The sysctl is where the tmem control operations are done and the XSM checks are done via there. The old mechanism (to check for control tmem op XSM from do_tmem_op) is not needed anymore.
CC: Daniel De Graaf <dgde...@tycho.nsa.gov> Signed-off-by: Konrad Rzeszutek Wilk <konrad.w...@oracle.com> --- xen/include/xsm/dummy.h | 6 ------ xen/include/xsm/xsm.h | 6 ------ xen/xsm/dummy.c | 1 - xen/xsm/flask/hooks.c | 6 ------ xen/xsm/flask/policy/access_vectors | 2 +- 5 files changed, 1 insertion(+), 20 deletions(-) diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index bbbfce7..9fe372c 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -427,12 +427,6 @@ static XSM_INLINE int xsm_tmem_op(XSM_DEFAULT_VOID) return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_tmem_control(XSM_DEFAULT_VOID) -{ - XSM_ASSERT_ACTION(XSM_PRIV); - return xsm_default_action(action, current->domain, NULL); -} - static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return -ENOSYS; diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index 3678a93..ba3caed 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -137,7 +137,6 @@ struct xsm_operations { int (*page_offline)(uint32_t cmd); int (*tmem_op)(void); - int (*tmem_control)(void); long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); #ifdef CONFIG_COMPAT @@ -557,11 +556,6 @@ static inline int xsm_tmem_op(xsm_default_t def) return xsm_ops->tmem_op(); } -static inline int xsm_tmem_control(xsm_default_t def) -{ - return xsm_ops->tmem_control(); -} - static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return xsm_ops->do_xsm_op(op); diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c index 21b1bf8..72eba40 100644 --- a/xen/xsm/dummy.c +++ b/xen/xsm/dummy.c @@ -112,7 +112,6 @@ void xsm_fixup_ops (struct xsm_operations *ops) set_to_dummy_if_null(ops, page_offline); set_to_dummy_if_null(ops, tmem_op); - set_to_dummy_if_null(ops, tmem_control); set_to_dummy_if_null(ops, hvm_param); set_to_dummy_if_null(ops, hvm_control); set_to_dummy_if_null(ops, hvm_param_nested); diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index cfad13c..5f5f181 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1132,11 +1132,6 @@ static inline int flask_tmem_op(void) return domain_has_xen(current->domain, XEN__TMEM_OP); } -static inline int flask_tmem_control(void) -{ - return domain_has_xen(current->domain, XEN__TMEM_CONTROL); -} - static int flask_add_to_physmap(struct domain *d1, struct domain *d2) { return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP); @@ -1696,7 +1691,6 @@ static struct xsm_operations flask_ops = { .page_offline = flask_page_offline, .tmem_op = flask_tmem_op, - .tmem_control = flask_tmem_control, .hvm_param = flask_hvm_param, .hvm_control = flask_hvm_param, .hvm_param_nested = flask_hvm_param_nested, diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/access_vectors index 71495fd..0aa68f8 100644 --- a/xen/xsm/flask/policy/access_vectors +++ b/xen/xsm/flask/policy/access_vectors @@ -69,7 +69,7 @@ class xen cpupool_op # tmem hypercall (any access) tmem_op -# TMEM_CONTROL command of tmem hypercall +# XEN_SYSCTL_tmem_op command of tmem (part of sysctl) tmem_control # XEN_SYSCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_getinfo, XEN_SYSCTL_sched_id getscheduler -- 2.1.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel