diff options
author | Paul Durrant <paul.durrant@citrix.com> | 2017-02-13 18:03:24 +0100 |
---|---|---|
committer | Boris Ostrovsky <boris.ostrovsky@oracle.com> | 2017-02-14 21:14:59 +0100 |
commit | 4610d240d691768203fdd210a5da0a2e02eddb76 (patch) | |
tree | b3f34882aa7607ac00f2184df88a307f96377798 /include/uapi/xen | |
parent | xen/privcmd: Add IOCTL_PRIVCMD_DM_OP (diff) | |
download | linux-4610d240d691768203fdd210a5da0a2e02eddb76.tar.xz linux-4610d240d691768203fdd210a5da0a2e02eddb76.zip |
xen/privcmd: add IOCTL_PRIVCMD_RESTRICT
The purpose if this ioctl is to allow a user of privcmd to restrict its
operation such that it will no longer service arbitrary hypercalls via
IOCTL_PRIVCMD_HYPERCALL, and will check for a matching domid when
servicing IOCTL_PRIVCMD_DM_OP or IOCTL_PRIVCMD_MMAP*. The aim of this
is to limit the attack surface for a compromised device model.
Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Diffstat (limited to 'include/uapi/xen')
-rw-r--r-- | include/uapi/xen/privcmd.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/uapi/xen/privcmd.h b/include/uapi/xen/privcmd.h index f8c5d75b99e1..63ee95c9dabb 100644 --- a/include/uapi/xen/privcmd.h +++ b/include/uapi/xen/privcmd.h @@ -111,5 +111,7 @@ struct privcmd_dm_op { _IOC(_IOC_NONE, 'P', 4, sizeof(struct privcmd_mmapbatch_v2)) #define IOCTL_PRIVCMD_DM_OP \ _IOC(_IOC_NONE, 'P', 5, sizeof(struct privcmd_dm_op)) +#define IOCTL_PRIVCMD_RESTRICT \ + _IOC(_IOC_NONE, 'P', 6, sizeof(domid_t)) #endif /* __LINUX_PUBLIC_PRIVCMD_H__ */ |