;
26
27 #ifdef CONFIG_XSM_FLASK
28 #define XSM_MAGIC 0xf97cff8c
29 #else
30 #define XSM_MAGIC 0x0
31 #endif
32
33 /* These annotations are used by callers and in dummy.h to document the
34 * default actions of XSM hooks. They should be compiled out otherwise.
35 */
36 enum xsm_default {
37 XSM_HOOK, /* Guests can normally access the hypercall */
38 XSM_DM_PRIV, /* Device model can perform on its target domain */
39 XSM_TARGET, /* Can perform on self or your target domain */
40 XSM_PRIV, /* Privileged - normally restricted to dom0 */
41 XSM_XS_PRIV, /* Xenstore domain - can do some privileged operations */
42 XSM_OTHER /* Something more complex */
43 };
44 typedef enum xsm_default xsm_default_t;
45
46 struct xsm_operations {
47 void (*security_domaininfo) (struct domain *d,
48 struct xen_domctl_getdomaininfo *info);
49 int (*domain_create) (struct domain *d, u32 ssidref);
50 int (*getdomaininfo) (struct domain *d);
51 int (*domctl_scheduler_op) (struct domain *d, int op);
52 int (*sysctl_scheduler_op) (int op);
53 int (*set_target) (struct domain *d, struct domain *e);
54 int (*domctl) (struct domain *d, int cmd);
55 int (*sysctl) (int cmd);
56 int (*readconsole) (uint32_t clear);
57
58 int (*evtchn_unbound) (struct domain *d, struct evtchn *chn, domid_t id2);
59 int (*evtchn_interdomain) (struct domain *d1, struct evtchn *chn1,
60 struct domain *d2, struct evtchn *chn2);
61 void (*evtchn_close_post) (struct evtchn *chn);
62 int (*evtchn_send) (struct domain *d, struct evtchn *chn);
63 int (*evtchn_status) (struct domain *d, struct evtchn *chn);
64 int (*evtchn_reset) (struct domain *d1, struct domain *d2);
65
66 int (*grant_mapref) (struct domain *d1, struct domain *d2, uint32_t flags);
67 int (*grant_unmapref) (struct domain *d1, struct domain *d2);
68 int (*grant_setup) (struct domain *d1, struct domain *d2);
69 int (*grant_transfer) (struct domain *d1, struct domain *d2);
70 int (*grant_copy) (struct domain *d1, struct domain *d2);
71 int (*grant_query_size) (struct domain *d1, struct domain *d2);
72
73 int (*alloc_security_domain) (struct domain *d);
74 void (*free_security_domain) (struct domain *d);
75 int (*alloc_security_evtchn) (struct evtchn *chn);
76 void (*free_security_evtchn) (struct evtchn *chn);
77 char *(*show_security_evtchn) (struct domain *d, const struct evtchn *chn);
78 int (*init_hardware_domain) (struct domain *d);
79
80 int (*get_pod_target) (struct domain *d);
81 int (*set_pod_target) (struct domain *d);
82 int (*memory_exchange) (struct domain *d);
83 int (*memory_adjust_reservation) (struct domain *d1, struct domain *d2);
84 int (*memory_stat_reservation) (struct domain *d1, struct domain *d2);
85 int (*memory_pin_page) (struct domain *d1, struct domain *d2, struct page_info *page);
86 int (*add_to_physmap) (struct domain *d1, struct domain *d2);
87 int (*remove_from_physmap) (struct domain *d1, struct domain *d2);
88 int (*map_gmfn_foreign) (struct domain *d, struct domain *t);
89 int (*claim_pages) (struct domain *d);
90
91 int (*console_io) (struct domain *d, int cmd);
92
93 int (*profile) (struct domain *d, int op);
94
95 int (*kexec) (void);
96 int (*schedop_shutdown) (struct domain *d1, struct domain *d2);
97
98 char *(*show_irq_sid) (int irq);
99 int (*map_domain_pirq) (struct domain *d);
100 int (*map_domain_irq) (struct domain *d, int irq, const void *data);
101 int (*unmap_domain_pirq) (struct domain *d);
102 int (*unmap_domain_irq) (struct domain *d, int irq, const void *data);
103 int (*bind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind);
104 int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind);
105 int (*irq_permission) (struct domain *d, int pirq, uint8_t allow);
106 int (*iomem_permission) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow);
107 int (*iomem_mapping) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow);
