Xen project Mailing List

Re: [Xen-devel] [PATCH] xen/arch/x86: remove IS_PRIV bypass on IRQ check

To: "Daniel De Graaf" <dgdegra@xxxxxxxxxxxxx>

From: "Jan Beulich" <JBeulich@xxxxxxxx>

Date: Thu, 18 Apr 2013 17:20:00 +0100

Cc: Keir Fraser <keir@xxxxxxx>, xen-devel@xxxxxxxxxxxxx

Delivery-date: Thu, 18 Apr 2013 16:19:30 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 18.04.13 at 18:11, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> wrote: > This prevents a process in dom0 from granting a domU access to an IRQ without > adding the IRQ to the domU's list of permitted IRQs. This operation > currently > succeeds in dom0 but would fail if the device model were running in a > stubdom, > so making the failure consistent should ease debugging of the device-model > stubdoms. I'm sorry for having lost half of your original patch - I know I resolved the conflicts with the security one, but apparently then popped it without first refreshing... Jan > Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> > Cc: Keir Fraser <keir@xxxxxxx> > Cc: Jan Beulich <jbeulich@xxxxxxxx> > --- > xen/arch/x86/domctl.c | 22 ++++++++-------------- > 1 file changed, 8 insertions(+), 14 deletions(-) > > diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c > index 9580390..c71df43 100644 > --- a/xen/arch/x86/domctl.c > +++ b/xen/arch/x86/domctl.c > @@ -566,8 +566,10 @@ long arch_do_domctl( > case XEN_DOMCTL_bind_pt_irq: > { > xen_domctl_bind_pt_irq_t * bind; > + int irq; > > bind = &(domctl->u.bind_pt_irq); > + irq = domain_pirq_to_irq(d, bind->machine_irq); > > ret = -EINVAL; > if ( !is_hvm_domain(d) ) > @@ -578,13 +580,8 @@ long arch_do_domctl( > break; > > ret = -EPERM; > - if ( !IS_PRIV(current->domain) ) > - { > - int irq = domain_pirq_to_irq(d, bind->machine_irq); > - > - if ( irq <= 0 || !irq_access_permitted(current->domain, irq) ) > - break; > - } > + if ( irq <= 0 || !irq_access_permitted(current->domain, irq) ) > + break; > > ret = -ESRCH; > if ( iommu_enabled ) > @@ -602,17 +599,14 @@ long arch_do_domctl( > case XEN_DOMCTL_unbind_pt_irq: > { > xen_domctl_bind_pt_irq_t * bind; > + int irq; > > bind = &(domctl->u.bind_pt_irq); > + irq = domain_pirq_to_irq(d, bind->machine_irq); > > ret = -EPERM; > - if ( !IS_PRIV(current->domain) ) > - { > - int irq = domain_pirq_to_irq(d, bind->machine_irq); > - > - if ( irq <= 0 || !irq_access_permitted(current->domain, irq) ) > - break; > - } > + if ( irq <= 0 || !irq_access_permitted(current->domain, irq) ) > + break; > > ret = xsm_unbind_pt_irq(XSM_HOOK, d, bind); > if ( ret ) > -- > 1.8.1.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.