Allow hwdom all perms, except XSM_PRIV, and except commands where the
target is the control domain. This protects the control domain from
hwdom while allowing the hardware domain to serve as the backend and
device model for other domUs.
Signed-off-by: Jason Andryuk <jason.andr...@amd.com>
---
xen/include/xsm/dummy.h | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index 9e6bc0ed12..294777e904 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -98,9 +98,12 @@ static always_inline int xsm_default_action(
case XSM_HW_PRIV:
if ( is_control_domain(src) && action != XSM_HW_PRIV )
return 0;
- if ( is_hardware_domain(src) &&
- (action == XSM_HW_PRIV || action == XSM_DM_PRIV) )
+ if ( is_hardware_domain(src) && action != XSM_PRIV )
+ {
+ if ( target && is_control_domain(target) )
+ return -EPERM;
return 0;
+ }
return -EPERM;
default:
LINKER_BUG_ON(1);
--
2.48.1
