From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To: konrad@kernel.org, xen-devel@lists.xenproject.org,
sasha.levin@oracle.com, andrew.cooper3@citrix.com,
ross.lagerwall@citrix.com, mpohlack@amazon.de
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Subject: [PATCH v9 02/27] Revert "HYPERCALL_version_op. New hypercall mirroring XENVER_ but sane."
Date: Mon, 25 Apr 2016 11:34:49 -0400 [thread overview]
Message-ID: <1461598514-5440-3-git-send-email-konrad.wilk@oracle.com> (raw)
In-Reply-To: <1461598514-5440-1-git-send-email-konrad.wilk@oracle.com>
This reverts commit 2716d875379d538c1dfccad78a99ca7db2e09f90.
As it was decided that the existing XENVER hypercall - while having
grown organically over the years can still be expanded.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
---
tools/flask/policy/policy/modules/xen/xen.te | 7 +-
xen/arch/arm/traps.c | 1 -
xen/arch/x86/hvm/hvm.c | 1 -
xen/arch/x86/x86_64/compat/entry.S | 2 -
xen/arch/x86/x86_64/entry.S | 2 -
xen/common/compat/kernel.c | 2 -
xen/common/kernel.c | 212 +++++----------------------
xen/include/public/arch-arm.h | 2 -
xen/include/public/version.h | 72 +--------
xen/include/public/xen.h | 1 -
xen/include/xen/hypercall.h | 4 -
xen/include/xsm/dummy.h | 21 ---
xen/include/xsm/xsm.h | 6 -
xen/xsm/dummy.c | 1 -
xen/xsm/flask/hooks.c | 35 -----
xen/xsm/flask/policy/access_vectors | 21 +--
16 files changed, 43 insertions(+), 347 deletions(-)
diff --git a/tools/flask/policy/policy/modules/xen/xen.te b/tools/flask/policy/policy/modules/xen/xen.te
index a551756..2a2630d 100644
--- a/tools/flask/policy/policy/modules/xen/xen.te
+++ b/tools/flask/policy/policy/modules/xen/xen.te
@@ -76,12 +76,11 @@ allow dom0_t xen_t:xen2 {
get_cpu_featureset
};
-# Allow dom0 to use all XENVER_ subops and VERSION subops that have checks.
+# Allow dom0 to use all XENVER_ subops that have checks.
# Note that dom0 is part of domain_type so this has duplicates.
allow dom0_t xen_t:version {
xen_extraversion xen_compile_info xen_capabilities
xen_changeset xen_pagesize xen_guest_handle xen_commandline
- extraversion capabilities changeset pagesize guest_handle commandline
};
allow dom0_t xen_t:mmu memorymap;
@@ -148,12 +147,10 @@ if (guest_writeconsole) {
# pmu_ctrl is for)
allow domain_type xen_t:xen2 pmu_use;
-# For normal guests all possible except XENVER_commandline, VERSION_changeset,
-# and VERSION_commandline
+# For normal guests all possible except XENVER_commandline.
allow domain_type xen_t:version {
xen_extraversion xen_compile_info xen_capabilities
xen_changeset xen_pagesize xen_guest_handle
- extraversion capabilities pagesize guest_handle
};
###############################################################################
diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c
index 1516abd..9abfc3c 100644
--- a/xen/arch/arm/traps.c
+++ b/xen/arch/arm/traps.c
@@ -1274,7 +1274,6 @@ static arm_hypercall_t arm_hypercall_table[] = {
HYPERCALL(multicall, 2),
HYPERCALL(platform_op, 1),
HYPERCALL_ARM(vcpu_op, 3),
- HYPERCALL(version_op, 3),
};
#ifndef NDEBUG
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index e9d4c6b..8cb6e9e 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -4053,7 +4053,6 @@ static const struct {
COMPAT_CALL(platform_op),
COMPAT_CALL(mmuext_op),
HYPERCALL(xenpmu_op),
- HYPERCALL(version_op),
HYPERCALL(arch_1)
};
diff --git a/xen/arch/x86/x86_64/compat/entry.S b/xen/arch/x86/x86_64/compat/entry.S
index 0ff6818..6ca4a54 100644
--- a/xen/arch/x86/x86_64/compat/entry.S
+++ b/xen/arch/x86/x86_64/compat/entry.S
@@ -399,7 +399,6 @@ ENTRY(compat_hypercall_table)
.quad do_tmem_op
.quad do_ni_hypercall /* reserved for XenClient */
.quad do_xenpmu_op /* 40 */
- .quad do_version_op
.rept __HYPERVISOR_arch_0-((.-compat_hypercall_table)/8)
.quad compat_ni_hypercall
.endr
@@ -451,7 +450,6 @@ ENTRY(compat_hypercall_args_table)
.byte 1 /* do_tmem_op */
.byte 0 /* reserved for XenClient */
.byte 2 /* do_xenpmu_op */ /* 40 */
- .byte 3 /* do_version_op */
.rept __HYPERVISOR_arch_0-(.-compat_hypercall_args_table)
.byte 0 /* compat_ni_hypercall */
.endr
diff --git a/xen/arch/x86/x86_64/entry.S b/xen/arch/x86/x86_64/entry.S
index 6866e8f..d0f3259 100644
--- a/xen/arch/x86/x86_64/entry.S
+++ b/xen/arch/x86/x86_64/entry.S
@@ -735,7 +735,6 @@ ENTRY(hypercall_table)
.quad do_tmem_op
.quad do_ni_hypercall /* reserved for XenClient */
.quad do_xenpmu_op /* 40 */
- .quad do_version_op
.rept __HYPERVISOR_arch_0-((.-hypercall_table)/8)
.quad do_ni_hypercall
.endr
@@ -787,7 +786,6 @@ ENTRY(hypercall_args_table)
.byte 1 /* do_tmem_op */
.byte 0 /* reserved for XenClient */
.byte 2 /* do_xenpmu_op */ /* 40 */
- .byte 3 /* do_version_op */
.rept __HYPERVISOR_arch_0-(.-hypercall_args_table)
.byte 0 /* do_ni_hypercall */
.endr
diff --git a/xen/common/compat/kernel.c b/xen/common/compat/kernel.c
index 7a7ca53..df93fdd 100644
--- a/xen/common/compat/kernel.c
+++ b/xen/common/compat/kernel.c
@@ -39,8 +39,6 @@ CHECK_TYPE(capabilities_info);
CHECK_TYPE(domain_handle);
-CHECK_TYPE(version_op_val);
-
#define xennmi_callback compat_nmi_callback
#define xennmi_callback_t compat_nmi_callback_t
diff --git a/xen/common/kernel.c b/xen/common/kernel.c
index af2674d..a4a3c36 100644
--- a/xen/common/kernel.c
+++ b/xen/common/kernel.c
@@ -221,47 +221,6 @@ void __init do_initcalls(void)
#endif
-static int get_features(struct domain *d, xen_feature_info_t *fi)
-{
- switch ( fi->submap_idx )
- {
- case 0:
- fi->submap = (1U << XENFEAT_memory_op_vnode_supported);
- if ( paging_mode_translate(d) )
- fi->submap |=
- (1U << XENFEAT_writable_page_tables) |
- (1U << XENFEAT_auto_translated_physmap);
- if ( is_hardware_domain(d) )
- fi->submap |= 1U << XENFEAT_dom0;
-#ifdef CONFIG_X86
- if ( VM_ASSIST(d, pae_extended_cr3) )
- fi->submap |= (1U << XENFEAT_pae_pgdir_above_4gb);
- switch ( d->guest_type )
- {
- case guest_type_pv:
- fi->submap |= (1U << XENFEAT_mmu_pt_update_preserve_ad) |
- (1U << XENFEAT_highmem_assist) |
- (1U << XENFEAT_gnttab_map_avail_bits);
- break;
- case guest_type_pvh:
- fi->submap |= (1U << XENFEAT_hvm_safe_pvclock) |
- (1U << XENFEAT_supervisor_mode_kernel) |
- (1U << XENFEAT_hvm_callback_vector);
- break;
- case guest_type_hvm:
- fi->submap |= (1U << XENFEAT_hvm_safe_pvclock) |
- (1U << XENFEAT_hvm_callback_vector) |
- (1U << XENFEAT_hvm_pirqs);
- break;
- }
-#endif
- break;
- default:
- return -EINVAL;
- }
- return 0;
-}
-
/*
* Simple hypercalls.
*/
@@ -339,14 +298,47 @@ DO(xen_version)(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
case XENVER_get_features:
{
xen_feature_info_t fi;
- int rc;
+ struct domain *d = current->domain;
if ( copy_from_guest(&fi, arg, 1) )
return -EFAULT;
- rc = get_features(current->domain, &fi);
- if ( rc )
- return rc;
+ switch ( fi.submap_idx )
+ {
+ case 0:
+ fi.submap = (1U << XENFEAT_memory_op_vnode_supported);
+ if ( VM_ASSIST(d, pae_extended_cr3) )
+ fi.submap |= (1U << XENFEAT_pae_pgdir_above_4gb);
+ if ( paging_mode_translate(d) )
+ fi.submap |=
+ (1U << XENFEAT_writable_page_tables) |
+ (1U << XENFEAT_auto_translated_physmap);
+ if ( is_hardware_domain(d) )
+ fi.submap |= 1U << XENFEAT_dom0;
+#ifdef CONFIG_X86
+ switch ( d->guest_type )
+ {
+ case guest_type_pv:
+ fi.submap |= (1U << XENFEAT_mmu_pt_update_preserve_ad) |
+ (1U << XENFEAT_highmem_assist) |
+ (1U << XENFEAT_gnttab_map_avail_bits);
+ break;
+ case guest_type_pvh:
+ fi.submap |= (1U << XENFEAT_hvm_safe_pvclock) |
+ (1U << XENFEAT_supervisor_mode_kernel) |
+ (1U << XENFEAT_hvm_callback_vector);
+ break;
+ case guest_type_hvm:
+ fi.submap |= (1U << XENFEAT_hvm_safe_pvclock) |
+ (1U << XENFEAT_hvm_callback_vector) |
+ (1U << XENFEAT_hvm_pirqs);
+ break;
+ }
+#endif
+ break;
+ default:
+ return -EINVAL;
+ }
if ( __copy_to_guest(arg, &fi, 1) )
return -EFAULT;
@@ -389,122 +381,6 @@ DO(xen_version)(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
return -ENOSYS;
}
-/* Computed by capabilities_cache_init. */
-static xen_capabilities_info_t __read_mostly cached_cap;
-static unsigned int __read_mostly cached_cap_len;
-
-/*
- * Similar to HYPERVISOR_xen_version but with a sane interface
- * (has a length, one can probe for the length) and with one less sub-ops:
- * missing XENVER_compile_info.
- */
-DO(version_op)(unsigned int cmd, XEN_GUEST_HANDLE_PARAM(void) arg,
- unsigned int len)
-{
- union {
- xen_version_op_val_t val;
- xen_feature_info_t fi;
- } u = {};
- unsigned int sz = 0;
- const void *ptr = NULL;
- int rc = xsm_version_op(XSM_OTHER, cmd);
-
- if ( rc )
- return rc;
-
- /*
- * The HYPERVISOR_xen_version sub-ops differ in that some return the value,
- * and some copy it on back on argument. We follow the same rule for all
- * sub-ops: return the number of bytes written, or negative errno on
- * failure, and always copy the result in arg. Yeey sanity!
