From 83b191eaa1947e25bd93319c2d88827f1c1a3a08 Mon Sep 17 00:00:00 2001
From: Ian Jackson <ian.jackson@eu.citrix.com>
Date: Fri, 15 Sep 2017 13:35:07 +0100
Subject: [PATCH] xentoolcore_restrict_all: Declare problems due to no evtchn
 support

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Acked-by: Wei Liu <wei.liu2@citrix.com>
---
 tools/libs/toolcore/include/xentoolcore.h | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tools/libs/toolcore/include/xentoolcore.h b/tools/libs/toolcore/include/xentoolcore.h
index 32e2af1c00..93eaf237ea 100644
--- a/tools/libs/toolcore/include/xentoolcore.h
+++ b/tools/libs/toolcore/include/xentoolcore.h
@@ -30,6 +30,11 @@
  * Arranges that Xen library handles (fds etc.) which are currently held
  * by Xen libraries, can no longer be used other than to affect domid.
  *
+ * Does not prevent effects that amount only to
+ *   - denial of service, possibly host-wide, by resource exhaustion etc.
+ *   - leak of not-very-interesting metainformation about other domains
+ *     eg, specifically, event channel signals relating to other domains
+ *
  * If this cannot be achieved, returns -1 and sets errno.
  * If called again with the same domid, it may succeed, or it may
  * fail (even though such a call is potentially meaningful).
-- 
2.30.2