diff options
| author | Paul Durrant <paul.durrant@citrix.com> | 2017-03-22 09:39:15 +0000 |
|---|---|---|
| committer | Stefano Stabellini <sstabellini@kernel.org> | 2017-04-21 12:40:14 -0700 |
| commit | 1c599472b02783ee80691bfdaa465af9fbf25c8a (patch) | |
| tree | 10afa631ab372f500ae8af5793684ae6f17b0512 /include/hw/xen/xen.h | |
| parent | f1167ee684279bffabe7bb3ab23eff87577fe427 (diff) | |
| download | focaccia-qemu-1c599472b02783ee80691bfdaa465af9fbf25c8a.tar.gz focaccia-qemu-1c599472b02783ee80691bfdaa465af9fbf25c8a.zip | |
xen: use libxendevice model to restrict operations
This patch adds a command-line option (-xen-domid-restrict) which will
use the new libxendevicemodel API to restrict devicemodel [1] operations
to the specified domid. (Such operations are not applicable to the xenpv
machine type).
This patch also adds a tracepoint to allow successful enabling of the
restriction to be monitored.
[1] I.e. operations issued by libxendevicemodel. Operation issued by other
xen libraries (e.g. libxenforeignmemory) are currently still unrestricted
but this will be rectified by subsequent patches.
Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
Diffstat (limited to 'include/hw/xen/xen.h')
| -rw-r--r-- | include/hw/xen/xen.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/hw/xen/xen.h b/include/hw/xen/xen.h index 2b1733b747..7efcdaa8fe 100644 --- a/include/hw/xen/xen.h +++ b/include/hw/xen/xen.h @@ -21,6 +21,7 @@ enum xen_mode { extern uint32_t xen_domid; extern enum xen_mode xen_mode; +extern bool xen_domid_restrict; extern bool xen_allowed; |