- */
- switch ( cmd )
- {
- case XEN_VERSION_version:
- sz = sizeof(xen_version_op_val_t);
- u.val = (xen_major_version() << 16) | xen_minor_version();
- break;
-
- case XEN_VERSION_extraversion:
- sz = strlen(xen_extra_version()) + 1;
- ptr = xen_extra_version();
- break;
-
- case XEN_VERSION_capabilities:
- sz = cached_cap_len;
- ptr = cached_cap;
- break;
-
- case XEN_VERSION_changeset:
- sz = strlen(xen_changeset()) + 1;
- ptr = xen_changeset();
- break;
-
- case XEN_VERSION_platform_parameters:
- sz = sizeof(xen_version_op_val_t);
- u.val = HYPERVISOR_VIRT_START;
- break;
-
- case XEN_VERSION_get_features:
- sz = sizeof(xen_feature_info_t);
-
- if ( guest_handle_is_null(arg) )
- break;
-
- if ( copy_from_guest(&u.fi, arg, 1) )
- {
- rc = -EFAULT;
- break;
- }
- rc = get_features(current->domain, &u.fi);
- break;
-
- case XEN_VERSION_pagesize:
- sz = sizeof(xen_version_op_val_t);
- u.val = PAGE_SIZE;
- break;
-
- case XEN_VERSION_guest_handle:
- sz = ARRAY_SIZE(current->domain->handle);
- ptr = current->domain->handle;
- break;
-
- case XEN_VERSION_commandline:
- sz = strlen(saved_cmdline) + 1;
- ptr = saved_cmdline;
- break;
-
- default:
- rc = -ENOSYS;
- }
-
- if ( rc )
- return rc;
-
- /*
- * This hypercall also allows the client to probe. If it provides
- * a NULL arg we will return the size of the space it has to
- * allocate for the specific sub-op.
- */
- ASSERT(sz);
- if ( guest_handle_is_null(arg) )
- return sz;
-
- if ( !rc )
- {
- unsigned int bytes = min(sz, len);
-
- if ( copy_to_guest(arg, ptr ? : &u, bytes) )
- rc = -EFAULT;
-
- /* We return len (truncate) worth of data even if we fail. */
- if ( !rc && sz > len )
- rc = -ENOBUFS;
- }
-
- return rc == 0 ? sz : rc;
-}
-
DO(nmi_op)(unsigned int cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
{
struct xennmi_callback cb;
@@ -542,20 +418,6 @@ DO(ni_hypercall)(void)
return -ENOSYS;
}
-static int __init capabilities_cache_init(void)
-{
- /*
- * Pre-populate the cache so we do not have to worry about
- * simultaneous invocations on safe_strcat by guests and the cache
- * data becoming garbage.
- */
- arch_get_xen_caps(&cached_cap);
- cached_cap_len = strlen(cached_cap) + 1;
-
- return 0;
-}
-__initcall(capabilities_cache_init);
-
/*
* Local variables:
* mode: C
diff --git a/xen/include/public/arch-arm.h b/xen/include/public/arch-arm.h
index 5f90718..870bc3b 100644
--- a/xen/include/public/arch-arm.h
+++ b/xen/include/public/arch-arm.h
@@ -128,8 +128,6 @@
* * VCPUOP_register_vcpu_info
* * VCPUOP_register_runstate_memory_area
*
- * HYPERVISOR_version_op
- * All generic sub-operations
*
* Other notes on the ARM ABI:
*
diff --git a/xen/include/public/version.h b/xen/include/public/version.h
index 78961c9..24a582f 100644
--- a/xen/include/public/version.h
+++ b/xen/include/public/version.h
@@ -30,16 +30,7 @@
#include "xen.h"
-/*
- * There are two hypercalls mentioned in here. The XENVER_ are for
- * HYPERCALL_xen_version (17), while VERSION_ are for the
- * HYPERCALL_version_op (41).
- *
- * The subops are very similar except that the later hypercall has a
- * sane interface.
- *
- * NB. All XENVER_ ops return zero on success, except XENVER_{version,pagesize}
- */
+/* NB. All ops return zero on success, except XENVER_{version,pagesize} */
/* arg == NULL; returns major:minor (16:16). */
#define XENVER_version 0
@@ -96,67 +87,6 @@ typedef struct xen_feature_info xen_feature_info_t;
#define XENVER_commandline 9
typedef char xen_commandline_t[1024];
-/*
- * The HYPERCALL_version_op has a set of sub-ops which mirror the
- * sub-ops of HYPERCALL_xen_version. However this hypercall differs
- * radically from the former:
- * - It returns the amount of bytes copied, or
- * - It will return -XEN_EPERM if the sub-op is denied to the guest.
- * (Albeit XEN_VERSION_version, XEN_VERSION_platform_parameters, and
- * XEN_VERSION_get_features will always return an value as guest cannot
- * survive without this information).
- * - It will return the requested data in arg.
- * - It requires an third argument (len) for the length of the
- * arg. Naturally the arg has to fit the requested data otherwise
- * -XEN_ENOBUFS is returned.
