arch/x86/mm.c:1897: else if ( !IS_PRIV(d) ) In set_foreigndom. Policy is to allow operation on self, or else on the IO domain, or else by privileged domain. XSM hooks follow this for the individual mmu_update_ops, some of the individual mmuext_ops and in do_update_va_mapping. arch/x86/mm.c:2831: if ( unlikely(!IS_PRIV(current->domain)) ) In do_update_va_mapping_otherdomain. Called immediately before call to set_foreigndom. Policy is to allow operation by privileged domain only. XSM hook is in do_update_va_mapping, but no attempt is made to check the domain. arch/x86/mm.c:3018: else if ( !IS_PRIV(current->domain) ) In arch_memory_op, XENMEM_add_to_physmap case. Policy is to allow operation on self or else by privileged domain. XSM hook directly follows this check. arch/x86/mm.c:3101: else if ( !IS_PRIV(current->domain) ) In arch_memory_op, XENMEM_set_memory_map case. Policy is to allow operation on self or else by privileged domain. XSM hook directly follows this check. arch/x86/mm.c:3149: if ( !IS_PRIV(current->domain) ) In arch_memory_op, XENMEM_machine_memory_map case. Policy is to allow operation by privileged domain only. XSM hook directly follows this check. XSM hook directly follows this check. arch/x86/hvm/hvm.c:890: if ( !IS_PRIV(current->domain) ) In hvmop_set_pci_intx_level. Policy is to allow operation by privileged domain only. XSM hook directly follows this check. arch/x86/hvm/hvm.c:937: if ( !IS_PRIV(current->domain) ) In hvmop_set_isa_irq_level. Policy is to allow operation by privileged domain only. XSM hook directly follows this check. arch/x86/hvm/hvm.c:984: if ( !IS_PRIV(current->domain) ) In hvmop_set_pci_link_route. Policy is to allow operation by privileged domain only. XSM hook directly follows this check. arch/x86/hvm/hvm.c:1033: else if ( IS_PRIV(current->domain) ) In do_hvm_op, HVMOP_{set,get}_param cases. Policy is to allow operation on self or else by privileged domain. XSM hook directly follows this check. arch/x86/traps.c:591: if ( !IS_PRIV(current->domain) ) In emulate_forced_invalid_op. Does not perform access control, but instead clears a bit in the EDX register (corresponding to Memory Type Range Registers. arch/x86/platform_hypercall.c:39: if ( !IS_PRIV(current->domain) ) In do_platform_op. Policy is to allow operation by privileged domain only. XSM hooks are placed in the individual platform_ops. arch/x86/mm/shadow/multi.c:912: IS_PRIV(d) && In shadow_get_page_from_l1e. Policy is to allow operation on self or else by privileged domain. No associated XSM hook. arch/x86/physdev.c:80: if ( !IS_PRIV(current->domain) ) In do_physdev_op, PHYSDEVOP_apic_read case. Policy is to allow operation by privileged domain only. XSM hook directly follows this check. arch/x86/physdev.c:97: if ( !IS_PRIV(current->domain) ) In do_physdev_op, PHYSDEVOP_apic_write case. Policy is to allow operation by privileged domain only. XSM hook directly follows this check. arch/x86/physdev.c:114: if ( !IS_PRIV(current->domain) ) In do_physdev_op, PHYSDEVOP_alloc_irq_vector case. Policy is to allow operation by privileged domain only. XSM hook directly follows this check. arch/ia64/vmx/vmx_hypercall.c:50: if ( !IS_PRIV(current->domain) ) In hvmop_set_isa_irq_level. Policy is to allow operation by privileged domain only. *No associated XSM hook.* arch/ia64/vmx/vmx_hypercall.c:82: if ( !IS_PRIV(current->domain) ) In hvmop_set_pci_intx_level. Policy is to allow operation by privileged domain only. *No associated XSM hook.* arch/ia64/vmx/vmx_hypercall.c:127: else if (IS_PRIV(current->domain)) { In do_hvm_op, HVMOP_{set,get}_param cases. Policy is to allow operation on self or else by privileged domain. *No associated XSM hook.* arch/ia64/xen/hypercall.c:343: if ( !IS_PRIV(current->domain) ) In do_physdev_op, PHYSDEVOP_apic_read case. Policy is to allow operation by privileged domain only. *No associated XSM hook.