fixup argo=mac

andyhhp · andyhhp · commit b953d43c5a12 · 2019-01-15T22:39:14.000Z
diff --git a/docs/misc/xen-command-line.pandoc b/docs/misc/xen-command-line.pandoc
@@ -183,7 +183,7 @@ in combination with cpuidle.  This option is only expected to be useful for
 developers wishing Xen to fall back to older timing methods on newer hardware.
 
 ### argo
-    = List of [ <bool> ]
+    = List of [ <bool>, mac=<bool> ]
 
 Controls for the Argo hypervisor-mediated interdomain communication service.
 Argo is only available when Xen is compiled with `CONFIG_ARGO` enabled.
@@ -195,22 +195,12 @@ to appropriate auditing by Xen.
 
 * An overall boolean acts as a global control.  Argo is disabled by default.
 
-### argo-mac-permissive
-> `= <boolean>`
-
-> Default: `false`
-
-Constrain the access control applied to the Argo communication mechanism.
-
-Only available if Xen is compiled with `CONFIG_ARGO` enabled.
-
-When `false`, domains may not register rings that have wildcard specified
-for the sender which would allow messages to be sent to the ring by any domain.
-This is to protect rings and the services that utilize them against DoS by a
-malicious or buggy domain spamming the ring.
+* The `mac-permissive` boolean controls whether wildcard recieve rings may be
+  registered (`mac-permissive=0`) or may not be registered
+  (`mac-permissive=1`).
 
-When the boot option is set to `true`, this constraint is relaxed and
-wildcard any-sender rings are allowed to be registered.
+  This option is disabled by default, to protect domains from a DoS by a buggy
+  or malicious other domain spamming the ring.
 
 ### asid (x86)
 > `= <boolean>`
diff --git a/xen/common/argo.c b/xen/common/argo.c
@@ -45,6 +45,7 @@ DEFINE_XEN_GUEST_HANDLE(xen_argo_register_ring_t);
 DEFINE_XEN_GUEST_HANDLE(xen_argo_ring_t);
 
 static bool __read_mostly opt_argo;
+static bool __read_mostly opt_argo_mac_permissive;
 
 static int __init parse_argo(const char *s)
 {
@@ -58,6 +59,8 @@ static int __init parse_argo(const char *s)
 
         if ( (val = parse_bool(s, ss)) >= 0 )
             opt_argo = val;
+        else if ( (val = parse_boolean("mac-permissive", s, ss)) >= 0 )
+            opt_argo_mac_permissive = val;
         else
             rc = -EINVAL;
 
@@ -68,10 +71,6 @@ static int __init parse_argo(const char *s)
 }
 custom_param("argo", parse_argo);
 
-/* Xen command line option for conservative or relaxed access control */
-static bool __read_mostly opt_argo_mac_permissive;
-boolean_param("argo-mac-permissive", opt_argo_mac_permissive);
-
 typedef struct argo_ring_id
 {
     xen_argo_port_t aport;
