[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 03/18] xsm: allow use of XEN_DOMCTL_getdomaininfo by non-IS_PRIV domains

  • To: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>
  • From: Keir Fraser <keir@xxxxxxx>
  • Date: Wed, 11 Jan 2012 17:49:14 +0000
  • Delivery-date: Wed, 11 Jan 2012 17:49:41 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xensource.com>
  • Thread-index: AczQhj8dJea+/L5bxUK9kA9FOZNvHAAAxXAQ
  • Thread-topic: [Xen-devel] [PATCH 03/18] xsm: allow use of XEN_DOMCTL_getdomaininfo by non-IS_PRIV domains
On 11/01/2012 17:27, "Keir Fraser" <keir@xxxxxxx> wrote:

> On 11/01/2012 17:21, "Daniel De Graaf" <dgdegra@xxxxxxxxxxxxx> wrote:
> 
>> This domctl does not allow manipulation of domains, only basic
>> information such as size and state. XSM modules can also provide
>> fine-grained control over what domains are visible to domains that call
>> getdomaininfo.
> 
> Well there's a reason we might not disallow the hypercall. But why would we
> actually care to allow it?

Ah, I've now seen patch 00/18, so this is for xenstore stubdom.

Also this applies only to the XSM-enabled case, and just allows you to get
as far as the finer-grained xsm_getdomaininfo() check. Somehow I got the
ifdef the wrong way round in my head!

Okay, makes a lot of sense. However, if the dummy xsm module is supposed to
behave very similarly to a !XSM_ENABLE build (which is what I personally
would expect), then I think dummy_getdomaininfo() should be changed to
return 0 only when IS_PRIV(current->domain).

This of course will require a 'proper' XSM setup to be able to use the
xenstore stubdom, but probably setting eg XSM/Flask should be a core part of
setting up such a hardened Xen host anyway.

 -- Keir

>  -- Keir
> 
>> Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
>> ---
>>  xen/common/domctl.c |    4 ++++
>>  1 files changed, 4 insertions(+), 0 deletions(-)
>> 
>> diff --git a/xen/common/domctl.c b/xen/common/domctl.c
>> index a775aa3..2c1ca85 100644
>> --- a/xen/common/domctl.c
>> +++ b/xen/common/domctl.c
>> @@ -263,6 +263,10 @@ long do_domctl(XEN_GUEST_HANDLE(xen_domctl_t) u_domctl)
>>              return -EPERM;
>>          break;
>>      }
>> +#ifdef XSM_ENABLE
>> +    case XEN_DOMCTL_getdomaininfo:
>> +        break;
>> +#endif
>>      default:
>>          if ( !IS_PRIV(current->domain) )
>>              return -EPERM;
> 
> 



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.