From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alex Zeffertt <alex.zeffertt@eu.citrix.com>
Subject: [PATCH 17/24] [xen-unstable.hg] specifically whitelist
 VIRQ_DOM_EXC
 as a virq that may be redirected to a domU via new hypercall
Date: Mon, 23 Mar 2009 15:21:21 +0000
Message-ID: <49C7A8F1.3040400@eu.citrix.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="------------090005030103090101020908"
Return-path: <xen-devel-bounces@lists.xensource.com>
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>
List-Id: xen-devel@lists.xenproject.org

This is a multi-part message in MIME format.
--------------090005030103090101020908
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit




--------------090005030103090101020908
Content-Type: text/plain;
 name="xen_virq_handler_dom_exc"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="xen_virq_handler_dom_exc"

Whitelists VIRQ_DOM_EXC for handling, permissions exception.

I sent these to Keir in an earlier state. See the explanation with
xen_virq_handler_api.

Signed-off-by: Diego Ongaro <diego.ongaro@citrix.com>
Signed-off-by: Alex Zeffertt <alex.zeffertt@eu.citrix.com>
---

diff -r a8d818fa0ec9 xen/arch/ia64/xen/xensetup.c
--- a/xen/arch/ia64/xen/xensetup.c	Wed Mar 18 15:50:31 2009 +0000
+++ b/xen/arch/ia64/xen/xensetup.c	Wed Mar 18 15:56:13 2009 +0000
@@ -29,6 +29,7 @@
 #include <asm/iosapic.h>
 #include <xen/softirq.h>
 #include <xen/rcupdate.h>
+#include <xen/event.h>
 #include <xsm/acm/acm_hooks.h>
 #include <asm/sn/simulator.h>
 #include <asm/sal.h>
@@ -665,6 +666,8 @@
     dom0->is_privileged = 1;
     dom0->target = NULL;
 
+    set_global_virq_handler(dom0, VIRQ_DOM_EXC);
+
     /*
      * We're going to setup domain0 using the module(s) that we stashed safely
      * above our heap. The second module, if present, is an initrd ramdisk.
diff -r a8d818fa0ec9 xen/arch/x86/setup.c
--- a/xen/arch/x86/setup.c	Wed Mar 18 15:50:31 2009 +0000
+++ b/xen/arch/x86/setup.c	Wed Mar 18 15:56:13 2009 +0000
@@ -20,6 +20,7 @@
 #include <xen/rcupdate.h>
 #include <xen/vga.h>
 #include <xen/dmi.h>
+#include <xen/event.h>
 #include <public/version.h>
 #ifdef CONFIG_COMPAT
 #include <compat/platform.h>
@@ -997,6 +998,8 @@
     dom0->is_privileged = 1;
     dom0->target = NULL;
 
+    set_global_virq_handler(dom0, VIRQ_DOM_EXC);
+
     /* Grab the DOM0 command line. */
     cmdline = (char *)(mod[0].string ? __va(mod[0].string) : NULL);
     if ( (cmdline != NULL) || (kextra != NULL) )
diff -r a8d818fa0ec9 xen/common/domctl.c
--- a/xen/common/domctl.c	Wed Mar 18 15:50:31 2009 +0000
+++ b/xen/common/domctl.c	Wed Mar 18 15:56:13 2009 +0000
@@ -193,11 +193,13 @@
     long ret = 0;
     struct xen_domctl curop, *op = &curop;
 
-    if ( !IS_PRIV(current->domain) )
-        return -EPERM;
-
     if ( copy_from_guest(op, u_domctl, 1) )
         return -EFAULT;
+
+    if ( !IS_PRIV(current->domain) &&
+         !(op->cmd == XEN_DOMCTL_getdomaininfo &&
+           is_global_virq_handler(current->domain, VIRQ_DOM_EXC)) )
+        return -EPERM;
 
     if ( op->interface_version != XEN_DOMCTL_INTERFACE_VERSION )
         return -EACCES;



--------------090005030103090101020908
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

--------------090005030103090101020908--