| commit | 1c599472b02783ee80691bfdaa465af9fbf25c8a | |
| author | Paul Durrant <paul.durrant@citrix.com> | |
| Wed, 22 Mar 2017 09:39:15 +0000 (22 09:39 +0000) | ||
| committer | Stefano Stabellini <sstabellini@kernel.org> | |
| Fri, 21 Apr 2017 19:40:14 +0000 (21 12:40 -0700) | ||
| tree | 10afa631ab372f500ae8af5793684ae6f17b0512 | treesnapshot (tar.gz zip) |
| parent | f1167ee684279bffabe7bb3ab23eff87577fe427 | commitdiff |
xen: use libxendevice model to restrict operations
This patch adds a command-line option (-xen-domid-restrict) which will
use the new libxendevicemodel API to restrict devicemodel [1] operations
to the specified domid. (Such operations are not applicable to the xenpv
machine type).
This patch also adds a tracepoint to allow successful enabling of the
restriction to be monitored.
[1] I.e. operations issued by libxendevicemodel. Operation issued by other
xen libraries (e.g. libxenforeignmemory) are currently still unrestricted
but this will be rectified by subsequent patches.
Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
This patch adds a command-line option (-xen-domid-restrict) which will
use the new libxendevicemodel API to restrict devicemodel [1] operations
to the specified domid. (Such operations are not applicable to the xenpv
machine type).
This patch also adds a tracepoint to allow successful enabling of the
restriction to be monitored.
[1] I.e. operations issued by libxendevicemodel. Operation issued by other
xen libraries (e.g. libxenforeignmemory) are currently still unrestricted
but this will be rectified by subsequent patches.
Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>