108 int (*pci_config_permission) (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access);
109
110 #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI)
111 int (*get_device_group) (uint32_t machine_bdf);
112 int (*assign_device) (struct domain *d, uint32_t machine_bdf);
113 int (*deassign_device) (struct domain *d, uint32_t machine_bdf);
114 #endif
115
116 #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE)
117 int (*assign_dtdevice) (struct domain *d, const char *dtpath);
118 int (*deassign_dtdevice) (struct domain *d, const char *dtpath);
119 #endif
120
121 int (*resource_plug_core) (void);
122 int (*resource_unplug_core) (void);
123 int (*resource_plug_pci) (uint32_t machine_bdf);
124 int (*resource_unplug_pci) (uint32_t machine_bdf);
125 int (*resource_setup_pci) (uint32_t machine_bdf);
126 int (*resource_setup_gsi) (int gsi);
127 int (*resource_setup_misc) (void);
128
129 int (*page_offline)(uint32_t cmd);
130 int (*hypfs_op)(void);
131
132 long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op);
133 #ifdef CONFIG_COMPAT
134 int (*do_compat_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op);
135 #endif
136
137 int (*hvm_param) (struct domain *d, unsigned long op);
138 int (*hvm_control) (struct domain *d, unsigned long op);
139 int (*hvm_param_nested) (struct domain *d);
140 int (*hvm_param_altp2mhvm) (struct domain *d);
141 int (*hvm_altp2mhvm_op) (struct domain *d, uint64_t mode, uint32_t op);
142 int (*get_vnumainfo) (struct domain *d);
143
144 int (*vm_event_control) (struct domain *d, int mode, int op);
145
146 #ifdef CONFIG_MEM_ACCESS
147 int (*mem_access) (struct domain *d);
148 #endif
149
150 #ifdef CONFIG_HAS_MEM_PAGING
151 int (*mem_paging) (struct domain *d);
152 #endif
153
154 #ifdef CONFIG_MEM_SHARING
155 int (*mem_sharing) (struct domain *d);
156 #endif
157
158 int (*platform_op) (uint32_t cmd);
159
160 #ifdef CONFIG_X86
161 int (*do_mca) (void);
162 int (*shadow_control) (struct domain *d, uint32_t op);
163 int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op);
164 int (*apic) (struct domain *d, int cmd);
165 int (*memtype) (uint32_t access);
166 int (*machine_memory_map) (void);
167 int (*domain_memory_map) (struct domain *d);
168 #define XSM_MMU_UPDATE_READ 1
169 #define XSM_MMU_UPDATE_WRITE 2
170 #define XSM_MMU_NORMAL_UPDATE 4
171 #define XSM_MMU_MACHPHYS_UPDATE 8
172 int (*mmu_update) (struct domain *d, struct domain *t,
173 struct domain *f, uint32_t flags);
174 int (*mmuext_op) (struct domain *d, struct domain *f);
175 int (*update_va_mapping) (struct domain *d, struct domain *f, l1_pgentry_t pte);
176 int (*priv_mapping) (struct domain *d, struct domain *t);
177 int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow);
178 int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow);
179 int (*pmu_op) (struct domain *d, unsigned int op);
180 int (*dm_op) (struct domain *d);
181 #endif
182 int (*xen_version) (uint32_t cmd);
183 int (*domain_resource_map) (struct domain *d);
184 #ifdef CONFIG_ARGO
185 int (*argo_enable) (const struct domain *d);
186 int (*argo_register_single_source) (const struct domain *d,
187 const struct domain *t);
188 int (*argo_register_any_source) (const struct domain *d);
189 int (*argo_send) (const struct domain *d, const struct domain *t);
190 #endif
191 };
192
193 #ifdef CONFIG_XSM
194
195 extern struct xsm_operations *xsm_ops;
196
197 #ifndef XSM_NO_WRAPPERS
198
xsm_security_domaininfo(struct domain * d,struct xen_domctl_getdomaininfo * info)199 static inline void xsm_security_domaininfo (struct domain *d,
200 struct xen_domctl_getdomaininfo *info)
201 {
202 xsm_ops->security_domaininfo(d, info);
203 }
204
xsm_domain_create(xsm_default_t def,struct domain * d,u32 ssidref)205 static inline int xsm_domain_create (xsm_default_t def, struct domain *d, u32 ssidref)
206 {
207 return xsm_ops->domain_create(d, ssidref);
208 }
209
