[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 03/18] xsm: allow use of XEN_DOMCTL_getdomaininfo by non-IS_PRIV domains


  • To: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>
  • From: Keir Fraser <keir@xxxxxxx>
  • Date: Wed, 11 Jan 2012 17:27:09 +0000
  • Delivery-date: Wed, 11 Jan 2012 17:27:26 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xensource.com>
  • Thread-index: AczQhj8dJea+/L5bxUK9kA9FOZNvHA==
  • Thread-topic: [Xen-devel] [PATCH 03/18] xsm: allow use of XEN_DOMCTL_getdomaininfo by non-IS_PRIV domains

On 11/01/2012 17:21, "Daniel De Graaf" <dgdegra@xxxxxxxxxxxxx> wrote:

> This domctl does not allow manipulation of domains, only basic
> information such as size and state. XSM modules can also provide
> fine-grained control over what domains are visible to domains that call
> getdomaininfo.

Well there's a reason we might not disallow the hypercall. But why would we
actually care to allow it?

 -- Keir

> Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
> ---
>  xen/common/domctl.c |    4 ++++
>  1 files changed, 4 insertions(+), 0 deletions(-)
> 
> diff --git a/xen/common/domctl.c b/xen/common/domctl.c
> index a775aa3..2c1ca85 100644
> --- a/xen/common/domctl.c
> +++ b/xen/common/domctl.c
> @@ -263,6 +263,10 @@ long do_domctl(XEN_GUEST_HANDLE(xen_domctl_t) u_domctl)
>              return -EPERM;
>          break;
>      }
> +#ifdef XSM_ENABLE
> +    case XEN_DOMCTL_getdomaininfo:
> +        break;
> +#endif
>      default:
>          if ( !IS_PRIV(current->domain) )
>              return -EPERM;



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.