Re: [Xen-devel] [PATCH 3/3] xen/privcmd: add IOCTL_PRIVCMD_RESTRICT

From: Jan Beulich
Date: Thu Feb 09 2017 - 09:43:33 EST

Next message: Rajneesh Bhardwaj: "Re: [PATCH] platform/x86: intel_pmc_ipc: read s0ix residency API"
Previous message: Stuart Yoder: "[PATCH] staging: fsl-mc: update MAINTAINERS"
In reply to: Paul Durrant: "[PATCH 3/3] xen/privcmd: add IOCTL_PRIVCMD_RESTRICT"
Next in thread: Paul Durrant: "RE: [Xen-devel] [PATCH 3/3] xen/privcmd: add IOCTL_PRIVCMD_RESTRICT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>> On 09.02.17 at 15:17, <paul.durrant@xxxxxxxxxx> wrote:
> @@ -666,6 +680,20 @@ static long privcmd_ioctl_dm_op(void __user *udata)
> return rc;
> }
>
> +static long privcmd_ioctl_restrict(struct file *file, void __user *udata)
> +{
> + struct privcmd_data *data = file->private_data;
> + domid_t dom;
> +
> + if (copy_from_user(&dom, udata, sizeof(dom)))
> + return -EFAULT;
> +
> + /* Set restriction to the specified domain */
> + data->domid = dom;
> +
> + return 0;
> +}

Is it really intended for the caller to be able to undo this, by passing
in DOMID_INVALID?

Jan

Next message: Rajneesh Bhardwaj: "Re: [PATCH] platform/x86: intel_pmc_ipc: read s0ix residency API"
Previous message: Stuart Yoder: "[PATCH] staging: fsl-mc: update MAINTAINERS"
In reply to: Paul Durrant: "[PATCH 3/3] xen/privcmd: add IOCTL_PRIVCMD_RESTRICT"
Next in thread: Paul Durrant: "RE: [Xen-devel] [PATCH 3/3] xen/privcmd: add IOCTL_PRIVCMD_RESTRICT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]