- *
- * It also offers a mechanism to probe for the amount of bytes an
- * sub-op will require. Having the arg have a NULL handle will
- * return the number of bytes requested for the operation.
- * Or a negative value if an error is encountered.
- */
-
-typedef uint64_t xen_version_op_val_t;
-DEFINE_XEN_GUEST_HANDLE(xen_version_op_val_t);
-
-/*
- * arg == xen_version_op_val_t. Encoded as major:minor (31..16:15..0), while
- * 63..32 are zero.
- */
-#define XEN_VERSION_version 0
-
-/* arg == char[]. Contains NUL terminated utf-8 string. */
-#define XEN_VERSION_extraversion 1
-
-/* arg == char[]. Contains NUL terminated utf-8 string. */
-#define XEN_VERSION_capabilities 3
-
-/* arg == char[]. Contains NUL terminated utf-8 string. */
-#define XEN_VERSION_changeset 4
-
-/* arg == xen_version_op_val_t. */
-#define XEN_VERSION_platform_parameters 5
-
-/*
- * arg = xen_feature_info_t - shares the same structure
- * as the XENVER_get_features.
- */
-#define XEN_VERSION_get_features 6
-
-/* arg == xen_version_op_val_t. */
-#define XEN_VERSION_pagesize 7
-
-/*
- * arg == void.
- *
- * The toolstack fills it out for guest consumption. It is intended to hold
- * the UUID of the guest.
- */
-#define XEN_VERSION_guest_handle 8
-
-/* arg = char[]. Contains NUL terminated utf-8 string. */
-#define XEN_VERSION_commandline 9
-
#endif /* __XEN_PUBLIC_VERSION_H__ */
/*
diff --git a/xen/include/public/xen.h b/xen/include/public/xen.h
index 6ed74ef..37bbb22 100644
--- a/xen/include/public/xen.h
+++ b/xen/include/public/xen.h
@@ -115,7 +115,6 @@ DEFINE_XEN_GUEST_HANDLE(xen_ulong_t);
#define __HYPERVISOR_tmem_op 38
#define __HYPERVISOR_xc_reserved_op 39 /* reserved for XenClient */
#define __HYPERVISOR_xenpmu_op 40
-#define __HYPERVISOR_version_op 41 /* supersedes xen_version (17) */
/* Architecture-specific hypercall definitions. */
#define __HYPERVISOR_arch_0 48
diff --git a/xen/include/xen/hypercall.h b/xen/include/xen/hypercall.h
index e8d2b81..0c8ae0e 100644
--- a/xen/include/xen/hypercall.h
+++ b/xen/include/xen/hypercall.h
@@ -147,10 +147,6 @@ do_xenoprof_op(int op, XEN_GUEST_HANDLE_PARAM(void) arg);
extern long
do_xenpmu_op(unsigned int op, XEN_GUEST_HANDLE_PARAM(xen_pmu_params_t) arg);
-extern long
-do_version_op(unsigned int cmd,
- XEN_GUEST_HANDLE_PARAM(void) arg, unsigned int len);
-
#ifdef CONFIG_COMPAT
extern int
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index e5dad35..abbe282 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -751,24 +751,3 @@ static XSM_INLINE int xsm_xen_version (XSM_DEFAULT_ARG uint32_t op)
return xsm_default_action(XSM_PRIV, current->domain, NULL);
}
}
-
-static XSM_INLINE int xsm_version_op (XSM_DEFAULT_ARG uint32_t op)
-{
- XSM_ASSERT_ACTION(XSM_OTHER);
- switch ( op )
- {
- case XEN_VERSION_version:
- case XEN_VERSION_platform_parameters:
- case XEN_VERSION_get_features:
- /* These MUST always be accessible to any guest by default. */
- return 0;
- case XEN_VERSION_extraversion:
- case XEN_VERSION_capabilities:
- case XEN_VERSION_pagesize:
- case XEN_VERSION_guest_handle:
- /* These can be accessible to a guest. */
- return xsm_default_action(XSM_HOOK, current->domain, NULL);
- default:
- return xsm_default_action(XSM_PRIV, current->domain, NULL);
- }
-}
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 3cfd953..8ed8ee5 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -197,7 +197,6 @@ struct xsm_operations {
int (*pmu_op) (struct domain *d, unsigned int op);
#endif
int (*xen_version) (uint32_t cmd);
- int (*version_op) (uint32_t cmd);
};
#ifdef CONFIG_XSM
