xentoolcore_restrict_all: Declare problems due to no evtchn support

author Ian Jackson <ian.jackson@eu.citrix.com>

Fri, 15 Sep 2017 12:35:07 +0000 (13:35 +0100)

committer Ian Jackson <Ian.Jackson@eu.citrix.com>

Wed, 11 Oct 2017 11:51:22 +0000 (12:51 +0100)
author Ian Jackson <ian.jackson@eu.citrix.com>
Fri, 15 Sep 2017 12:35:07 +0000 (13:35 +0100)
committer Ian Jackson <Ian.Jackson@eu.citrix.com>
Wed, 11 Oct 2017 11:51:22 +0000 (12:51 +0100)
diff --git a/tools/libs/toolcore/include/xentoolcore.h b/tools/libs/toolcore/include/xentoolcore.h

index 32e2af1c0070b16c9176602aecdb552e95cb90f6..93eaf237ea038b5c0afc24faa6f7de4a1d4e26fa 100644 (file)
--- a/tools/libs/toolcore/include/xentoolcore.h
+++ b/tools/libs/toolcore/include/xentoolcore.h
@@ -30,6 +30,11 @@
   * Arranges that Xen library handles (fds etc.) which are currently held
   * by Xen libraries, can no longer be used other than to affect domid.
   *
+ * Does not prevent effects that amount only to
+ *   - denial of service, possibly host-wide, by resource exhaustion etc.
+ *   - leak of not-very-interesting metainformation about other domains
+ *     eg, specifically, event channel signals relating to other domains
+ *
   * If this cannot be achieved, returns -1 and sets errno.
   * If called again with the same domid, it may succeed, or it may
   * fail (even though such a call is potentially meaningful).
author	Ian Jackson <ian.jackson@eu.citrix.com>
	Fri, 15 Sep 2017 12:35:07 +0000 (13:35 +0100)
committer	Ian Jackson <Ian.Jackson@eu.citrix.com>
	Wed, 11 Oct 2017 11:51:22 +0000 (12:51 +0100)