| commit | 14d015b6fcd0b94a1e0983f82fab3e144143a314 | |
| author | Paul Durrant <paul.durrant@citrix.com> | |
| Tue, 28 Mar 2017 15:54:55 +0000 (28 16:54 +0100) | ||
| committer | Stefano Stabellini <sstabellini@kernel.org> | |
| Fri, 21 Apr 2017 19:40:14 +0000 (21 12:40 -0700) | ||
| tree | f76729e37ccc73bc258be97566792edb1fb58aee | treesnapshot (tar.gz zip) |
| parent | 1c599472b02783ee80691bfdaa465af9fbf25c8a | commitdiff |
xen: additionally restrict xenforeignmemory operations
Commit f0f272baf3a7 "xen: use libxendevice model to restrict operations"
added a command-line option (-xen-domid-restrict) to limit operations
using the libxendevicemodel API to a specified domid. The commit also
noted that the restriction would be extended to cover operations issued
via other xen libraries by subsequent patches.
My recent Xen patch [1] added a call to the xenforeignmemory API to allow
it to be restricted. This patch now makes use of that new call when the
-xen-domid-restrict option is passed.
[1] http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=5823d6eb
Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
Commit f0f272baf3a7 "xen: use libxendevice model to restrict operations"
added a command-line option (-xen-domid-restrict) to limit operations
using the libxendevicemodel API to a specified domid. The commit also
noted that the restriction would be extended to cover operations issued
via other xen libraries by subsequent patches.
My recent Xen patch [1] added a call to the xenforeignmemory API to allow
it to be restricted. This patch now makes use of that new call when the
-xen-domid-restrict option is passed.
[1] http://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=5823d6eb
Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
| include/hw/xen/xen_common.h | diffblobblamehistory |