On 10/10/16 15:21, Jan Beulich wrote: >>>> On 27.09.16 at 17:57, <roger....@citrix.com> wrote: >> --- a/xen/arch/x86/mm/p2m.c >> +++ b/xen/arch/x86/mm/p2m.c >> @@ -2793,7 +2793,7 @@ int p2m_add_foreign(struct domain *tdom, unsigned long >> fgfn, >> struct domain *fdom; >> >> ASSERT(tdom); >> - if ( foreigndom == DOMID_SELF || !is_pvh_domain(tdom) ) >> + if ( foreigndom == DOMID_SELF || !has_hvm_container_domain(tdom) ) >> return -EINVAL; > > Can PV domains make it here? If not, dropping the predicate would > seem the better adjustment.
Is there any chance that in the future PV domains might accidentally get here because of some other changes in the future? If so, leaving the predicate seems like a sensible precaution to reduce the risk of XSAs down the road, since we're doing a load of checking already anyway. ;-) At the moment, nobody's going to get past he "is_hardware_domain()" except dom0, but presumably that will change once we get driver domains implemented. -George _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
