From: Keir Fraser <keir@xen.org>
To: Daniel De Graaf <dgdegra@tycho.nsa.gov>, xen-devel@lists.xensource.com
Subject: Re: [PATCH 03/18] xsm: allow use of XEN_DOMCTL_getdomaininfo by non-IS_PRIV domains
Date: Wed, 11 Jan 2012 17:27:09 +0000 [thread overview]
Message-ID: <CB3376ED.3724E%keir@xen.org> (raw)
In-Reply-To: <1326302490-19428-4-git-send-email-dgdegra@tycho.nsa.gov>
On 11/01/2012 17:21, "Daniel De Graaf" <dgdegra@tycho.nsa.gov> wrote:
> This domctl does not allow manipulation of domains, only basic
> information such as size and state. XSM modules can also provide
> fine-grained control over what domains are visible to domains that call
> getdomaininfo.
Well there's a reason we might not disallow the hypercall. But why would we
actually care to allow it?
-- Keir
> Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
> ---
> xen/common/domctl.c | 4 ++++
> 1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/xen/common/domctl.c b/xen/common/domctl.c
> index a775aa3..2c1ca85 100644
> --- a/xen/common/domctl.c
> +++ b/xen/common/domctl.c
> @@ -263,6 +263,10 @@ long do_domctl(XEN_GUEST_HANDLE(xen_domctl_t) u_domctl)
> return -EPERM;
> break;
> }
> +#ifdef XSM_ENABLE
> + case XEN_DOMCTL_getdomaininfo:
> + break;
> +#endif
> default:
> if ( !IS_PRIV(current->domain) )
> return -EPERM;
next prev parent reply other threads:[~2012-01-11 17:27 UTC|newest]
Thread overview: 128+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-11 17:21 [RFC PATCH 0/18] Xenstore stub domain Daniel De Graaf
2012-01-11 17:21 ` [PATCH 01/18] xen: reinstate previously unused XENMEM_remove_from_physmap hypercall Daniel De Graaf
2012-01-12 8:22 ` Jan Beulich
2012-01-11 17:21 ` [PATCH 02/18] xen: allow global VIRQ handlers to be delegated to other domains Daniel De Graaf
2012-01-12 8:43 ` Jan Beulich
2012-01-11 17:21 ` [PATCH 03/18] xsm: allow use of XEN_DOMCTL_getdomaininfo by non-IS_PRIV domains Daniel De Graaf
2012-01-11 17:27 ` Keir Fraser [this message]
2012-01-11 17:36 ` Daniel De Graaf
2012-01-11 17:49 ` Keir Fraser
2012-01-11 17:21 ` [PATCH 04/18] xen: Preserve reserved grant entries when switching versions Daniel De Graaf
2012-01-12 8:53 ` Jan Beulich
2012-01-12 9:49 ` Ian Campbell
2012-01-12 9:56 ` Ian Campbell
2012-01-11 17:21 ` [PATCH 05/18] tools/libxl: Add xenstore and console backend domain IDs to config Daniel De Graaf
2012-01-11 17:21 ` [PATCH 06/18] lib{xc, xl}: Seed grant tables with xenstore and console grants Daniel De Graaf
2012-01-12 9:59 ` Ian Campbell
2012-01-12 15:11 ` Daniel De Graaf
2012-01-12 16:12 ` Ian Campbell
2012-01-12 17:21 ` Ian Jackson
2012-01-12 17:32 ` Daniel De Graaf
2012-01-12 17:35 ` Ian Jackson
2012-01-12 17:38 ` Ian Campbell
2012-01-12 17:47 ` Daniel De Graaf
2012-01-11 17:21 ` [PATCH 07/18] mini-os: avoid crash if no console is provided Daniel De Graaf
2012-01-12 10:03 ` Ian Campbell
2012-01-12 17:56 ` Daniel De Graaf
2012-01-18 10:21 ` Ian Campbell
2012-01-11 17:21 ` [PATCH 08/18] mini-os: avoid crash if no xenstore " Daniel De Graaf
2012-01-11 17:21 ` [PATCH 09/18] mini-os: remove per-fd evtchn limit Daniel De Graaf
2012-01-11 17:21 ` [PATCH 10/18] xenstored: use grant references instead of map_foreign_range Daniel De Graaf
2012-01-11 17:21 ` [PATCH 11/18] xenstored: add NO_SOCKETS compilation option Daniel De Graaf
2012-01-12 10:05 ` Ian Campbell
2012-01-11 17:21 ` [PATCH 12/18] xenstored support for in-memory rather than FS based trivial DB (needed to run on mini-OS) Daniel De Graaf
2012-01-11 17:21 ` [PATCH 13/18] xenstored: support running in minios stubdom Daniel De Graaf
2012-01-11 17:21 ` [PATCH 14/18] xenstored: always use xc_gnttab_munmap in stubdom Daniel De Graaf
2012-01-11 17:21 ` [PATCH 15/18] xenstored: add --event parameter for bootstrapping Daniel De Graaf
2012-01-11 17:21 ` [PATCH 16/18] xenstored: pull dom0 event port from shared page Daniel De Graaf
2012-01-11 17:21 ` [PATCH 17/18] xenstored: use domain_is_unprivileged instead of checking conn->id Daniel De Graaf
2012-01-11 17:21 ` [PATCH 18/18] xenstored: add --priv-domid parameter Daniel De Graaf
2012-01-12 10:20 ` Ian Campbell
2012-01-12 15:37 ` Daniel De Graaf
2012-01-11 17:22 ` [PATCH] xenbus: Add support for xenbus backend in stub domain Daniel De Graaf
2012-01-12 8:59 ` Jan Beulich
2012-01-12 15:28 ` Daniel De Graaf
2012-01-12 15:40 ` Jan Beulich
2012-01-12 15:58 ` Daniel De Graaf
2012-01-12 9:51 ` [RFC PATCH 0/18] Xenstore " Ian Campbell
2012-01-12 9:57 ` Ian Campbell
2012-01-12 23:32 ` Daniel De Graaf
2012-01-12 10:33 ` Joanna Rutkowska
2012-01-12 10:48 ` Tim Deegan
2012-01-12 11:18 ` On Dom0 disaggregation (was: Re: [RFC PATCH 0/18] Xenstore stub domain) Joanna Rutkowska
2012-01-12 12:13 ` Tim Deegan
2012-01-12 13:30 ` On Dom0 disaggregation Joanna Rutkowska
2012-01-12 14:21 ` Tim Deegan
2012-01-12 14:23 ` Mihir Nanavati
2012-01-12 11:27 ` [RFC PATCH 0/18] Xenstore stub domain Ian Campbell
2012-01-12 11:33 ` Vasiliy Tolstov
2012-01-12 11:46 ` Ian Campbell
2012-01-12 11:35 ` Joanna Rutkowska
2012-01-12 11:46 ` Ian Campbell
2012-01-12 11:00 ` Keir Fraser
2012-01-12 16:12 ` Daniel De Graaf
2012-01-12 23:35 ` [PATCH v2 00/18] " Daniel De Graaf
2012-01-12 23:35 ` [PATCH 01/18] xen: reinstate previously unused XENMEM_remove_from_physmap hypercall Daniel De Graaf
2012-01-13 7:56 ` Jan Beulich
2012-01-18 10:36 ` Ian Campbell
2012-01-18 14:56 ` Daniel De Graaf
2012-01-18 16:06 ` Ian Campbell
2012-01-18 19:07 ` Daniel De Graaf
2012-01-19 10:32 ` Ian Campbell
2012-01-12 23:35 ` [PATCH 02/18] xen: allow global VIRQ handlers to be delegated to other domains Daniel De Graaf
2012-01-13 8:03 ` Jan Beulich
2012-01-13 13:58 ` Daniel De Graaf
2012-01-13 15:32 ` Jan Beulich
2012-01-18 10:39 ` Ian Campbell
2012-01-18 11:28 ` Jan Beulich
2012-01-18 11:44 ` Ian Campbell
2012-01-12 23:35 ` [PATCH 03/18] xen: use XSM instead of IS_PRIV for getdomaininfo Daniel De Graaf
