Today the dummy XSM privilege checks for getdomaininfo are less
stringent than possible: they basically rely on the general
sysctl/domctl entry check to do all tests and then do the test with
the XSM_HOOK privilege, which is an "allow all" default.
Instead of XSM_HOOK use XSM_XS_PRIV, which is the privilege really
wanted. Note that this test is still wider than the sysctl entry test,
but there is no easy way to make both domctl and sysctl happy at the
same time.
Signed-off-by: Juergen Gross <jgross@suse.com>
Acked-by: Daniel P. Smith <dpsmith@apertussolutions.com>
break;
case XEN_DOMCTL_getdomaininfo:
- ret = xsm_getdomaininfo(XSM_HOOK, d);
+ ret = xsm_getdomaininfo(XSM_XS_PRIV, d);
if ( ret )
break;
if ( num_domains == op->u.getdomaininfolist.max_domains )
break;
- if ( xsm_getdomaininfo(XSM_HOOK, d) )
+ if ( xsm_getdomaininfo(XSM_XS_PRIV, d) )
continue;
getdomaininfo(d, &info);
static XSM_INLINE int cf_check xsm_getdomaininfo(
XSM_DEFAULT_ARG struct domain *d)
{
- XSM_ASSERT_ACTION(XSM_HOOK);
+ XSM_ASSERT_ACTION(XSM_XS_PRIV);
return xsm_default_action(action, current->domain, d);
}
projects / people / andrewcoop / xen.git / commitdiff