On 1/5/24 02:09, Jiqian Chen wrote:
> diff --git a/xen/common/domctl.c b/xen/common/domctl.c
> index f5a71ee5f78d..eeb975bd0194 100644
> --- a/xen/common/domctl.c
> +++ b/xen/common/domctl.c
> @@ -653,12 +653,20 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t)
> u_domctl)
> unsigned int pirq = op->u.irq_permission.pirq, irq;
> int allow = op->u.irq_permission.allow_access;
>
> - if ( pirq >= current->domain->nr_pirqs )
> + if ( pirq >= nr_irqs_gsi )
This doesn't build on ARM, as nr_irqs_gsi is x86 only. This is a wild guess: we
may want keep the existing current->domain->nr_pirqs check, then add the new
nr_irqs_gsi check wrapped in #ifdef CONFIG_X86.
> {
> ret = -EINVAL;
> break;
> }
> - irq = pirq_access_permitted(current->domain, pirq);
> +
> + if ( irq_access_permitted(current->domain, pirq) )
> + irq = pirq;
> + else
> + {
> + ret = -EPERM;
> + break;
> + }
> +
> if ( !irq || xsm_irq_permission(XSM_HOOK, d, irq, allow) )
> ret = -EPERM;
> else if ( allow )
