At 12:43 -0800 on 15 Jan (1421322197), Ed White wrote: > On 01/15/2015 09:09 AM, Tim Deegan wrote: > > Hi, > > > > These _definitely_ need XSM checks, otherwise any domain can call them > > on any other! I think you can probably copy the other p2m-munging > > operations to see how to make a sensible default policy. > > Understood. I'll look at this subject again, but it's an area where > I could really use some help. There aren't any similar hypercalls that > I could find where the target domain and source domain may or may not > be the same, and the processing required varies depending on which is > the case.
Yeah, this stuff is a bit non-obvious. IIUC what you want is basically for all these operations to be available to either the VM itself or a privileged helper in another domain. The shorthand for that is XSM_TARGET, so you should be ok with something like rc = xsm_hvm_control(XSM_TARGET, d, op); Cheers, Tim. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