@@ -741,11 +740,6 @@ static inline int xsm_xen_version (xsm_default_t def, uint32_t op)
return xsm_ops->xen_version(op);
}
-static inline int xsm_version_op (xsm_default_t def, uint32_t op)
-{
- return xsm_ops->version_op(op);
-}
-
#endif /* XSM_NO_WRAPPERS */
#ifdef CONFIG_MULTIBOOT
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 776dd09..9791ad4 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -163,5 +163,4 @@ void xsm_fixup_ops (struct xsm_operations *ops)
set_to_dummy_if_null(ops, pmu_op);
#endif
set_to_dummy_if_null(ops, xen_version);
- set_to_dummy_if_null(ops, version_op);
}
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 233612e..6295768 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1664,40 +1664,6 @@ static int flask_xen_version (uint32_t op)
}
}
-static int flask_version_op (uint32_t op)
-{
- u32 dsid = domain_sid(current->domain);
-
- switch ( op )
- {
- case XEN_VERSION_version:
- case XEN_VERSION_platform_parameters:
- case XEN_VERSION_get_features:
- /* These MUST always be accessible to any guest by default. */
- return 0;
- case XEN_VERSION_extraversion:
- return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_VERSION,
- VERSION__EXTRAVERSION, NULL);
- case XEN_VERSION_capabilities:
- return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_VERSION,
- VERSION__CAPABILITIES, NULL);
- case XEN_VERSION_changeset:
- return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_VERSION,
- VERSION__CHANGESET, NULL);
- case XEN_VERSION_pagesize:
- return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_VERSION,
- VERSION__PAGESIZE, NULL);
- case XEN_VERSION_guest_handle:
- return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_VERSION,
- VERSION__GUEST_HANDLE, NULL);
- case XEN_VERSION_commandline:
- return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_VERSION,
- VERSION__COMMANDLINE, NULL);
- default:
- return -EPERM;
- }
-}
-
long do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op);
int compat_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op);
@@ -1837,7 +1803,6 @@ static struct xsm_operations flask_ops = {
.pmu_op = flask_pmu_op,
#endif
.xen_version = flask_xen_version,
- .version_op = flask_version_op,
};
static __init void flask_init(void)
diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/access_vectors
index 0ebb56b..bdb7b89 100644
--- a/xen/xsm/flask/policy/access_vectors
+++ b/xen/xsm/flask/policy/access_vectors
@@ -500,14 +500,12 @@ class security
del_ocontext
}
-# Class version is used to describe the XENVER_ and VERSION hypercall.
+# Class version is used to describe the XENVER_ hypercall.
# Almost all sub-ops are described here - in the default case all of them should
-# be allowed except the XENVER_commandline, VERSION_commandline, and
-# VERSION_changeset.
+# be allowed except the XENVER_commandline.
#
# The ones that are omitted are XENVER_version, XENVER_platform_parameters,
-# XENVER_get_features, XEN_VERSION_version, XEN_VERSION_platform_parameters,
-# and XEN_VERSION_get_features - as they MUST always be returned to a guest.
+# and XENVER_get_features - as they MUST always be returned to a guest.
#
class version
{
@@ -525,17 +523,4 @@ class version
xen_guest_handle
# Xen command line.
xen_commandline
-# --- VERSION hypercall ---
-# Extra informations (-unstable).
- extraversion
-# Such as "xen-3.0-x86_64 xen-3.0-x86_32p hvm-3.0-x86_32 hvm-3.0-x86_32p hvm-3.0-x86_64".
- capabilities
-# Source code changeset.
- changeset
-# Page size the hypervisor uses.
- pagesize
-# An value that the control stack can choose.
- guest_handle
-# Xen command line.