xsm_getdomaininfo(xsm_default_t def,struct domain * d)210 static inline int xsm_getdomaininfo (xsm_default_t def, struct domain *d)
211 {
212 return xsm_ops->getdomaininfo(d);
213 }
214
xsm_domctl_scheduler_op(xsm_default_t def,struct domain * d,int cmd)215 static inline int xsm_domctl_scheduler_op (xsm_default_t def, struct domain *d, int cmd)
216 {
217 return xsm_ops->domctl_scheduler_op(d, cmd);
218 }
219
xsm_sysctl_scheduler_op(xsm_default_t def,int cmd)220 static inline int xsm_sysctl_scheduler_op (xsm_default_t def, int cmd)
221 {
222 return xsm_ops->sysctl_scheduler_op(cmd);
223 }
224
xsm_set_target(xsm_default_t def,struct domain * d,struct domain * e)225 static inline int xsm_set_target (xsm_default_t def, struct domain *d, struct domain *e)
226 {
227 return xsm_ops->set_target(d, e);
228 }
229
xsm_domctl(xsm_default_t def,struct domain * d,int cmd)230 static inline int xsm_domctl (xsm_default_t def, struct domain *d, int cmd)
231 {
232 return xsm_ops->domctl(d, cmd);
233 }
234
xsm_sysctl(xsm_default_t def,int cmd)235 static inline int xsm_sysctl (xsm_default_t def, int cmd)
236 {
237 return xsm_ops->sysctl(cmd);
238 }
239
xsm_readconsole(xsm_default_t def,uint32_t clear)240 static inline int xsm_readconsole (xsm_default_t def, uint32_t clear)
241 {
242 return xsm_ops->readconsole(clear);
243 }
244
xsm_evtchn_unbound(xsm_default_t def,struct domain * d1,struct evtchn * chn,domid_t id2)245 static inline int xsm_evtchn_unbound (xsm_default_t def, struct domain *d1, struct evtchn *chn,
246 domid_t id2)
247 {
248 return xsm_ops->evtchn_unbound(d1, chn, id2);
249 }
250
xsm_evtchn_interdomain(xsm_default_t def,struct domain * d1,struct evtchn * chan1,struct domain * d2,struct evtchn * chan2)251 static inline int xsm_evtchn_interdomain (xsm_default_t def, struct domain *d1,
252 struct evtchn *chan1, struct domain *d2, struct evtchn *chan2)
253 {
254 return xsm_ops->evtchn_interdomain(d1, chan1, d2, chan2);
255 }
256
xsm_evtchn_close_post(struct evtchn * chn)257 static inline void xsm_evtchn_close_post (struct evtchn *chn)
258 {
259 xsm_ops->evtchn_close_post(chn);
260 }
261
xsm_evtchn_send(xsm_default_t def,struct domain * d,struct evtchn * chn)262 static inline int xsm_evtchn_send (xsm_default_t def, struct domain *d, struct evtchn *chn)
263 {
264 return xsm_ops->evtchn_send(d, chn);
265 }
266
xsm_evtchn_status(xsm_default_t def,struct domain * d,struct evtchn * chn)267 static inline int xsm_evtchn_status (xsm_default_t def, struct domain *d, struct evtchn *chn)
268 {
269 return xsm_ops->evtchn_status(d, chn);
270 }
271
xsm_evtchn_reset(xsm_default_t def,struct domain * d1,struct domain * d2)272 static inline int xsm_evtchn_reset (xsm_default_t def, struct domain *d1, struct domain *d2)
273 {
274 return xsm_ops->evtchn_reset(d1, d2);
275 }
276
xsm_grant_mapref(xsm_default_t def,struct domain * d1,struct domain * d2,uint32_t flags)277 static inline int xsm_grant_mapref (xsm_default_t def, struct domain *d1, struct domain *d2,
278 uint32_t flags)
279 {
280 return xsm_ops->grant_mapref(d1, d2, flags);
281 }
282
xsm_grant_unmapref(xsm_default_t def,struct domain * d1,struct domain * d2)283 static inline int xsm_grant_unmapref (xsm_default_t def, struct domain *d1, struct domain *d2)
284 {
285 return xsm_ops->grant_unmapref(d1, d2);
286 }
287
xsm_grant_setup(xsm_default_t def,struct domain * d1,struct domain * d2)288 static inline int xsm_grant_setup (xsm_default_t def, struct domain *d1, struct domain *d2)
289 {
290 return xsm_ops->grant_setup(d1, d2);
291 }
292
xsm_grant_transfer(xsm_default_t def,struct domain * d1,struct domain * d2)293 static inline int xsm_grant_transfer (xsm_default_t def, struct domain *d1, struct domain *d2)
294 {
295 return xsm_ops->grant_transfer(d1, d2);
296 }
297
xsm_grant_copy(xsm_default_t def,struct domain * d1,struct domain * d2)298 static inline int xsm_grant_copy (xsm_default_t def, struct domain *d1, struct domain *d2)
299 {
300 return xsm_ops->grant_copy(d1, d2);
301 }
302
xsm_grant_query_size(xsm_default_t def,struct domain * d1,struct domain * d2)303 static inline int xsm_grant_query_size (xsm_default_t def, struct domain *d1, struct domain *d2)
304 {
305 return xsm_ops->grant_query_size(d1, d2);
306 }
307
xsm_alloc_security_domain(struct domain * d)308 static inline int xsm_alloc_security_domain (struct domain *d)
309 {
310 return xsm_ops->alloc_security_domain(d);
311 }
312
xsm_free_security_domain(struct domain * d)313 static inline void xsm_free_security_domain (struct domain *d)
314 {
315 xsm_ops->free_security_domain(d);
316 }
317
xsm_alloc_security_evtchn(struct evtchn * chn)318 static inline int xsm_alloc_security_evtchn (struct evtchn *chn)
319 {
320 return xsm_ops->alloc_security_evtchn(chn);
321 }
322
xsm_free_security_evtchn(struct evtchn * chn)323 static inline void xsm_free_security_evtchn (struct evtchn *chn)
324 {
325 (void)xsm_ops->free_security_evtchn(chn);
326 }
327
xsm_show_security_evtchn(struct domain * d,const struct evtchn * chn)328 static inline char *xsm_show_security_evtchn (struct domain *d, const struct evtchn *chn)
329 {
330 return xsm_ops->show_security_evtchn(d, chn);
331 }
332
xsm_init_hardware_domain(xsm_default_t def,struct domain * d)333 static inline int xsm_init_hardware_domain (xsm_default_t def, struct domain *d)
334 {
335 return xsm_ops->init_hardware_domain(d);
336 }
337
xsm_get_pod_target(xsm_default_t def,struct domain * d)338 static inline int xsm_get_pod_target (xsm_default_t def, struct domain *d)
339 {
340 return xsm_ops->get_pod_target(d);
341 }
342
xsm_set_pod_target(xsm_default_t def,struct domain * d)343 static inline int xsm_set_pod_target (xsm_default_t def, struct domain *d)
344 {
345 return xsm_ops->set_pod_target(d);
346 }
347
xsm_memory_exchange(xsm_default_t def,struct domain * d)348 static inline int xsm_memory_exchange (xsm_default_t def, struct domain *d)
349 {
350 return xsm_ops->memory_exchange(d);
351 }
352
xsm_memory_adjust_reservation(xsm_default_t def,struct domain * d1,struct domain * d2)353 static inline int xsm_memory_adjust_reservation (xsm_default_t def, struct domain *d1, struct
354 domain *d2)
355 {
356 return xsm_ops->memory_adjust_reservation(d1, d2);
357 }
358
xsm_memory_stat_reservation(xsm_default_t def,struct domain * d1,struct domain * d2)359 static inline int xsm_memory_stat_reservation (xsm_default_t def, struct domain *d1,
360 struct domain *d2)
361 {
362 return xsm_ops->memory_stat_reservation(d1, d2);
363 }
364
xsm_memory_pin_page(xsm_default_t def,struct domain * d1,struct domain * d2,struct page_info * page)365 static inline int xsm_memory_pin_page(xsm_default_t def, struct domain *d1, struct domain *d2,
366 struct page_info *page)
367 {
368 return xsm_ops->memory_pin_page(d1, d2, page);
369 }
370
xsm_add_to_physmap(xsm_default_t def,struct domain * d1,struct domain * d2)371 static inline int xsm_add_to_physmap(xsm_default_t def, struct domain *d1, struct domain *d2)
372 {
373 return xsm_ops->add_to_physmap(d1, d2);
374 }
375
xsm_remove_from_physmap(xsm_default_t def,struct domain * d1,struct domain * d2)376 static inline int xsm_remove_from_physmap(xsm_default_t def, struct domain *d1, struct domain *d2)
377 {
378 return xsm_ops->remove_from_physmap(d1, d2);
379 }
380
xsm_map_gmfn_foreign(xsm_default_t def,struct domain * d,struct domain * t)381 static inline int xsm_map_gmfn_foreign (xsm_default_t def, struct domain *d, struct domain *t)
382 {
383 return xsm_ops->map_gmfn_foreign(d, t);
384 }
385
xsm_claim_pages(xsm_default_t def,struct domain * d)386 static inline int xsm_claim_pages(xsm_default_t def, struct domain *d)
387 {
388 return xsm_ops->claim_pages(d);
389 }
390
xsm_console_io(xsm_default_t def,struct domain * d,int cmd)391 static inline int xsm_console_io (xsm_default_t def, struct domain *d, int cmd)
392 {
