summaryrefslogtreecommitdiffstats
path: root/include/uapi/xen
diff options
context:
space:
mode:
authorPaul Durrant <paul.durrant@citrix.com>2017-02-13 18:03:24 +0100
committerBoris Ostrovsky <boris.ostrovsky@oracle.com>2017-02-14 21:14:59 +0100
commit4610d240d691768203fdd210a5da0a2e02eddb76 (patch)
treeb3f34882aa7607ac00f2184df88a307f96377798 /include/uapi/xen
parentxen/privcmd: Add IOCTL_PRIVCMD_DM_OP (diff)
downloadlinux-4610d240d691768203fdd210a5da0a2e02eddb76.tar.xz
linux-4610d240d691768203fdd210a5da0a2e02eddb76.zip
xen/privcmd: add IOCTL_PRIVCMD_RESTRICT
The purpose if this ioctl is to allow a user of privcmd to restrict its operation such that it will no longer service arbitrary hypercalls via IOCTL_PRIVCMD_HYPERCALL, and will check for a matching domid when servicing IOCTL_PRIVCMD_DM_OP or IOCTL_PRIVCMD_MMAP*. The aim of this is to limit the attack surface for a compromised device model. Signed-off-by: Paul Durrant <paul.durrant@citrix.com> Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Diffstat (limited to 'include/uapi/xen')
-rw-r--r--include/uapi/xen/privcmd.h2
1 files changed, 2 insertions, 0 deletions
diff --git a/include/uapi/xen/privcmd.h b/include/uapi/xen/privcmd.h
index f8c5d75b99e1..63ee95c9dabb 100644
--- a/include/uapi/xen/privcmd.h
+++ b/include/uapi/xen/privcmd.h
@@ -111,5 +111,7 @@ struct privcmd_dm_op {
_IOC(_IOC_NONE, 'P', 4, sizeof(struct privcmd_mmapbatch_v2))
#define IOCTL_PRIVCMD_DM_OP \
_IOC(_IOC_NONE, 'P', 5, sizeof(struct privcmd_dm_op))
+#define IOCTL_PRIVCMD_RESTRICT \
+ _IOC(_IOC_NONE, 'P', 6, sizeof(domid_t))
#endif /* __LINUX_PUBLIC_PRIVCMD_H__ */