>>> On 09.02.17 at 16:56, <[email protected]> wrote: > On 09/02/17 15:50, Boris Ostrovsky wrote: >> >> >> On 02/09/2017 09:27 AM, Paul Durrant wrote: >>>> -----Original Message----- >>>> From: Paul Durrant [mailto:[email protected]] >>>> Sent: 09 February 2017 14:18 >>>> To: [email protected]; [email protected] >>>> Cc: Paul Durrant <[email protected]>; Boris Ostrovsky >>>> <[email protected]>; Juergen Gross <[email protected]> >>>> Subject: [PATCH 2/3] xen/privcmd: Add IOCTL_PRIVCMD_DM_OP >>>> >>>> Recently a new dm_op[1] hypercall was added to Xen to provide a >>>> mechanism >>>> for restricting device emulators (such as QEMU) to a limited set of >>>> hypervisor operations, and being able to audit those operations in the >>>> kernel of the domain in which they run. >>>> >>>> This patch adds IOCTL_PRIVCMD_DM_OP as gateway for >>>> __HYPERVISOR_dm_op, >>>> bouncing the callers buffers through kernel memory to allow the address >>>> ranges to be audited (and negating the need to bounce through locked >>>> memory in user-space). >>> >>> Actually, it strikes me (now that I've posted the patch) that I >>> should probably just mlock the user buffers rather than bouncing them >>> through kernel... Anyway, I'd still appreciate review on other >>> aspects of the patch. >> >> >> Are you suggesting that the caller (user) mlocks the buffers? > > Doesn't libxc already use the hypercall buffer API for each of the buffers? > > The kernel oughtn’t to need to do anything special to the user pointers > it has, other than call access_ok() on them.
And translate 32-bit layout to 64-bit for a compat caller. Jan