393 return xsm_ops->console_io(d, cmd);
394 }
395
xsm_profile(xsm_default_t def,struct domain * d,int op)396 static inline int xsm_profile (xsm_default_t def, struct domain *d, int op)
397 {
398 return xsm_ops->profile(d, op);
399 }
400
xsm_kexec(xsm_default_t def)401 static inline int xsm_kexec (xsm_default_t def)
402 {
403 return xsm_ops->kexec();
404 }
405
xsm_schedop_shutdown(xsm_default_t def,struct domain * d1,struct domain * d2)406 static inline int xsm_schedop_shutdown (xsm_default_t def, struct domain *d1, struct domain *d2)
407 {
408 return xsm_ops->schedop_shutdown(d1, d2);
409 }
410
xsm_show_irq_sid(int irq)411 static inline char *xsm_show_irq_sid (int irq)
412 {
413 return xsm_ops->show_irq_sid(irq);
414 }
415
xsm_map_domain_pirq(xsm_default_t def,struct domain * d)416 static inline int xsm_map_domain_pirq (xsm_default_t def, struct domain *d)
417 {
418 return xsm_ops->map_domain_pirq(d);
419 }
420
xsm_map_domain_irq(xsm_default_t def,struct domain * d,int irq,void * data)421 static inline int xsm_map_domain_irq (xsm_default_t def, struct domain *d, int irq, void *data)
422 {
423 return xsm_ops->map_domain_irq(d, irq, data);
424 }
425
xsm_unmap_domain_pirq(xsm_default_t def,struct domain * d)426 static inline int xsm_unmap_domain_pirq (xsm_default_t def, struct domain *d)
427 {
428 return xsm_ops->unmap_domain_pirq(d);
429 }
430
xsm_unmap_domain_irq(xsm_default_t def,struct domain * d,int irq,void * data)431 static inline int xsm_unmap_domain_irq (xsm_default_t def, struct domain *d, int irq, void *data)
432 {
433 return xsm_ops->unmap_domain_irq(d, irq, data);
434 }
435
xsm_bind_pt_irq(xsm_default_t def,struct domain * d,struct xen_domctl_bind_pt_irq * bind)436 static inline int xsm_bind_pt_irq(xsm_default_t def, struct domain *d,
437 struct xen_domctl_bind_pt_irq *bind)
438 {
439 return xsm_ops->bind_pt_irq(d, bind);
440 }
441
xsm_unbind_pt_irq(xsm_default_t def,struct domain * d,struct xen_domctl_bind_pt_irq * bind)442 static inline int xsm_unbind_pt_irq(xsm_default_t def, struct domain *d,
443 struct xen_domctl_bind_pt_irq *bind)
444 {
445 return xsm_ops->unbind_pt_irq(d, bind);
446 }
447
xsm_irq_permission(xsm_default_t def,struct domain * d,int pirq,uint8_t allow)448 static inline int xsm_irq_permission (xsm_default_t def, struct domain *d, int pirq, uint8_t allow)
449 {
450 return xsm_ops->irq_permission(d, pirq, allow);
451 }
452
xsm_iomem_permission(xsm_default_t def,struct domain * d,uint64_t s,uint64_t e,uint8_t allow)453 static inline int xsm_iomem_permission (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
454 {
455 return xsm_ops->iomem_permission(d, s, e, allow);
456 }
457
xsm_iomem_mapping(xsm_default_t def,struct domain * d,uint64_t s,uint64_t e,uint8_t allow)458 static inline int xsm_iomem_mapping (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
459 {
460 return xsm_ops->iomem_mapping(d, s, e, allow);
461 }
462
xsm_pci_config_permission(xsm_default_t def,struct domain * d,uint32_t machine_bdf,uint16_t start,uint16_t end,uint8_t access)463 static inline int xsm_pci_config_permission (xsm_default_t def, struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access)
464 {
465 return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access);
466 }
467
468 #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI)
xsm_get_device_group(xsm_default_t def,uint32_t machine_bdf)469 static inline int xsm_get_device_group(xsm_default_t def, uint32_t machine_bdf)
470 {
471 return xsm_ops->get_device_group(machine_bdf);
472 }
473
xsm_assign_device(xsm_default_t def,struct domain * d,uint32_t machine_bdf)474 static inline int xsm_assign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf)
475 {
476 return xsm_ops->assign_device(d, machine_bdf);
477 }
478
xsm_deassign_device(xsm_default_t def,struct domain * d,uint32_t machine_bdf)479 static inline int xsm_deassign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf)
