Xen project Mailing List

[PATCH v2 21/26] xen/xsm: wrap xsm-iommu-related functions with CONFIG_MGMT_HYPERCALLS

From: Penny Zheng <Penny.Zheng@xxxxxxx>

Date: Wed, 10 Sep 2025 15:38:22 +0800

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iJfzE4HwZb5sVihZocpi8ewX0y4oS0xM9b4IWEsHGt0=; b=lkZAarVVClCAEsVGn7VrAavyEl15skNJQjiOGUDj5JNpCozs8pxtFtkJJylcxZ6EYr+WsSIWXF8ctkpamCtvJzO6kjQSLvJQIASJtLpDNKZubmP4QGgChn3f+FUduZMlZxssfLYWbiYtvOSAQ4/5UvXlita50WZK93vGI8U047W7h+RcW11NgLIVombVrs3dBW5H7IatsgPrQiOCR6g8ODprvOPwi38+kghHQ1ppwko2o7LAEy0jrttB/hGC35sRGdSBaGOshqtXeFe7tgX5lug+vn1kXQJmlneexowjIS6wOiG/J8WHgPz0O5QRMzUCWLaw9x+8GKKR/ECfznbWIA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=KqBPYcF+RKgCzD8AbvT4f+rcbgu9knei3BvSOYtE1ybXUFghYm4mESW/rO8YYWEzYH8ltkO5l12OEgzdTzHNhWhFGJq1JgJbpZLEuNd3TdMb/++RAAVHmPu7FiWxs9bVZZQ9dNmNukRnLsFZnUysGyimbo3ipNFUDLgao6+tSuieEvDIc/5pjQ3vDMSpXB7JQozuV8hzuLo3y2ZpOjoMVxnrsGqahyxbqNnBdKAcC88DrEFW4tFC3yzg0dU8C1sFD3gjYL18nEj9imzagW332DpXApXhGi/kXKv1pSjk/Lo2bNn3eSkGQOhrNXovoc1sXozUkqlWGXsQZCWuqQK7SA==

Cc: <ray.huang@xxxxxxx>, Penny Zheng <Penny.Zheng@xxxxxxx>, "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Wed, 10 Sep 2025 07:46:38 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

The following functions are xsm-related and only invoked under iommu-related domctl-op and shall all be wrapped with CONFIG_MGMT_HYPERCALLS: - xsm_get_device_group - xsm_assign_device - xsm_deassign_device - xsm_assign_dtdevice - xsm_deassign_dtdevice Signed-off-by: Penny Zheng <Penny.Zheng@xxxxxxx> --- v1 -> v2: - new commit --- xen/include/xsm/xsm.h | 12 ++++++------ xen/xsm/dummy.c | 4 ++-- xen/xsm/flask/hooks.c | 12 ++++++------ 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h index 2a107b2cde..542488bd44 100644 --- a/xen/include/xsm/xsm.h +++ b/xen/include/xsm/xsm.h @@ -123,13 +123,13 @@ struct xsm_ops { int (*pci_config_permission)(struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access); -#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) +#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) && defined(CONFIG_MGMT_HYPERCALLS) int (*get_device_group)(uint32_t machine_bdf); int (*assign_device)(struct domain *d, uint32_t machine_bdf); int (*deassign_device)(struct domain *d, uint32_t machine_bdf); #endif -#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY) +#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY) && defined(CONFIG_MGMT_HYPERCALLS) int (*assign_dtdevice)(struct domain *d, const char *dtpath); int (*deassign_dtdevice)(struct domain *d, const char *dtpath); #endif @@ -548,7 +548,7 @@ static inline int xsm_pci_config_permission( return alternative_call(xsm_ops.pci_config_permission, d, machine_bdf, start, end, access); } -#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) +#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) && defined(CONFIG_MGMT_HYPERCALLS) static inline int xsm_get_device_group(xsm_default_t def, uint32_t machine_bdf) { return alternative_call(xsm_ops.get_device_group, machine_bdf); @@ -565,9 +565,9 @@ static inline int xsm_deassign_device( { return alternative_call(xsm_ops.deassign_device, d, machine_bdf); } -#endif /* HAS_PASSTHROUGH && HAS_PCI) */ +#endif /* HAS_PASSTHROUGH && HAS_PCI && CONFIG_MGMT_HYPERCALLS */ -#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY) +#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY) && defined(CONFIG_MGMT_HYPERCALLS) static inline int xsm_assign_dtdevice( xsm_default_t def, struct domain *d, const char *dtpath) { @@ -580,7 +580,7 @@ static inline int xsm_deassign_dtdevice( return alternative_call(xsm_ops.deassign_dtdevice, d, dtpath); } -#endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE_DISCOVERY */ +#endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE_DISCOVERY && CONFIG_MGMT_HYPERCALLS */ static inline int xsm_resource_plug_pci(xsm_default_t def, uint32_t machine_bdf) { diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c index 7c4e6176aa..2c8e0725b6 100644 --- a/xen/xsm/dummy.c +++ b/xen/xsm/dummy.c @@ -81,13 +81,13 @@ static const struct xsm_ops __initconst_cf_clobber dummy_ops = { .pci_config_permission = xsm_pci_config_permission, .get_vnumainfo = xsm_get_vnumainfo, -#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) +#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) && defined(CONFIG_MGMT_HYPERCALLS) .get_device_group = xsm_get_device_group, .assign_device = xsm_assign_device, .deassign_device = xsm_deassign_device, #endif -#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY) +#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY) && defined(CONFIG_MGMT_HYPERCALLS) .assign_dtdevice = xsm_assign_dtdevice, .deassign_dtdevice = xsm_deassign_dtdevice, #endif diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index 7392e95e55..66d8bfda3a 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1393,7 +1393,7 @@ static int cf_check flask_mem_sharing(struct domain *d) } #endif -#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) +#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) && defined(CONFIG_MGMT_HYPERCALLS) static int cf_check flask_get_device_group(uint32_t machine_bdf) { uint32_t rsid; @@ -1464,9 +1464,9 @@ static int cf_check flask_deassign_device( return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); } -#endif /* HAS_PASSTHROUGH && HAS_PCI */ +#endif /* HAS_PASSTHROUGH && HAS_PCI && MGMT_HYPERCALLS */ -#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY) +#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY) && defined(CONFIG_MGMT_HYPERCALLS) static int flask_test_assign_dtdevice(const char *dtpath) { uint32_t rsid; @@ -1527,7 +1527,7 @@ static int cf_check flask_deassign_dtdevice( return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); } -#endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE_DISCOVERY */ +#endif /* HAS_PASSTHROUGH && HAS_DEVICE_TREE_DISCOVERY && MGMT_HYPERCALLS */ static int cf_check flask_platform_op(uint32_t op) { @@ -1993,13 +1993,13 @@ static const struct xsm_ops __initconst_cf_clobber flask_ops = { .remove_from_physmap = flask_remove_from_physmap, .map_gmfn_foreign = flask_map_gmfn_foreign, -#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) +#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_PCI) && defined(CONFIG_MGMT_HYPERCALLS) .get_device_group = flask_get_device_group, .assign_device = flask_assign_device, .deassign_device = flask_deassign_device, #endif -#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY) +#if defined(CONFIG_HAS_PASSTHROUGH) && defined(CONFIG_HAS_DEVICE_TREE_DISCOVERY) && defined(CONFIG_MGMT_HYPERCALLS) .assign_dtdevice = flask_assign_dtdevice, .deassign_dtdevice = flask_deassign_dtdevice, #endif -- 2.34.1

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.