[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 14/20] tmem: Add access control check

>>> On 10.09.12 at 21:49, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> wrote:
> --- a/xen/common/tmem.c
> +++ b/xen/common/tmem.c
> @@ -23,6 +23,7 @@
>  #include <xen/radix-tree.h>
>  #include <xen/list.h>
>  #include <xen/init.h>
> +#include <xsm/xsm.h>
>  
>  #define EXPORT /* indicates code other modules are dependent upon */
>  #define FORWARD
> @@ -2540,11 +2541,10 @@ static NOINLINE int do_tmem_control(struct tmem_op 
> *op)
>      uint32_t subop = op->u.ctrl.subop;
>      OID *oidp = (OID *)(&op->u.ctrl.oid[0]);
>  
> -    if (!tmh_current_is_privileged())
> -    {
> -        /* don't fail... mystery: sometimes dom0 fails here */
> -        /* return -EPERM; */
> -    }
> +    ret = xsm_tmem_control(subop);
> +    if ( ret )
> +        return ret;
> +

This shouldn't be placed here literally, but rather be moved into the
tmh_current_is_privileged() - the file here is, afaict, intended to not
have Xen-specific code (except for the inclusion of tmem_xen.h, so
the comment also applies to the inclusion of xsm/xsm.h above). Plus
it probably ought to go on top of the pending tmem patch series.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.