From mboxrd@z Thu Jan  1 00:00:00 1970
From: Juergen Gross <jgross@suse.com>
Subject: Re: [PATCH v2 01/13] xen: add xenstore domain flag to
	hypervisor
Date: Tue, 5 Jan 2016 16:59:38 +0100
Message-ID: <568BE86A.8090900@suse.com>
References: <1450444471-6454-1-git-send-email-jgross@suse.com>
	<1450444471-6454-2-git-send-email-jgross@suse.com>
	<1452008808.13361.333.camel@citrix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <1452008808.13361.333.camel@citrix.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Ian Campbell <ian.campbell@citrix.com>, xen-devel@lists.xen.org, ian.jackson@eu.citrix.com, stefano.stabellini@eu.citrix.com, wei.liu2@citrix.com, dgdegra@tycho.nsa.gov
Cc: Tim Deegan <tim@xen.org>, Keir Fraser <keir@xen.org>, David Vrabel <david.vrabel@citrix.com>, Jan Beulich <jbeulich@suse.com>, Andrew Cooper <andrew.cooper3@citrix.com>
List-Id: xen-devel@lists.xenproject.org

On 05/01/16 16:46, Ian Campbell wrote:
> On Fri, 2015-12-18 at 14:14 +0100, Juergen Gross wrote:
>> diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
>> index 3fc3824..6304eb9 100644
>> --- a/xen/include/xsm/xsm.h
>> +++ b/xen/include/xsm/xsm.h
>> @@ -35,6 +35,7 @@ enum xsm_default {
>>      XSM_DM_PRIV,  /* Device model can perform on its target domain */
>>      XSM_TARGET,   /* Can perform on self or your target domain */
>>      XSM_PRIV,     /* Privileged - normally restricted to dom0 */
>> +    XSM_XS_PRIV,  /* Xenstore domain can obtain domain info */
> 
> Nit: This is conflating the semantic meaning of this bit with what the
> implementation happens to be in practice right now.
> 
> I'd say something more like "Privileged or operations allowed to a xenstore
> domain" perhaps.

I'll change it to: "Xenstore domain - can do some privileged operations"


Juergen