From mboxrd@z Thu Jan  1 00:00:00 1970
From: Julien Grall <julien.grall@linaro.org>
Subject: [RFC 09/14] xen/xsm: flask: MSI is PCI specific
Date: Wed, 12 Mar 2014 16:16:04 +0000
Message-ID: <1394640969-25583-10-git-send-email-julien.grall@linaro.org>
References: <1394640969-25583-1-git-send-email-julien.grall@linaro.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
Received: from mail6.bemta3.messagelabs.com ([195.245.230.39])
	by lists.xen.org with esmtp (Exim 4.72)
	(envelope-from <julien.grall@linaro.org>) id 1WNlqA-00081W-GN
	for xen-devel@lists.xenproject.org; Wed, 12 Mar 2014 16:17:10 +0000
Received: by mail-wi0-f180.google.com with SMTP id hm4so2628836wib.7
	for <xen-devel@lists.xenproject.org>;
	Wed, 12 Mar 2014 09:16:33 -0700 (PDT)
In-Reply-To: <1394640969-25583-1-git-send-email-julien.grall@linaro.org>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: xen-devel@lists.xenproject.org
Cc: stefano.stabellini@citrix.com, Daniel De Graaf <dgdegra@tycho.nsa.gov>, Julien Grall <julien.grall@linaro.org>, tim@xen.org, ian.campbell@citrix.com
List-Id: xen-devel@lists.xenproject.org

MSI is not yet support on ARM and will break the compilation when XSM_ENABLE=y.

Signed-off-by: Julien Grall <julien.grall@linaro.org>
Cc: Daniel De Graaf <dgdegra@tycho.nsa.gov>
---
 xen/xsm/flask/hooks.c |   72 +++++++++++++++++++++++++++++++++++--------------
 1 file changed, 52 insertions(+), 20 deletions(-)

diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 65343f3..56c7645 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -19,7 +19,9 @@
 #include <xen/errno.h>
 #include <xen/guest_access.h>
 #include <xen/xenoprof.h>
+#ifdef HAS_PCI
 #include <asm/msi.h>
+#endif
 #include <public/xen.h>
 #include <public/physdev.h>
 #include <public/platform.h>
@@ -100,7 +102,6 @@ static int domain_has_xen(struct domain *d, u32 perms)
 
 static int get_irq_sid(int irq, u32 *sid, struct avc_audit_data *ad)
 {
-    struct irq_desc *desc = irq_to_desc(irq);
     if ( irq >= nr_irqs || irq < 0 )
         return -EINVAL;
     if ( irq < nr_static_irqs ) {
@@ -110,15 +111,21 @@ static int get_irq_sid(int irq, u32 *sid, struct avc_audit_data *ad)
         }
         return security_irq_sid(irq, sid);
     }
-    if ( desc->msi_desc && desc->msi_desc->dev ) {
-        struct pci_dev *dev = desc->msi_desc->dev;
-        u32 sbdf = (dev->seg << 16) | (dev->bus << 8) | dev->devfn;
-        if (ad) {
-            AVC_AUDIT_DATA_INIT(ad, DEV);
-            ad->device = sbdf;
+#ifdef HAS_PCI
+    {
+        struct irq_desc *desc = irq_to_desc(irq);
+        if ( desc->msi_desc && desc->msi_desc->dev ) {
+            struct pci_dev *dev = desc->msi_desc->dev;
+            u32 sbdf = (dev->seg << 16) | (dev->bus << 8) | dev->devfn;
+            if (ad) {
+                AVC_AUDIT_DATA_INIT(ad, DEV);
+                ad->device = sbdf;
+            }
+            return security_device_sid(sbdf, sid);
         }
-        return security_device_sid(sbdf, sid);
     }
+#endif
+
     if (ad) {
         AVC_AUDIT_DATA_INIT(ad, IRQ);
         ad->irq = irq;
@@ -825,21 +832,34 @@ static int flask_map_domain_pirq (struct domain *d)
     return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD);
 }
 
+static int flask_map_domain_msi (struct domain *d, int irq, void *data,
+                                 u32 *sid, struct avc_audit_data *ad)
+{
+#ifdef HAS_PCI
+    struct msi_info *msi = data;
+
+    u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn;
+    AVC_AUDIT_DATA_INIT(ad, DEV);
+    ad->device = machine_bdf;
+
+    return security_device_sid(machine_bdf, sid);
+#else
+    return -EINVAL;
+#endif
+}
+
 static int flask_map_domain_irq (struct domain *d, int irq, void *data)
 {
     u32 sid, dsid;
     int rc = -EPERM;
-    struct msi_info *msi = data;
     struct avc_audit_data ad;
 
-    if ( irq >= nr_static_irqs && msi ) {
-        u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn;
-        AVC_AUDIT_DATA_INIT(&ad, DEV);
-        ad.device = machine_bdf;
-        rc = security_device_sid(machine_bdf, &sid);
+    if ( irq >= nr_static_irqs && data ) {
+        rc = flask_map_domain_msi(d, irq, data, &sid, &ad);
     } else {
         rc = get_irq_sid(irq, &sid, &ad);
     }
+
     if ( rc )
         return rc;
 
@@ -858,18 +878,30 @@ static int flask_unmap_domain_pirq (struct domain *d)
     return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE);
 }
 
+static int flask_unmap_domain_msi (struct domain *d, int irq, void *data,
+                                   u32 *sid, struct avc_audit_data *ad)
+{
+#ifdef HAS_PCI
+    struct msi_info *msi = data;
+    u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn;
+
+    AVC_AUDIT_DATA_INIT(ad, DEV);
+    ad->device = machine_bdf;
+
+    return security_device_sid(machine_bdf, sid);
+#else
+    return -EINVAL;
+#endif
+}
+
 static int flask_unmap_domain_irq (struct domain *d, int irq, void *data)
 {
     u32 sid;
     int rc = -EPERM;
-    struct msi_info *msi = data;
     struct avc_audit_data ad;
 
-    if ( irq >= nr_static_irqs && msi ) {
-        u32 machine_bdf = (msi->seg << 16) | (msi->bus << 8) | msi->devfn;
-        AVC_AUDIT_DATA_INIT(&ad, DEV);
-        ad.device = machine_bdf;
-        rc = security_device_sid(machine_bdf, &sid);
+    if ( irq >= nr_static_irqs && data ) {
+        rc = flask_unmap_domain_msi(d, irq, data, &sid, &ad);
     } else {
         rc = get_irq_sid(irq, &sid, &ad);
     }
-- 
1.7.10.4