| /xen-4.10.0-shim-comet/tools/libxc/ |
| A D | xc_mem_access.c | 28 xenmem_access_t access, in xc_set_mem_access() argument
36 .access = access, in xc_set_mem_access()
46 uint8_t *access, in xc_set_mem_access_multi() argument
50 DECLARE_HYPERCALL_BOUNCE(access, nr, XC_HYPERCALL_BUFFER_BOUNCE_IN); in xc_set_mem_access_multi()
59 .access = XENMEM_access_default + 1, /* Invalid value */ in xc_set_mem_access_multi()
65 xc_hypercall_bounce_pre(xch, access) ) in xc_set_mem_access_multi()
72 set_xen_guest_handle(mao.access_list, access); in xc_set_mem_access_multi()
76 xc_hypercall_bounce_post(xch, access); in xc_set_mem_access_multi()
85 xenmem_access_t *access) in xc_get_mem_access() argument
98 *access = mao.access; in xc_get_mem_access()
|
| A D | xc_flask.c | 326 err = xc_flask_context_to_sid(xch, (char*)scon, strlen(scon), &op.u.access.ssid); in xc_flask_access()
329 err = xc_flask_context_to_sid(xch, (char*)tcon, strlen(tcon), &op.u.access.tsid); in xc_flask_access()
334 op.u.access.tclass = tclass; in xc_flask_access()
335 op.u.access.req = req; in xc_flask_access()
343 *allowed = op.u.access.allowed; in xc_flask_access()
347 *auditallow = op.u.access.audit_allow; in xc_flask_access()
349 *auditdeny = op.u.access.audit_deny; in xc_flask_access()
351 *seqno = op.u.access.seqno; in xc_flask_access()
353 if ( (op.u.access.allowed & req) != req ) in xc_flask_access()
|
| /xen-4.10.0-shim-comet/xen/common/ |
| A D | mem_access.c | 70 MEMOP_CMD_MASK, mao.access, 0); in mem_access_memop()
92 xenmem_access_t access; in mem_access_memop() local
102 rc = p2m_get_mem_access(d, _gfn(mao.pfn), &access); in mem_access_memop()
106 mao.access = access; in mem_access_memop()
107 rc = __copy_field_to_guest(arg, &mao, access) ? -EFAULT : 0; in mem_access_memop()
|
| A D | Kconfig | 108 Enables FLASK (FLux Advanced Security Kernel) as the access control
109 mechanism used by the XSM framework. This provides a mandatory access
118 prompt "Maintain statistics on the FLASK access vector cache" if EXPERT = "y"
121 Maintain counters on the access vector cache that can be viewed using
149 domain 0 that manages devices without needing access to other
153 hardware itself. Because the hardware domain needs access to
|
| /xen-4.10.0-shim-comet/tools/libxl/ |
| A D | check-xl-disk-parse | 65 one 0 format=raw vdev=hda access=rw target=/dev/vg/guest-volume
82 one 0 format=raw vdev=hdc access=ro devtype=cdrom target=/root/image.iso
95 one 0 backendtype=phy,vdev=xvdb,access=w,target=/dev/vg/guest-volume
110 one 0 vdev=hdc,access=r,devtype=cdrom,target=
122 one 0 vdev=hdc,access=r,devtype=cdrom,format=empty
123 one 0 vdev=hdc,access=r,devtype=cdrom
138 one 0 vdev=xvda,access=w,script=block-iscsi,target=iqn.2001-05.com.equallogic:0-8a0906-23fe93404-c8…
|
| /xen-4.10.0-shim-comet/xen/arch/x86/mm/ |
| A D | mem_access.c | 40 xenmem_access_t *access) in _p2m_get_mem_access() argument
64 *access = memaccess[p2m->default_access]; in _p2m_get_mem_access()
78 *access = memaccess[a]; in _p2m_get_mem_access()
85 xenmem_access_t access; in p2m_mem_access_emulate_check() local
96 if ( _p2m_get_mem_access(p2m, _gfn(data->gfn), &access) == 0 ) in p2m_mem_access_emulate_check()
98 switch ( access ) in p2m_mem_access_emulate_check()
363 if ( !xenmem_access_to_p2m_access(p2m, access, &a) ) in p2m_set_mem_access()
425 uint8_t access; in p2m_set_mem_access_multi() local
429 copy_from_guest_offset(&access, access_list, start, 1) ) in p2m_set_mem_access_multi()
435 if ( !xenmem_access_to_p2m_access(p2m, access, &a) ) in p2m_set_mem_access_multi()
[all …]
|
| /xen-4.10.0-shim-comet/xen/arch/arm/ |
| A D | mem_access.c | 28 xenmem_access_t *access) in __p2m_get_mem_access() argument
54 *access = XENMEM_access_rwx; in __p2m_get_mem_access()
61 *access = memaccess[p2m->default_access]; in __p2m_get_mem_access()
79 *access = XENMEM_access_rwx; in __p2m_get_mem_access()
88 *access = memaccess[index]; in __p2m_get_mem_access()
350 uint32_t start, uint32_t mask, xenmem_access_t access, in p2m_set_mem_access() argument
373 switch ( access ) in p2m_set_mem_access()
376 a = memaccess[access]; in p2m_set_mem_access()
440 xenmem_access_t *access) in p2m_get_mem_access() argument
446 ret = __p2m_get_mem_access(d, gfn, access); in p2m_get_mem_access()
|
| /xen-4.10.0-shim-comet/tools/tests/xen-access/ |
| A D | Makefile | 12 TARGETS-y := xen-access
28 xen-access: xen-access.o Makefile
|
| /xen-4.10.0-shim-comet/tools/flask/policy/policy/ |
| A D | access_vectors | 1 # Locally defined access vectors
3 # Define access vectors for the security classes defined in security_classes.
|
| A D | security_classes | 4 # daemons that need to make access control decisions using the hypervisor's
|
| /xen-4.10.0-shim-comet/docs/misc/ |
| A D | grant-tables.txt | 9 The first mode of use allows domA to grant domB access to a specific frame,
11 access to the block back driver, so that it may read or write as requested.
13 1. domA creates a grant access reference, and transmits the ref id to domB.
15 3. domB performs the memory access.
66 act->lock : spinlock used to serialize access to active entry state
79 map->flags : ro/rw, mapped for host or device access
96 functions that access members of struct grant_table must acquire a
115 running and must be fully initialized. Once all access to the active
139 Granting a foreign domain access to frames
210 Ending foreign access
[all …]
|
| A D | vtpm-platforms.txt | 79 the guests with access to vTPMs may not be rebooted without rebooting the entire
93 permitted access to IO memory at 0xfed42; this IO memory is accessible to the
100 # xl block-attach vtpmmgr 'backendtype=phy,backend=hardware,vdev=hda,access=w,target=/dev/lvm/vtpmm…
101 # xl block-attach vtpm-hw 'backendtype=phy,backend=hardware,vdev=hda,access=w,target=/dev/lvm/vtpm-…
102 # xl block-attach vtpm-g1 'backendtype=phy,backend=hardware,vdev=hda,access=w,target=/dev/lvm/vtpm-…
103 # xl block-attach vtpm-g2 'backendtype=phy,backend=hardware,vdev=hda,access=w,target=/dev/lvm/vtpm-…
104 # xl block-attach guest1 'backendtype=phy,backend=hardware,vdev=xvda,access=w,target=/dev/lvm/guest…
105 # xl block-attach guest2 'backendtype=phy,backend=hardware,vdev=xvda,access=w,target=/dev/lvm/guest…
|
| /xen-4.10.0-shim-comet/tools/ocaml/xenstored/ |
| A D | oxenstored.conf.in | 63 # Xenstored access logs
64 # access-log-file = @XEN_LOG_DIR@/xenstored-access.log
65 # access-log-nb-lines = 13215
67 # access-log-special-ops = false
|
| /xen-4.10.0-shim-comet/xen/include/xen/ |
| A D | mem_access.h | 66 uint32_t start, uint32_t mask, xenmem_access_t access,
79 int p2m_get_mem_access(struct domain *d, gfn_t gfn, xenmem_access_t *access);
|
| /xen-4.10.0-shim-comet/xen/arch/x86/hvm/ |
| A D | io.c | 118 struct npfec access) in handle_mmio_with_translation() argument
122 vio->mmio_access = access.gla_valid && in handle_mmio_with_translation()
123 access.kind == npfec_kind_with_gla in handle_mmio_with_translation()
124 ? access : (struct npfec){}; in handle_mmio_with_translation()
|
| A D | i8254.c | 242 int channel, access; in pit_ioport_write() local
272 access = (val >> 4) & 3; in pit_ioport_write()
273 if ( access == 0 ) in pit_ioport_write()
279 s->rw_mode = access; in pit_ioport_write()
280 s->read_state = access; in pit_ioport_write()
281 s->write_state = access; in pit_ioport_write()
|
| /xen-4.10.0-shim-comet/tools/blktap2/control/ |
| A D | tap-ctl-allocate.c | 51 err = access(dir, W_OK | R_OK); in tap_ctl_prepare_directory()
104 if (!access(devname, F_OK)) in tap_ctl_make_device()
130 if (!access(BLKTAP2_CONTROL_DEVICE, R_OK | W_OK)) in tap_ctl_check_environment()
|
| /xen-4.10.0-shim-comet/xen/xsm/flask/policy/ |
| A D | access_vectors | 2 # Define the access vectors.
70 # tmem hypercall (any access)
329 # GNTTABOP_map_grant_ref with any access
331 # GNTTABOP_map_grant_ref with write access
421 # target = domain which will have access to the resource
425 # target = domain which will no longer have access to the resource
428 # source = domain which will have access to the resource
432 # source = domain which will have access to the resource
439 # source = domain which will have access to the resource
444 # source = domain which will have access to the resource
[all …]
|
| /xen-4.10.0-shim-comet/tools/flask/policy/modules/ |
| A D | dom0.te | 3 # Allow dom0 access to all sysctls, devices, and the security server.
46 # These permissions allow using the FLASK security server to compute access
48 # that does not have its own security server to make access decisions based on
|
| /xen-4.10.0-shim-comet/docs/man/ |
| A D | xenstore-chmod.pod.1 | 34 no access
40 subsequent entries. The key owner always has full access (read,
|
| A D | xenstore-ls.pod.1 | 44 no access
50 subsequent entries. The key owner always has full access (read,
|
| A D | xen-vtpmmgr.pod.7 | 23 =item 2. Provide a single controlled path of access to the physical TPM
127 domain must have access to TPM IO memory. (default)
132 domain which provides access to the TPM.
174 A domain with direct access to the hardware TPM will be able to decrypt the TPM
180 is safe to permit the hardware domain to access locality 0 (the default in
182 unexpected busy errors from the TPM driver. The ability to access locality 2 of
234 for storage and permission to access the hardware memory pages for the TPM. The
332 provides vTPM access to a para-virtualized Linux based DomU.
362 access to the physical TPM on the system and secures the
|
| /xen-4.10.0-shim-comet/stubdom/ |
| A D | pciutils.patch | 1 diff -urN pciutils-2.2.9.orig/lib/access.c pciutils-2.2.9/lib/access.c
2 --- pciutils-2.2.9.orig/lib/access.c 2007-02-06 11:59:43.000000000 +0000
3 +++ pciutils-2.2.9/lib/access.c 2008-06-30 19:07:09.713187000 +0100
69 + * The PCI Library -- MiniOS PCI frontend access
|
| /xen-4.10.0-shim-comet/xen/xsm/flask/ |
| A D | hooks.c | 853 static inline u32 resource_to_perm(uint8_t access) in resource_to_perm() argument
855 if ( access ) in resource_to_perm()
1011 static int flask_irq_permission (struct domain *d, int pirq, uint8_t access) in flask_irq_permission() argument
1014 return current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); in flask_irq_permission()
1048 resource_to_perm(access)); in flask_iomem_permission()
1052 if ( access ) in flask_iomem_permission()
1066 return flask_iomem_permission(d, start, end, access); in flask_iomem_mapping()
1081 if ( access && (end >= 0x10 && start < 0x28) ) in flask_pci_config_permission()
1546 resource_to_perm(access)); in flask_ioport_permission()
1551 if ( access ) in flask_ioport_permission()
[all …]
|
| /xen-4.10.0-shim-comet/tools/tests/ |
| A D | Makefile | 14 SUBDIRS-y += xen-access
|