- commandline
}
--
2.5.0
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-04-25 15:36 UTC|newest]
Thread overview: 90+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-25 15:34 [PATCH 9] xSplice v1 design and implementation Konrad Rzeszutek Wilk
2016-04-25 15:34 ` [PATCH v9 01/27] Revert "libxc/libxl/python/xenstat/ocaml: Use new XEN_VERSION hypercall" Konrad Rzeszutek Wilk
2016-04-25 15:48 ` Jan Beulich
2016-04-25 15:53 ` Wei Liu
2016-04-25 15:34 ` Konrad Rzeszutek Wilk [this message]
2016-04-25 15:34 ` [PATCH v9 03/27] xsplice: Design document Konrad Rzeszutek Wilk
2016-04-25 15:34 ` [PATCH v9 04/27] xen/xsplice: Hypervisor implementation of XEN_XSPLICE_op Konrad Rzeszutek Wilk
2016-04-26 7:48 ` Ross Lagerwall
2016-04-26 7:52 ` Ross Lagerwall
2016-04-26 10:21 ` Jan Beulich
2016-04-26 17:50 ` Konrad Rzeszutek Wilk
2016-04-27 6:51 ` Jan Beulich
2016-04-27 13:47 ` Konrad Rzeszutek Wilk
2016-04-27 14:11 ` Jan Beulich
2016-04-25 15:34 ` [PATCH v9 05/27] libxc: Implementation of XEN_XSPLICE_op in libxc Konrad Rzeszutek Wilk
2016-04-26 7:51 ` Ross Lagerwall
2016-04-25 15:34 ` [PATCH v9 06/27] xen-xsplice: Tool to manipulate xsplice payloads Konrad Rzeszutek Wilk
2016-04-26 7:49 ` Ross Lagerwall
2016-04-25 15:34 ` [PATCH v9 07/27] arm/x86: Use struct virtual_region to do bug, symbol, and (x86) exception tables lookup Konrad Rzeszutek Wilk
2016-04-26 10:31 ` Jan Beulich
2016-04-25 15:34 ` [PATCH v9 08/27] arm/x86/vmap: Add v[z|m]alloc_xen and vm_init_type Konrad Rzeszutek Wilk
2016-04-26 10:47 ` Jan Beulich
2016-04-27 2:38 ` Konrad Rzeszutek Wilk
2016-04-27 7:12 ` Jan Beulich
2016-04-27 13:46 ` Konrad Rzeszutek Wilk
2016-04-27 14:15 ` Jan Beulich
2016-04-25 15:34 ` [PATCH v9 09/27] x86/mm: Introduce modify_xen_mappings() Konrad Rzeszutek Wilk
2016-04-25 15:34 ` [PATCH v9 10/27] xsplice: Add helper elf routines Konrad Rzeszutek Wilk
2016-04-26 10:05 ` Ross Lagerwall
2016-04-26 11:52 ` Jan Beulich
2016-04-26 12:37 ` Jan Beulich
2016-04-27 1:59 ` Konrad Rzeszutek Wilk
2016-04-27 7:27 ` Jan Beulich
2016-04-27 14:00 ` Konrad Rzeszutek Wilk
2016-04-27 4:06 ` Konrad Rzeszutek Wilk
2016-04-27 7:52 ` Jan Beulich
2016-04-27 18:45 ` Konrad Rzeszutek Wilk
2016-04-25 15:34 ` [PATCH v9 11/27] xsplice: Implement payload loading Konrad Rzeszutek Wilk
2016-04-26 10:48 ` Ross Lagerwall
2016-04-26 13:39 ` Jan Beulich
2016-04-27 1:47 ` Konrad Rzeszutek Wilk
2016-04-27 7:57 ` Jan Beulich
2016-04-27 3:28 ` Konrad Rzeszutek Wilk
2016-04-27 8:28 ` Jan Beulich
2016-04-27 15:48 ` Konrad Rzeszutek Wilk
2016-04-27 16:06 ` Jan Beulich
2016-04-27 16:14 ` Jan Beulich
2016-04-27 18:40 ` Konrad Rzeszutek Wilk
2016-04-25 15:34 ` [PATCH v9 12/27] xsplice: Implement support for applying/reverting/replacing patches Konrad Rzeszutek Wilk
2016-04-26 15:21 ` Jan Beulich
2016-04-27 3:39 ` Konrad Rzeszutek Wilk
