[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [RFC PATCHv1] xen/privcmd: add IOCTL_PRIVCMD_RESTRICT_DOMID



On 07/28/2016 12:13 PM, David Vrabel wrote:
>
> diff --git a/drivers/xen/privcmd.c b/drivers/xen/privcmd.c
> index df2e6f7..513d1c5 100644
> --- a/drivers/xen/privcmd.c
> +++ b/drivers/xen/privcmd.c
> @@ -43,6 +43,18 @@ MODULE_LICENSE("GPL");
>  
>  #define PRIV_VMA_LOCKED ((void *)1)
>  
> +#define UNRESTRICTED_DOMID ((domid_t)-1)

This can probably go into a header file since you've used the same macro
for event channel restricted domains.

> +
> +struct privcmd_data {
> +     domid_t restrict_domid;
> +};
> +
> +static bool privcmd_is_allowed(struct privcmd_data *priv, domid_t domid)
> +{
> +     return priv->restrict_domid == UNRESTRICTED_DOMID
> +             || priv->restrict_domid == domid;
> +}

I also wonder whether this can be made useful to event channels (and
possibly other operations we might want to try restricting in the future).

-boris

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.