[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v4 01/24] xen/xsm: remove redundant xsm_iomem_mapping()

  • To: <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Penny Zheng <Penny.Zheng@xxxxxxx>
  • Date: Fri, 21 Nov 2025 18:57:38 +0800
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fBzLiVF0LcwUzOwUxdhWXxnzaOdeFBAaIqk1xLrzlSc=; b=A45K6U/L3CBdDgO8l4TqJdU8AumVZMPromSzcbkEOd1NmErMRli2NUeIYF4UJjwdoXy84PN37/3lSgXTYD/66sbDlpAtsYdhTdvjqVeVj3PAvPEN6Y+Pbrjox05UmyES/q3KYOfR+bA9obv/GN8AA5qXrS3IA0VjD3Z4EL8svcF1Fur3wf2GPLdFSEngVXgnCzulf0Uad2rhpBYQMUCwu7zZQ3DN5iQoGxFH4/FmR410HN1PuYgJItF57VJufRujWc6hD9yXskOivH/4rylRBkdaHVgxcYKuIZoOwVPKal1whI5pr0z12Oq3W16H6vERm270SVM+alzbwd6rmPmvjg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=s8eAMa3A/DM8/2a/mFH2Tun8BemMcv5S8g7SnlUwdBpQ1VCnNyXDovA5cDo0VPgUTZWnyLxcKRccADLiToU6Tyghz4+Zp7HyhV42eGV4c9o3nEo26KVdKVRJHIJpezFGLqRO26MxAiHRRByPrHsw3KrG1QC4LizHKXh5n9uAoUSlm9blt3tZuI1TiGOsNaerMCIvedQ07YK7qWw+OeBC73P2wHCI/7PcdO1zRkgjxqHd5Pg1xlkLPf15iH/jOg140G3tDrAq3OsAKA+MsRfbuxO+dGzCYySLFFNgpaYBHDVKHPGCH+08RIHHZZENT+1/XCf37cU1+cC+KAkcDNQfhg==
  • Cc: <ray.huang@xxxxxxx>, <grygorii_strashko@xxxxxxxx>, Penny Zheng <Penny.Zheng@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, "Anthony PERARD" <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, "Jan Beulich" <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, "Stefano Stabellini" <sstabellini@xxxxxxxxxx>, Stewart Hildebrand <stewart.hildebrand@xxxxxxx>, "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
  • Delivery-date: Fri, 21 Nov 2025 10:58:49 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Function xsm_iomem_mapping() seems redundant, and in flask policy, it just
directly calls xsm_iomem_permission().
Remove it and use xsm_iomem_permission() instead, with the benefit of a
cf_check disappearing too.

Signed-off-by: Penny Zheng <Penny.Zheng@xxxxxxx>
Cc: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
---
v2 -> v3:
- new commit
---
 xen/common/domctl.c       | 2 +-
 xen/drivers/vpci/header.c | 2 +-
 xen/include/xsm/dummy.h   | 7 -------
 xen/include/xsm/xsm.h     | 8 --------
 xen/xsm/dummy.c           | 1 -
 xen/xsm/flask/hooks.c     | 6 ------
 6 files changed, 2 insertions(+), 24 deletions(-)

diff --git a/xen/common/domctl.c b/xen/common/domctl.c
index 29a7726d32..86da0086de 100644
--- a/xen/common/domctl.c
+++ b/xen/common/domctl.c
@@ -707,7 +707,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) 
u_domctl)
              !iomem_access_permitted(d, mfn, mfn_end) )
             break;
 
-        ret = xsm_iomem_mapping(XSM_HOOK, d, mfn, mfn_end, add);
+        ret = xsm_iomem_permission(XSM_HOOK, d, mfn, mfn_end, add);
         if ( ret )
             break;
 
diff --git a/xen/drivers/vpci/header.c b/xen/drivers/vpci/header.c
index 469f497744..1ff6c63f4d 100644
--- a/xen/drivers/vpci/header.c
+++ b/xen/drivers/vpci/header.c
@@ -67,7 +67,7 @@ static int cf_check map_range(
             return -EPERM;
         }
 
-        rc = xsm_iomem_mapping(XSM_HOOK, map->d, map_mfn, m_end, map->map);
+        rc = xsm_iomem_permission(XSM_HOOK, map->d, map_mfn, m_end, map->map);
         if ( rc )
         {
             printk(XENLOG_G_WARNING
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index e801dbcdba..e4e1c680c8 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -570,13 +570,6 @@ static XSM_INLINE int cf_check xsm_iomem_permission(
     return xsm_default_action(action, current->domain, d);
 }
 
-static XSM_INLINE int cf_check xsm_iomem_mapping(
-    XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
-{
-    XSM_ASSERT_ACTION(XSM_HOOK);
-    return xsm_default_action(action, current->domain, d);
-}
-
 static XSM_INLINE int cf_check xsm_pci_config_permission(
     XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf, uint16_t start,
     uint16_t end, uint8_t access)
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index d9e5c831f3..1d72431d32 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -116,8 +116,6 @@ struct xsm_ops {
     int (*irq_permission)(struct domain *d, int pirq, uint8_t allow);
     int (*iomem_permission)(struct domain *d, uint64_t s, uint64_t e,
                             uint8_t allow);
-    int (*iomem_mapping)(struct domain *d, uint64_t s, uint64_t e,
-                         uint8_t allow);
     int (*pci_config_permission)(struct domain *d, uint32_t machine_bdf,
                                  uint16_t start, uint16_t end, uint8_t access);
 
@@ -517,12 +515,6 @@ static inline int xsm_iomem_permission(
     return alternative_call(xsm_ops.iomem_permission, d, s, e, allow);
 }
 
-static inline int xsm_iomem_mapping(
-    xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow)
-{
-    return alternative_call(xsm_ops.iomem_mapping, d, s, e, allow);
-}
-
 static inline int xsm_pci_config_permission(
     xsm_default_t def, struct domain *d, uint32_t machine_bdf, uint16_t start,
     uint16_t end, uint8_t access)
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 96dc82ac2e..b7b65a7122 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -75,7 +75,6 @@ static const struct xsm_ops __initconst_cf_clobber dummy_ops 
= {
     .unbind_pt_irq                 = xsm_unbind_pt_irq,
     .irq_permission                = xsm_irq_permission,
     .iomem_permission              = xsm_iomem_permission,
-    .iomem_mapping                 = xsm_iomem_mapping,
     .pci_config_permission         = xsm_pci_config_permission,
     .get_vnumainfo                 = xsm_get_vnumainfo,
 
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 9f3915617c..89e790b774 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1167,11 +1167,6 @@ static int cf_check flask_iomem_permission(
     return security_iterate_iomem_sids(start, end, _iomem_has_perm, &data);
 }
 
-static int cf_check flask_iomem_mapping(struct domain *d, uint64_t start, 
uint64_t end, uint8_t access)
-{
-    return flask_iomem_permission(d, start, end, access);
-}
-
 static int cf_check flask_pci_config_permission(
     struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end,
     uint8_t access)
@@ -1945,7 +1940,6 @@ static const struct xsm_ops __initconst_cf_clobber 
flask_ops = {
     .unbind_pt_irq = flask_unbind_pt_irq,
     .irq_permission = flask_irq_permission,
     .iomem_permission = flask_iomem_permission,
-    .iomem_mapping = flask_iomem_mapping,
     .pci_config_permission = flask_pci_config_permission,
 
     .resource_plug_core = flask_resource_plug_core,
-- 
2.34.1

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.