From: "Jan Beulich" <JBeulich@suse.com>
To: Andrew Cooper <andrew.cooper3@citrix.com>
Cc: Stefano Stabellini <sstabellini@kernel.org>,
Wei Liu <wei.liu2@citrix.com>,
George Dunlap <George.Dunlap@eu.citrix.com>,
Tim Deegan <tim@xen.org>, Ian Jackson <Ian.Jackson@eu.citrix.com>,
xen-devel <xen-devel@lists.xenproject.org>
Subject: Re: [PATCH v2] domctl: relax getdomaininfo permissions
Date: Fri, 05 Aug 2016 07:54:47 -0600 [thread overview]
Message-ID: <57A4B6C7020000780010339C@prv-mh.provo.novell.com> (raw)
In-Reply-To: <c0e3b1d9-6a25-21dc-36bc-833e5853ec7b@citrix.com>
>>> On 05.08.16 at 15:10, <andrew.cooper3@citrix.com> wrote:
> On 05/08/16 12:20, Jan Beulich wrote:
>> I wonder what good the duplication of the returned domain ID does: I'm
>> tempted to remove the one in the command-specific structure. Does
>> anyone have insight into why it was done that way?
>
> I wonder whether the first incarnation of this hypercall lacked a domid
> field in the returned structure? It seems like the kind of thing which
> would be omitted, until the sysctl list version got introduced.
Oh, good point - that makes clear why the field can't be dropped:
That sysctl would break then.
>> --- a/xen/include/xsm/dummy.h
>> +++ b/xen/include/xsm/dummy.h
>> @@ -61,7 +61,12 @@ static always_inline int xsm_default_act
>> return 0;
>> case XSM_TARGET:
>> if ( src == target )
>> + {
>> return 0;
>> + case XSM_XS_PRIV:
>> + if ( src->is_xenstore )
>> + return 0;
>> + }
>> /* fall through */
>> case XSM_DM_PRIV:
>> if ( target && src->target == target )
>> @@ -71,10 +76,6 @@ static always_inline int xsm_default_act
>> if ( src->is_privileged )
>> return 0;
>> return -EPERM;
>> - case XSM_XS_PRIV:
>> - if ( src->is_xenstore || src->is_privileged )
>> - return 0;
>> - return -EPERM;
>> default:
>> LINKER_BUG_ON(1);
>> return -EPERM;
>
> What is this change in relation to? I can't see how it is related to
> the XSM changes mentioned in the commit, as that is strictly for the use
> of XSM_OTHER.
I don't see any XSM changes mentioned in the description, there
was only the XSM_OTHER related question outside the description.
Anyway - the change above is what guarantees the XSM_XS_PRIV
check, as invoked by xsm_domctl()'s XEN_DOMCTL_getdomaininfo
case, to fall through into XSM_DM_PRIV - after all that's what the
whole patch is about.
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-08-05 13:54 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-05 11:20 [PATCH v2] domctl: relax getdomaininfo permissions Jan Beulich
2016-08-05 13:10 ` Andrew Cooper
2016-08-05 13:54 ` Jan Beulich [this message]
2016-08-05 17:07 ` Andrew Cooper
2016-08-08 6:12 ` Jan Beulich
2016-08-11 10:54 ` Andrew Cooper
2016-08-11 11:33 ` Jan Beulich
2016-08-16 21:42 ` Daniel De Graaf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=57A4B6C7020000780010339C@prv-mh.provo.novell.com \
--to=jbeulich@suse.com \
--cc=George.Dunlap@eu.citrix.com \
--cc=Ian.Jackson@eu.citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=sstabellini@kernel.org \
--cc=tim@xen.org \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.