On 01/08/16 12:15, Jan Beulich wrote:
On 11.07.16 at 16:57, wrote:
>> @@ -553,6 +570,27 @@ static long evtchn_ioctl(struct file *file,
>> break;
>> }
>>
>> +case IOCTL_EVTCHN_RESTRICT_DOMID: {
>> +struct ioctl_evtchn_restrict_domid ierd;
>> +
>> +
>>> On 11.07.16 at 16:57, wrote:
> @@ -553,6 +570,27 @@ static long evtchn_ioctl(struct file *file,
> break;
> }
>
> + case IOCTL_EVTCHN_RESTRICT_DOMID: {
> + struct ioctl_evtchn_restrict_domid ierd;
> +
> + rc = -EACCES;
> + if (u->res
On 07/11/2016 12:44 PM, David Vrabel wrote:
> On 11/07/16 17:33, Andrew Cooper wrote:
>> On 11/07/16 17:15, David Vrabel wrote:
>>> On 11/07/16 16:31, Boris Ostrovsky wrote:
On 07/11/2016 10:57 AM, David Vrabel wrote:
> diff --git a/include/uapi/xen/evtchn.h b/include/uapi/xen/evtchn.h
>>>
On 11/07/16 17:33, Andrew Cooper wrote:
> On 11/07/16 17:15, David Vrabel wrote:
>> On 11/07/16 16:31, Boris Ostrovsky wrote:
>>> On 07/11/2016 10:57 AM, David Vrabel wrote:
diff --git a/include/uapi/xen/evtchn.h b/include/uapi/xen/evtchn.h
index 14e833ee4..f057b53 100644
--- a/inclu
On 11/07/16 17:15, David Vrabel wrote:
> On 11/07/16 16:31, Boris Ostrovsky wrote:
>> On 07/11/2016 10:57 AM, David Vrabel wrote:
>>> diff --git a/include/uapi/xen/evtchn.h b/include/uapi/xen/evtchn.h
>>> index 14e833ee4..f057b53 100644
>>> --- a/include/uapi/xen/evtchn.h
>>> +++ b/include/uapi/xen
On 11/07/16 16:31, Boris Ostrovsky wrote:
> On 07/11/2016 10:57 AM, David Vrabel wrote:
>> diff --git a/include/uapi/xen/evtchn.h b/include/uapi/xen/evtchn.h
>> index 14e833ee4..f057b53 100644
>> --- a/include/uapi/xen/evtchn.h
>> +++ b/include/uapi/xen/evtchn.h
>> @@ -85,4 +85,19 @@ struct ioctl_e
On 07/11/2016 10:57 AM, David Vrabel wrote:
> diff --git a/include/uapi/xen/evtchn.h b/include/uapi/xen/evtchn.h
> index 14e833ee4..f057b53 100644
> --- a/include/uapi/xen/evtchn.h
> +++ b/include/uapi/xen/evtchn.h
> @@ -85,4 +85,19 @@ struct ioctl_evtchn_notify {
> #define IOCTL_EVTCHN_RESET
IOCTL_EVTCHN_RESTRICT limits the file descriptor to being able to bind
to interdomain event channels from a specific domain. Event channels
that are already bound continue to work for sending and receiving
notifications.
This is useful as part of deprivileging a user space PV backend or
device mo