* arch/ia64/xen/hypercall.c:357: if ( !IS_PRIV(current->domain) ) In do_physdev_op, PHYSDEVOP_apic_write case. Policy is to allow operation by privileged domain only. *No associated XSM hook.* arch/ia64/xen/hypercall.c:371: if ( !IS_PRIV(current->domain) ) In do_physdev_op, PHYSDEVOP_alloc_irq_vector case. Policy is to allow operation by privileged domain only. *No associated XSM hook.* arch/ia64/xen/hypercall.c:392: if ( !IS_PRIV(current->domain) ) In do_physdev_op, PHYSDEVOP_free_irq_vector case. Policy is to allow operation by privileged domain only. *No associated XSM hook.* arch/ia64/xen/mm.c:2075: else if (!IS_PRIV(current->domain)) In arch_memory_op, XENMEM_add_to_physmap case. Policy is to allow operation on self or else by privileged domain. *No associated XSM hook.* arch/ia64/xen/dom0_ops.c:35: if ( !IS_PRIV(current->domain) ) In arch_do_domctl. Policy is to allow operation by privileged domain only. *No associated XSM hook.* common/memory.c:235: else if ( !IS_PRIV(current->domain) ) In translate_gpfn_list. Policy is to allow operation on self or else by privileged domain. XSM hook is called for each mfn in the list. common/memory.c:350: rc = IS_PRIV(current->domain) ? -EINVAL : -EPERM; In memory_exchange. Policy is to allow operation on *self only* (privilege is irrelevant). No associated XSM hook. common/memory.c:545: else if ( !IS_PRIV(current->domain) || In do_memory_op, XENMEM_{{increase,decrease}_reservation,populate_physmap} cases. Policy is to allow operation on self or else by privileged domain. XSM hook directly follows this check. common/memory.c:599: else if ( !IS_PRIV(current->domain) ) In do_memory_op, XENMEM_{{current,maximum}_reservation,maximum_gpfn} cases. Policy is to allow operation on self or else by privileged domain. XSM hook directly follows this check. common/kexec.c:361: if ( !IS_PRIV(current->domain) ) In do_kexec_op. Policy is to allow operation by privileged domain only. XSM hook directly follows this check. common/grant_table.c:644: else if ( unlikely(!IS_PRIV(current->domain)) ) In gnttab_setup_table. Policy is to allow operation on self or else by privileged domain. XSM hook directly follows this check. common/grant_table.c:720: else if ( unlikely(!IS_PRIV(current->domain)) ) In gnttab_query_size. Policy is to allow operation on self or else by privileged domain. XSM hook directly follows this check. common/domctl.c:178: if ( !IS_PRIV(current->domain) ) In do_domctl. Policy is to allow operation by privileged domain only. XSM hooks are placed in the individual domctls. common/event_channel.c:116: else if ( !IS_PRIV(current->domain) ) In evtchn_alloc_unbound. Policy is to allow operation on self or else by privileged domain. XSM hook directly follows this check. common/event_channel.c:624: else if ( !IS_PRIV(current->domain) ) In evtchn_status. Policy is to allow operation on self or else by privileged domain. XSM hook directly follows this check. common/event_channel.c:781: else if ( !IS_PRIV(current->domain) ) In evtchn_reset. Policy is to allow operation on self or else by privileged domain. XSM hook directly follows this check. common/sysctl.c:35: if ( !IS_PRIV(current->domain) ) In do_sysctl. Policy is to allow operation by privileged domain only. XSM hooks are placed in the individual sysctls. common/schedule.c:453: if ( !IS_PRIV(current->domain) ) In do_sched_op, SCHEDOP_remote_shutdown case. Policy is to allow operation by privileged domain only. XSM hook directly follows this check. xsm/acm/acm_simple_type_enforcement_hooks.c:709: if (!IS_PRIV(current->domain)) { In ste_pre_grant_setup. Policy is to allow operation by privileged domain only. No associated XSM hook. xsm/acm/acm_ops.c:41: return (IS_PRIV(d) ? 0 : -EPERM); In acm_authorize_acm_ops. Policy is to allow operation by privileged domain only. No associated XSM hook.