480 {
481 return xsm_ops->deassign_device(d, machine_bdf);
482 }
483 #endif /* HAS_PASSTHROUGH && HAS_PCI) */
484
485 #if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE)
xsm_assign_dtdevice(xsm_default_t def,struct domain * d,const char * dtpath)486 static inline int xsm_assign_dtdevice(xsm_default_t def, struct domain *d,
487 const char *dtpath)
488 {
489 return xsm_ops->assign_dtdevice(d, dtpath);
490 }
491
xsm_deassign_dtdevice(xsm_default_t def,struct domain * d,const char * dtpath)492 static inline int xsm_deassign_dtdevice(xsm_default_t def, struct domain *d,
493 const char *dtpath)
494 {
495 return xsm_ops->deassign_dtdevice(d, dtpath);
496 }
497
498 #endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE */
499
xsm_resource_plug_pci(xsm_default_t def,uint32_t machine_bdf)500 static inline int xsm_resource_plug_pci (xsm_default_t def, uint32_t machine_bdf)
501 {
502 return xsm_ops->resource_plug_pci(machine_bdf);
503 }
504
xsm_resource_unplug_pci(xsm_default_t def,uint32_t machine_bdf)505 static inline int xsm_resource_unplug_pci (xsm_default_t def, uint32_t machine_bdf)
506 {
507 return xsm_ops->resource_unplug_pci(machine_bdf);
508 }
509
xsm_resource_plug_core(xsm_default_t def)510 static inline int xsm_resource_plug_core (xsm_default_t def)
511 {
512 return xsm_ops->resource_plug_core();
513 }
514
xsm_resource_unplug_core(xsm_default_t def)515 static inline int xsm_resource_unplug_core (xsm_default_t def)
516 {
517 return xsm_ops->resource_unplug_core();
518 }
519
xsm_resource_setup_pci(xsm_default_t def,uint32_t machine_bdf)520 static inline int xsm_resource_setup_pci (xsm_default_t def, uint32_t machine_bdf)
521 {
522 return xsm_ops->resource_setup_pci(machine_bdf);
523 }
524
xsm_resource_setup_gsi(xsm_default_t def,int gsi)525 static inline int xsm_resource_setup_gsi (xsm_default_t def, int gsi)
526 {
527 return xsm_ops->resource_setup_gsi(gsi);
528 }
529
xsm_resource_setup_misc(xsm_default_t def)530 static inline int xsm_resource_setup_misc (xsm_default_t def)
531 {
532 return xsm_ops->resource_setup_misc();
533 }
534
xsm_page_offline(xsm_default_t def,uint32_t cmd)535 static inline int xsm_page_offline(xsm_default_t def, uint32_t cmd)
536 {
537 return xsm_ops->page_offline(cmd);
538 }
539
xsm_hypfs_op(xsm_default_t def)540 static inline int xsm_hypfs_op(xsm_default_t def)
541 {
542 return xsm_ops->hypfs_op();
543 }
544
xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM (xsm_op_t)op)545 static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
546 {
547 return xsm_ops->do_xsm_op(op);
548 }
549
550 #ifdef CONFIG_COMPAT
xsm_do_compat_op(XEN_GUEST_HANDLE_PARAM (xsm_op_t)op)551 static inline int xsm_do_compat_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op)
552 {
553 return xsm_ops->do_compat_op(op);
554 }
555 #endif
556
xsm_hvm_param(xsm_default_t def,struct domain * d,unsigned long op)557 static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op)
558 {
559 return xsm_ops->hvm_param(d, op);
560 }
561
xsm_hvm_control(xsm_default_t def,struct domain * d,unsigned long op)562 static inline int xsm_hvm_control(xsm_default_t def, struct domain *d, unsigned long op)
563 {
564 return xsm_ops->hvm_control(d, op);
565 }
566
xsm_hvm_param_nested(xsm_default_t def,struct domain * d)567 static inline int xsm_hvm_param_nested (xsm_default_t def, struct domain *d)
568 {
569 return xsm_ops->hvm_param_nested(d);
570 }
571
xsm_hvm_param_altp2mhvm(xsm_default_t def,struct domain * d)572 static inline int xsm_hvm_param_altp2mhvm (xsm_default_t def, struct domain *d)
573 {
574 return xsm_ops->hvm_param_altp2mhvm(d);
575 }
576
xsm_hvm_altp2mhvm_op(xsm_default_t def,struct domain * d,uint64_t mode,uint32_t op)577 static inline int xsm_hvm_altp2mhvm_op (xsm_default_t def, struct domain *d, uint64_t mode, uint32_t op)
578 {
579 return xsm_ops->hvm_altp2mhvm_op(d, mode, op);
