>>> On 16.03.18 at 17:58, <paul.durr...@citrix.com> wrote: > There has always been an intention in the ioreq server API that only the > domain that creates an ioreq server should be able to manipulate it. > However, so far, nothing has enforced this. This means that two domains > with DM_PRIV over a target domain can currently manipulate each others > ioreq servers. > > A previous patch added code to take a reference and store a pointer to the > domain that creates an ioreq server. This patch now adds checks to the > functions that manipulate the ioreq server to make sure they are being > called by the same domain. > > Signed-off-by: Paul Durrant <paul.durr...@citrix.com>
Reviewed-by: Jan Beulich <jbeul...@suse.com> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel