/xen-4.10.0-shim-comet/tools/libxc/ |
A D | xc_mem_access.c | 28 xenmem_access_t access, in xc_set_mem_access() argument 36 .access = access, in xc_set_mem_access() 46 uint8_t *access, in xc_set_mem_access_multi() argument 50 DECLARE_HYPERCALL_BOUNCE(access, nr, XC_HYPERCALL_BUFFER_BOUNCE_IN); in xc_set_mem_access_multi() 59 .access = XENMEM_access_default + 1, /* Invalid value */ in xc_set_mem_access_multi() 65 xc_hypercall_bounce_pre(xch, access) ) in xc_set_mem_access_multi() 72 set_xen_guest_handle(mao.access_list, access); in xc_set_mem_access_multi() 76 xc_hypercall_bounce_post(xch, access); in xc_set_mem_access_multi() 85 xenmem_access_t *access) in xc_get_mem_access() argument 98 *access = mao.access; in xc_get_mem_access()
|
A D | xc_flask.c | 326 err = xc_flask_context_to_sid(xch, (char*)scon, strlen(scon), &op.u.access.ssid); in xc_flask_access() 329 err = xc_flask_context_to_sid(xch, (char*)tcon, strlen(tcon), &op.u.access.tsid); in xc_flask_access() 334 op.u.access.tclass = tclass; in xc_flask_access() 335 op.u.access.req = req; in xc_flask_access() 343 *allowed = op.u.access.allowed; in xc_flask_access() 347 *auditallow = op.u.access.audit_allow; in xc_flask_access() 349 *auditdeny = op.u.access.audit_deny; in xc_flask_access() 351 *seqno = op.u.access.seqno; in xc_flask_access() 353 if ( (op.u.access.allowed & req) != req ) in xc_flask_access()
|
/xen-4.10.0-shim-comet/xen/common/ |
A D | mem_access.c | 70 MEMOP_CMD_MASK, mao.access, 0); in mem_access_memop() 92 xenmem_access_t access; in mem_access_memop() local 102 rc = p2m_get_mem_access(d, _gfn(mao.pfn), &access); in mem_access_memop() 106 mao.access = access; in mem_access_memop() 107 rc = __copy_field_to_guest(arg, &mao, access) ? -EFAULT : 0; in mem_access_memop()
|
A D | Kconfig | 108 Enables FLASK (FLux Advanced Security Kernel) as the access control 109 mechanism used by the XSM framework. This provides a mandatory access 118 prompt "Maintain statistics on the FLASK access vector cache" if EXPERT = "y" 121 Maintain counters on the access vector cache that can be viewed using 149 domain 0 that manages devices without needing access to other 153 hardware itself. Because the hardware domain needs access to
|
/xen-4.10.0-shim-comet/tools/libxl/ |
A D | check-xl-disk-parse | 65 one 0 format=raw vdev=hda access=rw target=/dev/vg/guest-volume 82 one 0 format=raw vdev=hdc access=ro devtype=cdrom target=/root/image.iso 95 one 0 backendtype=phy,vdev=xvdb,access=w,target=/dev/vg/guest-volume 110 one 0 vdev=hdc,access=r,devtype=cdrom,target= 122 one 0 vdev=hdc,access=r,devtype=cdrom,format=empty 123 one 0 vdev=hdc,access=r,devtype=cdrom 138 one 0 vdev=xvda,access=w,script=block-iscsi,target=iqn.2001-05.com.equallogic:0-8a0906-23fe93404-c8…
|
/xen-4.10.0-shim-comet/xen/arch/x86/mm/ |
A D | mem_access.c | 40 xenmem_access_t *access) in _p2m_get_mem_access() argument 64 *access = memaccess[p2m->default_access]; in _p2m_get_mem_access() 78 *access = memaccess[a]; in _p2m_get_mem_access() 85 xenmem_access_t access; in p2m_mem_access_emulate_check() local 96 if ( _p2m_get_mem_access(p2m, _gfn(data->gfn), &access) == 0 ) in p2m_mem_access_emulate_check() 98 switch ( access ) in p2m_mem_access_emulate_check() 363 if ( !xenmem_access_to_p2m_access(p2m, access, &a) ) in p2m_set_mem_access() 425 uint8_t access; in p2m_set_mem_access_multi() local 429 copy_from_guest_offset(&access, access_list, start, 1) ) in p2m_set_mem_access_multi() 435 if ( !xenmem_access_to_p2m_access(p2m, access, &a) ) in p2m_set_mem_access_multi() [all …]
|
/xen-4.10.0-shim-comet/xen/arch/arm/ |
A D | mem_access.c | 28 xenmem_access_t *access) in __p2m_get_mem_access() argument 54 *access = XENMEM_access_rwx; in __p2m_get_mem_access() 61 *access = memaccess[p2m->default_access]; in __p2m_get_mem_access() 79 *access = XENMEM_access_rwx; in __p2m_get_mem_access() 88 *access = memaccess[index]; in __p2m_get_mem_access() 350 uint32_t start, uint32_t mask, xenmem_access_t access, in p2m_set_mem_access() argument 373 switch ( access ) in p2m_set_mem_access() 376 a = memaccess[access]; in p2m_set_mem_access() 440 xenmem_access_t *access) in p2m_get_mem_access() argument 446 ret = __p2m_get_mem_access(d, gfn, access); in p2m_get_mem_access()
|
/xen-4.10.0-shim-comet/tools/tests/xen-access/ |
A D | Makefile | 12 TARGETS-y := xen-access 28 xen-access: xen-access.o Makefile
|
/xen-4.10.0-shim-comet/tools/flask/policy/policy/ |
A D | access_vectors | 1 # Locally defined access vectors 3 # Define access vectors for the security classes defined in security_classes.
|
A D | security_classes | 4 # daemons that need to make access control decisions using the hypervisor's
|
/xen-4.10.0-shim-comet/docs/misc/ |
A D | grant-tables.txt | 9 The first mode of use allows domA to grant domB access to a specific frame, 11 access to the block back driver, so that it may read or write as requested. 13 1. domA creates a grant access reference, and transmits the ref id to domB. 15 3. domB performs the memory access. 66 act->lock : spinlock used to serialize access to active entry state 79 map->flags : ro/rw, mapped for host or device access 96 functions that access members of struct grant_table must acquire a 115 running and must be fully initialized. Once all access to the active 139 Granting a foreign domain access to frames 210 Ending foreign access [all …]
|
A D | vtpm-platforms.txt | 79 the guests with access to vTPMs may not be rebooted without rebooting the entire 93 permitted access to IO memory at 0xfed42; this IO memory is accessible to the 100 # xl block-attach vtpmmgr 'backendtype=phy,backend=hardware,vdev=hda,access=w,target=/dev/lvm/vtpmm… 101 # xl block-attach vtpm-hw 'backendtype=phy,backend=hardware,vdev=hda,access=w,target=/dev/lvm/vtpm-… 102 # xl block-attach vtpm-g1 'backendtype=phy,backend=hardware,vdev=hda,access=w,target=/dev/lvm/vtpm-… 103 # xl block-attach vtpm-g2 'backendtype=phy,backend=hardware,vdev=hda,access=w,target=/dev/lvm/vtpm-… 104 # xl block-attach guest1 'backendtype=phy,backend=hardware,vdev=xvda,access=w,target=/dev/lvm/guest… 105 # xl block-attach guest2 'backendtype=phy,backend=hardware,vdev=xvda,access=w,target=/dev/lvm/guest…
|
/xen-4.10.0-shim-comet/tools/ocaml/xenstored/ |
A D | oxenstored.conf.in | 63 # Xenstored access logs 64 # access-log-file = @XEN_LOG_DIR@/xenstored-access.log 65 # access-log-nb-lines = 13215 67 # access-log-special-ops = false
|
/xen-4.10.0-shim-comet/xen/include/xen/ |
A D | mem_access.h | 66 uint32_t start, uint32_t mask, xenmem_access_t access, 79 int p2m_get_mem_access(struct domain *d, gfn_t gfn, xenmem_access_t *access);
|
/xen-4.10.0-shim-comet/xen/arch/x86/hvm/ |
A D | io.c | 118 struct npfec access) in handle_mmio_with_translation() argument 122 vio->mmio_access = access.gla_valid && in handle_mmio_with_translation() 123 access.kind == npfec_kind_with_gla in handle_mmio_with_translation() 124 ? access : (struct npfec){}; in handle_mmio_with_translation()
|
A D | i8254.c | 242 int channel, access; in pit_ioport_write() local 272 access = (val >> 4) & 3; in pit_ioport_write() 273 if ( access == 0 ) in pit_ioport_write() 279 s->rw_mode = access; in pit_ioport_write() 280 s->read_state = access; in pit_ioport_write() 281 s->write_state = access; in pit_ioport_write()
|
/xen-4.10.0-shim-comet/tools/blktap2/control/ |
A D | tap-ctl-allocate.c | 51 err = access(dir, W_OK | R_OK); in tap_ctl_prepare_directory() 104 if (!access(devname, F_OK)) in tap_ctl_make_device() 130 if (!access(BLKTAP2_CONTROL_DEVICE, R_OK | W_OK)) in tap_ctl_check_environment()
|
/xen-4.10.0-shim-comet/xen/xsm/flask/policy/ |
A D | access_vectors | 2 # Define the access vectors. 70 # tmem hypercall (any access) 329 # GNTTABOP_map_grant_ref with any access 331 # GNTTABOP_map_grant_ref with write access 421 # target = domain which will have access to the resource 425 # target = domain which will no longer have access to the resource 428 # source = domain which will have access to the resource 432 # source = domain which will have access to the resource 439 # source = domain which will have access to the resource 444 # source = domain which will have access to the resource [all …]
|
/xen-4.10.0-shim-comet/tools/flask/policy/modules/ |
A D | dom0.te | 3 # Allow dom0 access to all sysctls, devices, and the security server. 46 # These permissions allow using the FLASK security server to compute access 48 # that does not have its own security server to make access decisions based on
|
/xen-4.10.0-shim-comet/docs/man/ |
A D | xenstore-chmod.pod.1 | 34 no access 40 subsequent entries. The key owner always has full access (read,
|
A D | xenstore-ls.pod.1 | 44 no access 50 subsequent entries. The key owner always has full access (read,
|
A D | xen-vtpmmgr.pod.7 | 23 =item 2. Provide a single controlled path of access to the physical TPM 127 domain must have access to TPM IO memory. (default) 132 domain which provides access to the TPM. 174 A domain with direct access to the hardware TPM will be able to decrypt the TPM 180 is safe to permit the hardware domain to access locality 0 (the default in 182 unexpected busy errors from the TPM driver. The ability to access locality 2 of 234 for storage and permission to access the hardware memory pages for the TPM. The 332 provides vTPM access to a para-virtualized Linux based DomU. 362 access to the physical TPM on the system and secures the
|
/xen-4.10.0-shim-comet/stubdom/ |
A D | pciutils.patch | 1 diff -urN pciutils-2.2.9.orig/lib/access.c pciutils-2.2.9/lib/access.c 2 --- pciutils-2.2.9.orig/lib/access.c 2007-02-06 11:59:43.000000000 +0000 3 +++ pciutils-2.2.9/lib/access.c 2008-06-30 19:07:09.713187000 +0100 69 + * The PCI Library -- MiniOS PCI frontend access
|
/xen-4.10.0-shim-comet/xen/xsm/flask/ |
A D | hooks.c | 853 static inline u32 resource_to_perm(uint8_t access) in resource_to_perm() argument 855 if ( access ) in resource_to_perm() 1011 static int flask_irq_permission (struct domain *d, int pirq, uint8_t access) in flask_irq_permission() argument 1014 return current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); in flask_irq_permission() 1048 resource_to_perm(access)); in flask_iomem_permission() 1052 if ( access ) in flask_iomem_permission() 1066 return flask_iomem_permission(d, start, end, access); in flask_iomem_mapping() 1081 if ( access && (end >= 0x10 && start < 0x28) ) in flask_pci_config_permission() 1546 resource_to_perm(access)); in flask_ioport_permission() 1551 if ( access ) in flask_ioport_permission() [all …]
|
/xen-4.10.0-shim-comet/tools/tests/ |
A D | Makefile | 14 SUBDIRS-y += xen-access
|