diff options
author | Keir Fraser <keir.fraser@citrix.com> | 2009-10-23 10:04:03 +0100 |
---|---|---|
committer | Keir Fraser <keir.fraser@citrix.com> | 2009-10-23 10:04:03 +0100 |
commit | 545a227dfc099af8b17b6842e097196192658c3e (patch) | |
tree | 032f432b459298c4071a3fbf3030b06f7fedd5d2 /xen/common/domctl.c | |
parent | 5dc1050805a0e379bcc273aa8b72db6aede34de5 (diff) | |
download | xen-545a227dfc099af8b17b6842e097196192658c3e.tar.gz xen-545a227dfc099af8b17b6842e097196192658c3e.tar.bz2 xen-545a227dfc099af8b17b6842e097196192658c3e.zip |
passthrough/stubdom: clean up hypercall privilege checking
This patch adds securty checks for pci passthrough related hypercalls
to enforce that the current domain owns the resources that it is about
to remap. It also adds a call to xc_assign_device to xend and removes
the PRIVILEGED_STUBDOMS flags.
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Diffstat (limited to 'xen/common/domctl.c')
-rw-r--r-- | xen/common/domctl.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/xen/common/domctl.c b/xen/common/domctl.c index 0b9ad758dd..290b9494dd 100644 --- a/xen/common/domctl.c +++ b/xen/common/domctl.c @@ -231,14 +231,12 @@ long do_domctl(XEN_GUEST_HANDLE(xen_domctl_t) u_domctl) case XEN_DOMCTL_ioport_mapping: case XEN_DOMCTL_memory_mapping: case XEN_DOMCTL_bind_pt_irq: - case XEN_DOMCTL_unbind_pt_irq: - case XEN_DOMCTL_assign_device: - case XEN_DOMCTL_deassign_device: { + case XEN_DOMCTL_unbind_pt_irq: { struct domain *d; bool_t is_priv = IS_PRIV(current->domain); if ( !is_priv && ((d = rcu_lock_domain_by_id(op->domain)) != NULL) ) { - is_priv = STUBDOM_IS_PRIV_FOR(current->domain, d); + is_priv = IS_PRIV_FOR(current->domain, d); rcu_unlock_domain(d); } if ( !is_priv ) |