2012-01-12 23:35 ` [PATCH 04/18] xen: Preserve reserved grant entries when switching versions Daniel De Graaf
2012-01-13 8:07 ` Jan Beulich
2012-01-18 10:43 ` Ian Campbell
2012-01-12 23:35 ` [PATCH 05/18] tools/libxl: pull xenstore/console domids from xenstore Daniel De Graaf
2012-01-18 10:47 ` Ian Campbell
2012-01-12 23:35 ` [PATCH 06/18] lib{xc, xl}: Seed grant tables with xenstore and console grants Daniel De Graaf
2012-01-18 11:05 ` Ian Campbell
2012-01-20 20:24 ` Daniel De Graaf
2012-01-12 23:35 ` [PATCH 07/18] mini-os: avoid crash if no console is provided Daniel De Graaf
2012-01-18 11:06 ` Ian Campbell
2012-01-12 23:35 ` [PATCH 08/18] mini-os: avoid crash if no xenstore " Daniel De Graaf
2012-01-18 11:08 ` Ian Campbell
2012-01-12 23:35 ` [PATCH 09/18] mini-os: remove per-fd evtchn limit Daniel De Graaf
2012-01-18 11:10 ` Ian Campbell
2012-01-12 23:35 ` [PATCH 10/18] xenstored: use grant references instead of map_foreign_range Daniel De Graaf
2012-01-18 11:15 ` Ian Campbell
2012-01-18 18:18 ` Daniel De Graaf
2012-01-12 23:35 ` [PATCH 11/18] xenstored: add NO_SOCKETS compilation option Daniel De Graaf
2012-01-18 11:23 ` Ian Campbell
2012-01-12 23:35 ` [PATCH 12/18] xenstored support for in-memory rather than FS based trivial DB (needed to run on mini-OS) Daniel De Graaf
2012-01-18 11:27 ` Ian Campbell
2012-01-12 23:35 ` [PATCH 13/18] xenstored: support running in minios stubdom Daniel De Graaf
2012-01-18 11:33 ` Ian Campbell
2012-01-18 17:13 ` Ian Jackson
2012-01-18 17:35 ` Ian Campbell
2012-01-24 16:24 ` Ian Jackson
2012-01-12 23:35 ` [PATCH 14/18] xenstored: always use xc_gnttab_munmap in stubdom Daniel De Graaf
2012-01-12 23:35 ` [PATCH 15/18] xenstored: add --event parameter for bootstrapping Daniel De Graaf
2012-01-18 11:35 ` Ian Campbell
2012-01-12 23:35 ` [PATCH 16/18] xenstored: use domain_is_unprivileged instead of checking conn->id Daniel De Graaf
2012-01-18 11:44 ` Ian Campbell
2012-01-18 18:31 ` Daniel De Graaf
2012-01-12 23:35 ` [PATCH 17/18] xenstored: add --priv-domid parameter Daniel De Graaf
2012-01-18 11:48 ` Ian Campbell
2012-01-18 14:41 ` Daniel De Graaf
2012-01-18 14:47 ` Ian Campbell
2012-01-12 23:35 ` [PATCH 18/18] xenstored: Add stub domain builder Daniel De Graaf
2012-01-18 11:50 ` Ian Campbell
2012-01-12 23:36 ` [PATCH] xenbus: Add support for xenbus backend in stub domain Daniel De Graaf
2012-01-13 8:20 ` Jan Beulich
2012-01-13 14:06 ` Daniel De Graaf
2012-01-13 15:37 ` Jan Beulich
2012-01-13 15:44 ` Daniel De Graaf
2012-01-13 16:00 ` Jan Beulich
2012-01-13 17:42 ` Daniel De Graaf
2012-01-16 8:19 ` Jan Beulich
2012-01-18 12:07 ` Ian Campbell
2012-01-18 14:44 ` Daniel De Graaf
2012-01-18 10:23 ` [PATCH v2 00/18] Xenstore " Ian Campbell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CB3376ED.3724E%keir@xen.org \
--to=keir@xen.org \
--cc=dgdegra@tycho.nsa.gov \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).