580 }
581
xsm_get_vnumainfo(xsm_default_t def,struct domain * d)582 static inline int xsm_get_vnumainfo (xsm_default_t def, struct domain *d)
583 {
584 return xsm_ops->get_vnumainfo(d);
585 }
586
xsm_vm_event_control(xsm_default_t def,struct domain * d,int mode,int op)587 static inline int xsm_vm_event_control (xsm_default_t def, struct domain *d, int mode, int op)
588 {
589 return xsm_ops->vm_event_control(d, mode, op);
590 }
591
592 #ifdef CONFIG_MEM_ACCESS
xsm_mem_access(xsm_default_t def,struct domain * d)593 static inline int xsm_mem_access (xsm_default_t def, struct domain *d)
594 {
595 return xsm_ops->mem_access(d);
596 }
597 #endif
598
599 #ifdef CONFIG_HAS_MEM_PAGING
xsm_mem_paging(xsm_default_t def,struct domain * d)600 static inline int xsm_mem_paging (xsm_default_t def, struct domain *d)
601 {
602 return xsm_ops->mem_paging(d);
603 }
604 #endif
605
606 #ifdef CONFIG_MEM_SHARING
xsm_mem_sharing(xsm_default_t def,struct domain * d)607 static inline int xsm_mem_sharing (xsm_default_t def, struct domain *d)
608 {
609 return xsm_ops->mem_sharing(d);
610 }
611 #endif
612
xsm_platform_op(xsm_default_t def,uint32_t op)613 static inline int xsm_platform_op (xsm_default_t def, uint32_t op)
614 {
615 return xsm_ops->platform_op(op);
616 }
617
618 #ifdef CONFIG_X86
xsm_do_mca(xsm_default_t def)619 static inline int xsm_do_mca(xsm_default_t def)
620 {
621 return xsm_ops->do_mca();
622 }
623
xsm_shadow_control(xsm_default_t def,struct domain * d,uint32_t op)624 static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, uint32_t op)
625 {
626 return xsm_ops->shadow_control(d, op);
627 }
628
xsm_mem_sharing_op(xsm_default_t def,struct domain * d,struct domain * cd,int op)629 static inline int xsm_mem_sharing_op (xsm_default_t def, struct domain *d, struct domain *cd, int op)
630 {
631 return xsm_ops->mem_sharing_op(d, cd, op);
632 }
633
xsm_apic(xsm_default_t def,struct domain * d,int cmd)634 static inline int xsm_apic (xsm_default_t def, struct domain *d, int cmd)
635 {
636 return xsm_ops->apic(d, cmd);
637 }
638
xsm_memtype(xsm_default_t def,uint32_t access)639 static inline int xsm_memtype (xsm_default_t def, uint32_t access)
640 {
641 return xsm_ops->memtype(access);
642 }
643
xsm_machine_memory_map(xsm_default_t def)644 static inline int xsm_machine_memory_map(xsm_default_t def)
645 {
646 return xsm_ops->machine_memory_map();
647 }
648
xsm_domain_memory_map(xsm_default_t def,struct domain * d)649 static inline int xsm_domain_memory_map(xsm_default_t def, struct domain *d)
650 {
651 return xsm_ops->domain_memory_map(d);
652 }
653
xsm_mmu_update(xsm_default_t def,struct domain * d,struct domain * t,struct domain * f,uint32_t flags)654 static inline int xsm_mmu_update (xsm_default_t def, struct domain *d, struct domain *t,
655 struct domain *f, uint32_t flags)
656 {
657 return xsm_ops->mmu_update(d, t, f, flags);
658 }
659
xsm_mmuext_op(xsm_default_t def,struct domain * d,struct domain * f)660 static inline int xsm_mmuext_op (xsm_default_t def, struct domain *d, struct domain *f)
661 {
662 return xsm_ops->mmuext_op(d, f);
663 }
664
xsm_update_va_mapping(xsm_default_t def,struct domain * d,struct domain * f,l1_pgentry_t pte)665 static inline int xsm_update_va_mapping(xsm_default_t def, struct domain *d, struct domain *f,
666 l1_pgentry_t pte)
667 {
668 return xsm_ops->update_va_mapping(d, f, pte);
669 }
670
xsm_priv_mapping(xsm_default_t def,struct domain * d,struct domain * t)671 static inline int xsm_priv_mapping(xsm_default_t def, struct domain *d, struct domain *t)
672 {
673 return xsm_ops->priv_mapping(d, t);
674 }
675
xsm_ioport_permission(xsm_default_t def,struct domain * d,uint32_t s,uint32_t e,uint8_t allow)676 static inline int xsm_ioport_permission (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow)
677 {
678 return xsm_ops->ioport_permission(d, s, e, allow);
679 }
680
