Hi,
I'm using the v6 XSM patch-set (
http://lists.xen.org/archives/html/xen-devel/2012-11/msg01920.html) to
perform dom0 disaggregation but I came across two ioctl functions in the
Linux privcmd driver that were getting -EPERM errors in my secondary
control domU. The problem is that the permission checks are not coming from
XSM but the Kernel itself, when XSM should be in charge of access control.
The two functions in Linux 3.x kernel are *privcmd_ioctl_mmap *and *
privcmd_ioctl_mmap_batch*:
driver/xen/privcmd.c@199 and @319 in Linux 3.7.0:
* if (!xen_initial_domain())*
* return -EPERM;*
*
*
Are these checks still needed when the XSM patches are applied?
Thanks,
Tamas
I'm using the v6 XSM patch-set (
http://lists.xen.org/archives/html/xen-devel/2012-11/msg01920.html) to
perform dom0 disaggregation but I came across two ioctl functions in the
Linux privcmd driver that were getting -EPERM errors in my secondary
control domU. The problem is that the permission checks are not coming from
XSM but the Kernel itself, when XSM should be in charge of access control.
The two functions in Linux 3.x kernel are *privcmd_ioctl_mmap *and *
privcmd_ioctl_mmap_batch*:
driver/xen/privcmd.c@199 and @319 in Linux 3.7.0:
* if (!xen_initial_domain())*
* return -EPERM;*
*
*
Are these checks still needed when the XSM patches are applied?
Thanks,
Tamas