SMC whitelist from the manifest. This works for a small number of SMCs. `smc_whitelist` is a list of the SMCs a VM is allowed to make. `smc_whitelist_permissive` can be set to allow SMCs through even if they are not whitelisted (for development and debug). Bug: 132421503 Change-Id: I64b243d551da35f7625368a72a5a3980d63752f9

commit: ae9962e2de38fd4bd29861e74baec0d86ed79d86 [log] [tgz]
author: Andrew Scull <ascull@google.com> Thu Oct 03 16:51:16 2019 +0100
committer: Andrew Scull <ascull@google.com> Wed Oct 09 09:53:58 2019 +0000
tree: 6912bb781336752ba79ac69534eee5a5d548c74e
parent: 81586ea96021fbb140d44d750bbb0cbaf82584b1 [diff] [blame]
diff --git a/inc/hf/manifest.h b/inc/hf/manifest.h
index 3e9f76f..cfedc61 100644
--- a/inc/hf/manifest.h
+++ b/inc/hf/manifest.h

@@ -20,6 +20,7 @@
 #include "hf/memiter.h"
 #include "hf/spci.h"
 #include "hf/string.h"
+#include "hf/vm.h"
 
 /**
  * Holds information about one of the VMs described in the manifest.
@@ -28,6 +29,7 @@
 	/* Properties defined for both primary and secondary VMs. */
 	struct string debug_name;
 	struct string kernel_filename;
+	struct smc_whitelist smc_whitelist;
 
 	union {
 		/* Properties specific to the primary VM. */
@@ -63,6 +65,7 @@
 	MANIFEST_ERROR_MALFORMED_STRING_LIST,
 	MANIFEST_ERROR_MALFORMED_INTEGER,
 	MANIFEST_ERROR_INTEGER_OVERFLOW,
+	MANIFEST_ERROR_MALFORMED_INTEGER_LIST,
 };
 
 enum manifest_return_code manifest_init(struct manifest *manifest,
commit	ae9962e2de38fd4bd29861e74baec0d86ed79d86	[log] [tgz]
author	Andrew Scull <ascull@google.com>	Thu Oct 03 16:51:16 2019 +0100
committer	Andrew Scull <ascull@google.com>	Wed Oct 09 09:53:58 2019 +0000
tree	6912bb781336752ba79ac69534eee5a5d548c74e
parent	81586ea96021fbb140d44d750bbb0cbaf82584b1 [diff] [blame]