Make explicit at the call sites what (default) permission is required.
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
--- a/xen/arch/x86/domctl.c
+++ b/xen/arch/x86/domctl.c
@@ -331,7 +331,7 @@ long arch_do_domctl(
/* Games to allow this code block to handle a compat guest. */
void __user *guest_handle = domctl->u.getpageframeinfo3.array.p;
- ret = xsm_domctl(XSM_OTHER, d, domctl);
+ ret = xsm_domctl(XSM_PRIV, d, domctl);
if ( ret )
break;
--- a/xen/arch/x86/mm/paging.c
+++ b/xen/arch/x86/mm/paging.c
@@ -743,7 +743,7 @@ long do_paging_domctl_cont(
if ( d == NULL )
return -ESRCH;
- ret = xsm_domctl(XSM_OTHER, d, &op);
+ ret = xsm_domctl(XSM_PRIV, d, &op);
if ( !ret )
{
bool lock = !(op.u.shadow_op.op == XEN_DOMCTL_SHADOW_OP_CLEAN ||
--- a/xen/common/domctl.c
+++ b/xen/common/domctl.c
@@ -516,7 +516,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe
if ( op->u.shadow_op.op == XEN_DOMCTL_SHADOW_OP_CLEAN ||
op->u.shadow_op.op == XEN_DOMCTL_SHADOW_OP_PEEK )
{
- ret = xsm_domctl(XSM_OTHER, d, op);
+ ret = xsm_domctl(XSM_PRIV, d, op);
if ( !ret )
ret = arch_do_domctl(op, d, u_domctl);
goto domctl_out_unlock_rcuonly;
@@ -542,7 +542,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe
break;
}
- ret = xsm_domctl(XSM_OTHER, d, op);
+ ret = xsm_domctl(XSM_PRIV, d, op);
if ( ret )
goto domctl_out_unlock_rcuonly;
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -157,7 +157,7 @@ static XSM_INLINE int cf_check xsm_set_t
static XSM_INLINE int cf_check xsm_domctl(
XSM_DEFAULT_ARG struct domain *d, struct xen_domctl *op)
{
- XSM_ASSERT_ACTION(XSM_OTHER);
+ XSM_ASSERT_ACTION(XSM_PRIV);
switch ( op->cmd )
{
case XEN_DOMCTL_bind_pt_irq:
@@ -176,7 +176,7 @@ static XSM_INLINE int cf_check xsm_domct
return -EILSEQ;
default:
- return xsm_default_action(XSM_PRIV, current->domain, d);
+ return xsm_default_action(action, current->domain, d);
}
}