2016-04-27 8:36 ` Jan Beulich
2016-05-11 9:51 ` Martin Pohlack
2016-05-11 13:56 ` Konrad Rzeszutek Wilk
2016-04-25 15:35 ` [PATCH v9 13/27] x86/xen_hello_world.xsplice: Test payload for patching 'xen_extra_version' Konrad Rzeszutek Wilk
2016-04-26 15:31 ` Jan Beulich
2016-04-25 15:35 ` [PATCH v9 14/27] xsplice, symbols: Implement symbol name resolution on address Konrad Rzeszutek Wilk
2016-04-26 15:48 ` Jan Beulich
2016-04-25 15:35 ` [PATCH v9 15/27] xsplice, symbols: Implement fast symbol names -> virtual addresses lookup Konrad Rzeszutek Wilk
2016-04-26 15:53 ` Jan Beulich
2016-04-25 15:35 ` [PATCH v9 16/27] x86, xsplice: Print payload's symbol name and payload name in backtraces Konrad Rzeszutek Wilk
2016-04-26 11:06 ` Ross Lagerwall
2016-04-26 12:41 ` Jan Beulich
2016-04-26 12:48 ` Ross Lagerwall
2016-04-26 13:41 ` Jan Beulich
2016-04-27 3:31 ` Konrad Rzeszutek Wilk
2016-04-27 8:37 ` Jan Beulich
2016-04-25 15:35 ` [PATCH v9 17/27] xsplice: Add support for bug frames Konrad Rzeszutek Wilk
2016-04-26 11:05 ` Ross Lagerwall
2016-04-26 13:08 ` Ross Lagerwall
2016-04-26 15:58 ` Jan Beulich
2016-04-25 15:35 ` [PATCH v9 18/27] xsplice: Add support for exception tables Konrad Rzeszutek Wilk
2016-04-26 16:01 ` Jan Beulich
2016-04-25 15:35 ` [PATCH v9 19/27] xsplice: Add support for alternatives Konrad Rzeszutek Wilk
2016-04-27 8:58 ` Jan Beulich
2016-04-25 15:35 ` [PATCH v9 20/27] build_id: Provide ld-embedded build-ids Konrad Rzeszutek Wilk
2016-04-25 15:35 ` [PATCH v9 21/27] xsplice: Print build_id in keyhandler and on bootup Konrad Rzeszutek Wilk
2016-04-25 15:35 ` [PATCH v9 22/27] XENVER_build_id/libxc: Provide ld-embedded build-id Konrad Rzeszutek Wilk
2016-04-25 15:35 ` [PATCH v9 23/27] libxl: info: Display build_id of the hypervisor Konrad Rzeszutek Wilk
2016-04-25 15:35 ` [PATCH v9 24/27] xsplice: Stacking build-id dependency checking Konrad Rzeszutek Wilk
2016-04-27 9:27 ` Jan Beulich
2016-04-27 16:36 ` Konrad Rzeszutek Wilk
2016-04-28 9:47 ` Jan Beulich
2016-04-25 15:35 ` [PATCH v9 25/27] xsplice/xen_replace_world: Test-case for XSPLICE_ACTION_REPLACE Konrad Rzeszutek Wilk
2016-04-25 15:35 ` [PATCH v9 26/27] xsplice: Prevent duplicate payloads from being loaded Konrad Rzeszutek Wilk
2016-04-27 9:31 ` Jan Beulich
2016-04-25 15:35 ` [PATCH v9 27/27] MAINTAINERS/xsplice: Add myself and Ross as the maintainers Konrad Rzeszutek Wilk
2016-04-25 15:41 ` [PATCH 9] xSplice v1 design and implementation Jan Beulich
2016-04-25 15:47 ` Konrad Rzeszutek Wilk
2016-04-25 15:54 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1461598514-5440-3-git-send-email-konrad.wilk@oracle.com \
--to=konrad.wilk@oracle.com \
--cc=andrew.cooper3@citrix.com \
--cc=konrad@kernel.org \
--cc=mpohlack@amazon.de \
--cc=ross.lagerwall@citrix.com \
--cc=sasha.levin@oracle.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.