On 02/13/2017 12:03 PM, Paul Durrant wrote:
The purpose if this ioctl is to allow a user of privcmd to restrict its operation such that it will no longer service arbitrary hypercalls via IOCTL_PRIVCMD_HYPERCALL, and will check for a matching domid when servicing IOCTL_PRIVCMD_DM_OP.
and IOCTL_PRIVCMD_MMAP*.
The aim of this is to limit the attack surface for a compromised device model.
-boris