xsm_ioport_mapping(xsm_default_t def,struct domain * d,uint32_t s,uint32_t e,uint8_t allow)681 static inline int xsm_ioport_mapping (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow)
682 {
683 return xsm_ops->ioport_mapping(d, s, e, allow);
684 }
685
xsm_pmu_op(xsm_default_t def,struct domain * d,unsigned int op)686 static inline int xsm_pmu_op (xsm_default_t def, struct domain *d, unsigned int op)
687 {
688 return xsm_ops->pmu_op(d, op);
689 }
690
xsm_dm_op(xsm_default_t def,struct domain * d)691 static inline int xsm_dm_op(xsm_default_t def, struct domain *d)
692 {
693 return xsm_ops->dm_op(d);
694 }
695
696 #endif /* CONFIG_X86 */
697
xsm_xen_version(xsm_default_t def,uint32_t op)698 static inline int xsm_xen_version (xsm_default_t def, uint32_t op)
699 {
700 return xsm_ops->xen_version(op);
701 }
702
xsm_domain_resource_map(xsm_default_t def,struct domain * d)703 static inline int xsm_domain_resource_map(xsm_default_t def, struct domain *d)
704 {
705 return xsm_ops->domain_resource_map(d);
706 }
707
708 #ifdef CONFIG_ARGO
xsm_argo_enable(const struct domain * d)709 static inline int xsm_argo_enable(const struct domain *d)
710 {
711 return xsm_ops->argo_enable(d);
712 }
713
xsm_argo_register_single_source(const struct domain * d,const struct domain * t)714 static inline int xsm_argo_register_single_source(const struct domain *d,
715 const struct domain *t)
716 {
717 return xsm_ops->argo_register_single_source(d, t);
718 }
719
xsm_argo_register_any_source(const struct domain * d)720 static inline int xsm_argo_register_any_source(const struct domain *d)
721 {
722 return xsm_ops->argo_register_any_source(d);
723 }
724
xsm_argo_send(const struct domain * d,const struct domain * t)725 static inline int xsm_argo_send(const struct domain *d, const struct domain *t)
726 {
727 return xsm_ops->argo_send(d, t);
728 }
729
730 #endif /* CONFIG_ARGO */
731
732 #endif /* XSM_NO_WRAPPERS */
733
734 #ifdef CONFIG_MULTIBOOT
735 extern int xsm_multiboot_init(unsigned long *module_map,
736 const multiboot_info_t *mbi);
737 extern int xsm_multiboot_policy_init(unsigned long *module_map,
738 const multiboot_info_t *mbi,
739 void **policy_buffer,
740 size_t *policy_size);
741 #endif
742
743 #ifdef CONFIG_HAS_DEVICE_TREE
744 /*
745 * Initialize XSM
746 *
747 * On success, return 1 if using SILO mode else 0.
748 */
749 extern int xsm_dt_init(void);
750 extern int xsm_dt_policy_init(void **policy_buffer, size_t *policy_size);
751 extern bool has_xsm_magic(paddr_t);
752 #endif
753
754 extern int register_xsm(struct xsm_operations *ops);
755
756 extern struct xsm_operations dummy_xsm_ops;
757 extern void xsm_fixup_ops(struct xsm_operations *ops);
758
759 #ifdef CONFIG_XSM_FLASK
760 extern void flask_init(const void *policy_buffer, size_t policy_size);
761 #else
flask_init(const void * policy_buffer,size_t policy_size)762 static inline void flask_init(const void *policy_buffer, size_t policy_size)
763 {
764 }
765 #endif
766
767 #ifdef CONFIG_XSM_FLASK_POLICY
768 extern const unsigned char xsm_flask_init_policy[];
769 extern const unsigned int xsm_flask_init_policy_size;
770 #endif
771
772 #ifdef CONFIG_XSM_SILO
773 extern void silo_init(void);
774 #else
silo_init(void)775 static inline void silo_init(void) {}
776 #endif
777
778 #else /* CONFIG_XSM */
779
780 #include <xsm/dummy.h>
781
782 #ifdef CONFIG_MULTIBOOT
xsm_multiboot_init(unsigned long * module_map,const multiboot_info_t * mbi)783 static inline int xsm_multiboot_init (unsigned long *module_map,
784 const multiboot_info_t *mbi)
785 {
786 return 0;
787 }
788 #endif
789
790 #ifdef CONFIG_HAS_DEVICE_TREE
xsm_dt_init(void)791 static inline int xsm_dt_init(void)
792 {
793 return 0;
794 }
795
has_xsm_magic(paddr_t start)796 static inline bool has_xsm_magic(paddr_t start)
797 {
798 return false;
799 }
800 #endif /* CONFIG_HAS_DEVICE_TREE */
801
802 #endif /* CONFIG_XSM */
803
804 #endif /* __XSM_H */
805