[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] xen/arch/x86: remove IS_PRIV bypass on IRQ check

To: JBeulich@xxxxxxxx
From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Date: Thu, 18 Apr 2013 12:11:14 -0400
Cc: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, Keir Fraser <keir@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, xen-devel@xxxxxxxxxxxxx
Delivery-date: Thu, 18 Apr 2013 16:12:05 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

This prevents a process in dom0 from granting a domU access to an IRQ without
adding the IRQ to the domU's list of permitted IRQs. This operation currently
succeeds in dom0 but would fail if the device model were running in a stubdom,
so making the failure consistent should ease debugging of the device-model
stubdoms.

Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Cc: Keir Fraser <keir@xxxxxxx>
Cc: Jan Beulich <jbeulich@xxxxxxxx>
---
 xen/arch/x86/domctl.c | 22 ++++++++--------------
 1 file changed, 8 insertions(+), 14 deletions(-)

diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c
index 9580390..c71df43 100644
--- a/xen/arch/x86/domctl.c
+++ b/xen/arch/x86/domctl.c
@@ -566,8 +566,10 @@ long arch_do_domctl(
     case XEN_DOMCTL_bind_pt_irq:
     {
         xen_domctl_bind_pt_irq_t * bind;
+        int irq;
 
         bind = &(domctl->u.bind_pt_irq);
+        irq = domain_pirq_to_irq(d, bind->machine_irq);
 
         ret = -EINVAL;
         if ( !is_hvm_domain(d) )
@@ -578,13 +580,8 @@ long arch_do_domctl(
             break;
 
         ret = -EPERM;
-        if ( !IS_PRIV(current->domain) )
-        {
-            int irq = domain_pirq_to_irq(d, bind->machine_irq);
-
-            if ( irq <= 0 || !irq_access_permitted(current->domain, irq) )
-                break;
-        }
+        if ( irq <= 0 || !irq_access_permitted(current->domain, irq) )
+            break;
 
         ret = -ESRCH;
         if ( iommu_enabled )
@@ -602,17 +599,14 @@ long arch_do_domctl(
     case XEN_DOMCTL_unbind_pt_irq:
     {
         xen_domctl_bind_pt_irq_t * bind;
+        int irq;
 
         bind = &(domctl->u.bind_pt_irq);
+        irq = domain_pirq_to_irq(d, bind->machine_irq);
 
         ret = -EPERM;
-        if ( !IS_PRIV(current->domain) )
-        {
-            int irq = domain_pirq_to_irq(d, bind->machine_irq);
-
-            if ( irq <= 0 || !irq_access_permitted(current->domain, irq) )
-                break;
-        }
+        if ( irq <= 0 || !irq_access_permitted(current->domain, irq) )
+            break;
 
         ret = xsm_unbind_pt_irq(XSM_HOOK, d, bind);
         if ( ret )
-- 
1.8.1.4


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] xen/arch/x86: remove IS_PRIV bypass on IRQ check
  - From: Jan Beulich

References:
- Re: [Xen-devel] [PATCH v3 0/11] Rename/remove IS_PRIV
  - From: Daniel De Graaf

Prev by Date: Re: [Xen-devel] [PATCH v3 0/11] Rename/remove IS_PRIV
Next by Date: [Xen-devel] [xen-unstable test] 17716: regressions - FAIL
Previous by thread: Re: [Xen-devel] [PATCH v3 0/11] Rename/remove IS_PRIV
Next by thread: Re: [Xen-devel] [PATCH] xen/arch/x86: remove IS_PRIV bypass on IRQ check
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.