From e6d97230f53e6c08e03334bbe5b83b2823381a7b Mon Sep 17 00:00:00 2001
From: Keir Fraser <keir@xen.org>
Date: Sun, 6 Feb 2011 17:21:17 +0000
Subject: [PATCH] hvm_op: Clean up new mem_access and inject_trap ops.

Firstly, they are only for use from privileged entities, so mark them
as usable only by code defining __XEN_TOOLS__.

Secondly, the check for must-not-operate-on-myself can be done more
cleanly.

Signed-off-by: Keir Fraser <keir@xen.org>
---
 xen/arch/x86/hvm/hvm.c          | 21 ++++++++++++---------
 xen/include/public/hvm/hvm_op.h |  9 +++++++--
 2 files changed, 19 insertions(+), 11 deletions(-)

diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 1a89bfb575..23db7de282 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -3542,13 +3542,14 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE(void) arg)
         if ( copy_from_guest(&a, arg, 1) )
             return -EFAULT;
 
-        if ( current->domain->domain_id == a.domid )
-            return -EPERM;
-
         rc = rcu_lock_target_domain_by_id(a.domid, &d);
         if ( rc != 0 )
             return rc;
 
+        rc = -EPERM;
+        if ( d == current->domain )
+            goto param_fail5;
+
         rc = -EINVAL;
         if ( !is_hvm_domain(d) )
             goto param_fail5;
@@ -3620,13 +3621,14 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE(void) arg)
         if ( copy_from_guest(&a, arg, 1) )
             return -EFAULT;
 
-        if ( current->domain->domain_id == a.domid )
-            return -EPERM;
-
         rc = rcu_lock_target_domain_by_id(a.domid, &d);
         if ( rc != 0 )
             return rc;
 
+        rc = -EPERM;
+        if ( d == current->domain )
+            goto param_fail6;
+
         rc = -EINVAL;
         if ( !is_hvm_domain(d) )
             goto param_fail6;
@@ -3721,13 +3723,14 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE(void) arg)
         if ( copy_from_guest(&tr, arg, 1 ) )
             return -EFAULT;
 
-        if ( current->domain->domain_id == tr.domid )
-            return -EPERM;
-
         rc = rcu_lock_target_domain_by_id(tr.domid, &d);
         if ( rc != 0 )
             return rc;
 
+        rc = -EPERM;
+        if ( d == current->domain )
+            goto param_fail8;
+
         rc = -EINVAL;
         if ( !is_hvm_domain(d) )
             goto param_fail8;
diff --git a/xen/include/public/hvm/hvm_op.h b/xen/include/public/hvm/hvm_op.h
index 0502f68a64..6f846fb250 100644
--- a/xen/include/public/hvm/hvm_op.h
+++ b/xen/include/public/hvm/hvm_op.h
@@ -158,6 +158,9 @@ struct xen_hvm_xentrace {
 typedef struct xen_hvm_xentrace xen_hvm_xentrace_t;
 DEFINE_XEN_GUEST_HANDLE(xen_hvm_xentrace_t);
 
+/* Following tools-only interfaces may change in future. */
+#if defined(__XEN__) || defined(__XEN_TOOLS__)
+
 #define HVMOP_set_mem_access        12
 typedef enum {
     HVMMEM_access_n,
@@ -168,8 +171,8 @@ typedef enum {
     HVMMEM_access_rx,
     HVMMEM_access_wx,
     HVMMEM_access_rwx,
-    HVMMEM_access_rx2rw,       /* Page starts off as read-execute, but automatically change
-				* to read-write on a write */
+    HVMMEM_access_rx2rw,       /* Page starts off as r-x, but automatically
+                                * change to r-w on a write */
     HVMMEM_access_default      /* Take the domain default */
 } hvmmem_access_t;
 /* Notify that a region of memory is to have specific access types */
@@ -222,4 +225,6 @@ struct xen_hvm_inject_trap {
 typedef struct xen_hvm_inject_trap xen_hvm_inject_trap_t;
 DEFINE_XEN_GUEST_HANDLE(xen_hvm_inject_trap_t);
 
+#endif /* defined(__XEN__) || defined(__XEN_TOOLS__) */
+
 #endif /* __XEN_PUBLIC_HVM_HVM_OP_H__ */
-- 
2.30.2