Jan Beulich writes ("[PATCH] domctl: relax getdomaininfo permissions"):
> Qemu needs access to this for the domain it controls, both due to it
> being used by xc_domain_memory_mapping() (which qemu calls) and the
> explicit use in hw/xenpv/xen_domainbuild.c:xen_domain_poll().
>
> This at once avoids a for_each_domain() loop when the ID of an
> existing domain gets passed in.
>
> Reported-by: Marek Marczykowski-Górecki <marma...@invisiblethingslab.com>
> Signed-off-by: Jan Beulich <jbeul...@suse.com>
This commit message does not seem to say, AFAICT, what the new
permissions check is. Do you mean to make this available to all
domains, or just to device model domains ? (I wasn't able to figure
that out easily by reading the patch...)
I don't think we want to expose the getdomaininfo to random other
guests.
Ian.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
