[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 3/3] xen/privcmd: add IOCTL_PRIVCMD_RESTRICT



> -----Original Message-----
> From: Jan Beulich [mailto:JBeulich@xxxxxxxx]
> Sent: 09 February 2017 14:43
> To: Paul Durrant <Paul.Durrant@xxxxxxxxxx>
> Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx; Boris Ostrovsky
> <boris.ostrovsky@xxxxxxxxxx>; Juergen Gross <JGross@xxxxxxxx>; linux-
> kernel@xxxxxxxxxxxxxxx
> Subject: Re: [Xen-devel] [PATCH 3/3] xen/privcmd: add
> IOCTL_PRIVCMD_RESTRICT
> 
> >>> On 09.02.17 at 15:17, <paul.durrant@xxxxxxxxxx> wrote:
> > @@ -666,6 +680,20 @@ static long privcmd_ioctl_dm_op(void __user
> *udata)
> >     return rc;
> >  }
> >
> > +static long privcmd_ioctl_restrict(struct file *file, void __user *udata)
> > +{
> > +   struct privcmd_data *data = file->private_data;
> > +   domid_t dom;
> > +
> > +   if (copy_from_user(&dom, udata, sizeof(dom)))
> > +           return -EFAULT;
> > +
> > +   /* Set restriction to the specified domain */
> > +   data->domid = dom;
> > +
> > +   return 0;
> > +}
> 
> Is it really intended for the caller to be able to undo this, by passing
> in DOMID_INVALID?

Good point. I was intending to fix that, but forgot.

  Paul

> 
> Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.