[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xense-devel] XSM hook for mapping a grant ref
George et al,In another thread today, my attention has been drawn to the grant_operation_permitted() hook that is called when a domain attempts to map a grant reference. This effectively checks whether or not the mapping domain has any I/O memory capabilities, and allows the mapping if it does. The comment for this macro states that: "Until TLB flushing issues are sorted out we consider it unsafe for domains with no hardware-access privileges to perform grant map/ transfer operations." It seems reasonable that we could have trusted domains which one can assume will handle these situations gracefully. Hence, I think there is a case for an XSM hook that determines whether or not a domain is allowed to map any grants. Arguably, this could be combined with the check in xsm_map_grantref, though I would be unsurprised if there is a reason for the grant_operation_permitted hook residing where it is currently. This also raises the question of whether XSM should be integrated with the existing I/O capabilities system, so that there is one consistent view for a domain's privileges. Regards, Derek Murray. _______________________________________________ Xense-devel mailing list Xense-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xense-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |