[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH v3 1/2] xsm: add config option for denied string



Signed-off-by: Sergey Dyasli <sergey.dyasli@xxxxxxxxxx>
---
v2 --> v3:
- new patch

CC: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CC: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>
CC: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
CC: Jan Beulich <jbeulich@xxxxxxxx>
CC: Julien Grall <julien@xxxxxxx>
CC: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
CC: Stefano Stabellini <sstabellini@xxxxxxxxxx>
CC: Wei Liu <wl@xxxxxxx>
CC: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
CC: Doug Goldstein <cardoe@xxxxxxxxxx>
---
 xen/common/Kconfig   | 8 ++++++++
 xen/common/version.c | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/xen/common/Kconfig b/xen/common/Kconfig
index b3d161d057..f0a3f0da0f 100644
--- a/xen/common/Kconfig
+++ b/xen/common/Kconfig
@@ -236,6 +236,14 @@ choice
                bool "SILO" if XSM_SILO
 endchoice
 
+config XSM_DENIED_STRING
+       string "xen_version denied string"
+       default "<denied>"
+       depends on XSM
+       ---help---
+         A string which substitutes sensitive information returned via
+         xen_version hypercall to non-privileged guests
+
 config LATE_HWDOM
        bool "Dedicated hardware domain"
        default n
diff --git a/xen/common/version.c b/xen/common/version.c
index 937eb1281c..14b205af48 100644
--- a/xen/common/version.c
+++ b/xen/common/version.c
@@ -67,7 +67,7 @@ const char *xen_banner(void)
 
 const char *xen_deny(void)
 {
-    return "<denied>";
+    return CONFIG_XSM_DENIED_STRING;
 }
 
 static const void *build_id_p __read_mostly;
-- 
2.17.1


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.