[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen master] tools/libxenforeignmemory: add a call to restrict the handle

commit 5823d6eb40af67b6775db32e9643bb0471e52e4e
Author:     Paul Durrant <paul.durrant@xxxxxxxxxx>
AuthorDate: Wed Mar 22 11:25:25 2017 +0000
Commit:     Wei Liu <wei.liu2@xxxxxxxxxx>
CommitDate: Fri Mar 24 12:23:47 2017 +0000

    tools/libxenforeignmemory: add a call to restrict the handle
    
    Commit 8ef5f344d061 "tools/libxendevicemodel: add a call to restrict the
    handle" added a function to the devicemodel interface to restrict
    operations through the API to a specific domain, where a capable under-
    lying privcmd driver exists.
    
    This patch adds similar functionality to the xenforeignmemory API. This
    will be necessary (as much as xendevicemodel restriction) for limiting
    the scope of device models to specific domains.
    
    NOTE: My patch to the linux kernel [1] added the appropriate checks to
          the foreign memory ioctls.
    
    [1] 
https://git.kernel.org/cgit/linux/kernel/git/ostr/linux.git/commit/?id=4610d240
    
    Signed-off-by: Paul Durrant <paul.durrant@xxxxxxxxxx>
    Acked-by: Wei Liu <wei.liu2@xxxxxxxxxx>
---
 tools/libs/foreignmemory/core.c                     |  6 ++++++
 tools/libs/foreignmemory/freebsd.c                  |  7 +++++++
 tools/libs/foreignmemory/include/xenforeignmemory.h | 11 +++++++++++
 tools/libs/foreignmemory/libxenforeignmemory.map    |  1 +
 tools/libs/foreignmemory/linux.c                    |  6 ++++++
 tools/libs/foreignmemory/minios.c                   |  7 +++++++
 tools/libs/foreignmemory/netbsd.c                   |  7 +++++++
 tools/libs/foreignmemory/private.h                  |  3 +++
 tools/libs/foreignmemory/solaris.c                  |  7 +++++++
 9 files changed, 55 insertions(+)

diff --git a/tools/libs/foreignmemory/core.c b/tools/libs/foreignmemory/core.c
index a872b95..0ebd429 100644
--- a/tools/libs/foreignmemory/core.c
+++ b/tools/libs/foreignmemory/core.c
@@ -106,6 +106,12 @@ int xenforeignmemory_unmap(xenforeignmemory_handle *fmem,
     return osdep_xenforeignmemory_unmap(fmem, addr, num);
 }
 
+int xenforeignmemory_restrict(xenforeignmemory_handle *fmem,
+                              domid_t domid)
+{
+    return osdep_xenforeignmemory_restrict(fmem, domid);
+}
+
 /*
  * Local variables:
  * mode: C
diff --git a/tools/libs/foreignmemory/freebsd.c 
b/tools/libs/foreignmemory/freebsd.c
index ef08b6c..f6cd08c 100644
--- a/tools/libs/foreignmemory/freebsd.c
+++ b/tools/libs/foreignmemory/freebsd.c
@@ -96,6 +96,13 @@ int osdep_xenforeignmemory_unmap(xenforeignmemory_handle 
*fmem,
     return munmap(addr, num << PAGE_SHIFT);
 }
 
+int osdep_xenforeignmemory_restrict(xenforeignmemory_handle *fmem,
+                                    domid_t domid)
+{
+    errno = -EOPNOTSUPP;
+    return -1;
+}
+
 /*
  * Local variables:
  * mode: C
diff --git a/tools/libs/foreignmemory/include/xenforeignmemory.h 
b/tools/libs/foreignmemory/include/xenforeignmemory.h
index 92b9277..d5be648 100644
--- a/tools/libs/foreignmemory/include/xenforeignmemory.h
+++ b/tools/libs/foreignmemory/include/xenforeignmemory.h
@@ -115,6 +115,17 @@ void *xenforeignmemory_map(xenforeignmemory_handle *fmem, 
uint32_t dom,
 int xenforeignmemory_unmap(xenforeignmemory_handle *fmem,
                            void *addr, size_t pages);
 
+/**
+ * This function restricts the use of this handle to the specified
+ * domain.
+ *
+ * @parm fmem handle to the open foreignmemory interface
+ * @parm domid the domain id
+ * @return 0 on success, -1 on failure.
+ */
+int xenforeignmemory_restrict(xenforeignmemory_handle *fmem,
+                              domid_t domid);
+
 #endif
 
 /*
diff --git a/tools/libs/foreignmemory/libxenforeignmemory.map 
b/tools/libs/foreignmemory/libxenforeignmemory.map
index df206b3..5c9806c 100644
--- a/tools/libs/foreignmemory/libxenforeignmemory.map
+++ b/tools/libs/foreignmemory/libxenforeignmemory.map
@@ -4,5 +4,6 @@ VERS_1.0 {
                xenforeignmemory_close;
                xenforeignmemory_map;
                xenforeignmemory_unmap;
+               xenforeignmemory_restrict;
        local: *; /* Do not expose anything by default */
 };
diff --git a/tools/libs/foreignmemory/linux.c b/tools/libs/foreignmemory/linux.c
index 423c744..320bb21 100644
--- a/tools/libs/foreignmemory/linux.c
+++ b/tools/libs/foreignmemory/linux.c
@@ -272,6 +272,12 @@ int osdep_xenforeignmemory_unmap(xenforeignmemory_handle 
*fmem,
     return munmap(addr, num << PAGE_SHIFT);
 }
 
+int osdep_xenforeignmemory_restrict(xenforeignmemory_handle *fmem,
+                                    domid_t domid)
+{
+    return ioctl(fmem->fd, IOCTL_PRIVCMD_RESTRICT, &domid);
+}
+
 /*
  * Local variables:
  * mode: C
diff --git a/tools/libs/foreignmemory/minios.c 
b/tools/libs/foreignmemory/minios.c
index 6dc97bd..2dd4910 100644
--- a/tools/libs/foreignmemory/minios.c
+++ b/tools/libs/foreignmemory/minios.c
@@ -58,6 +58,13 @@ int osdep_xenforeignmemory_unmap(xenforeignmemory_handle 
*fmem,
     return munmap(addr, num << PAGE_SHIFT);
 }
 
+int osdep_xenforeignmemory_restrict(xenforeignmemory_handle *fmem,
+                                    domid_t domid)
+{
+    errno = -EOPNOTSUPP;
+    return -1;
+}
+
 /*
  * Local variables:
  * mode: C
diff --git a/tools/libs/foreignmemory/netbsd.c 
b/tools/libs/foreignmemory/netbsd.c
index 08f4964..af3a1a4 100644
--- a/tools/libs/foreignmemory/netbsd.c
+++ b/tools/libs/foreignmemory/netbsd.c
@@ -100,6 +100,13 @@ int osdep_xenforeignmemory_unmap(xenforeignmemory_handle 
*fmem,
     return munmap(addr, num*XC_PAGE_SIZE);
 }
 
+int osdep_xenforeignmemory_restrict(xenforeignmemory_handle *fmem,
+                                    domid_t domid)
+{
+    errno = -EOPNOTSUPP;
+    return -1;
+}
+
 /*
  * Local variables:
  * mode: C
diff --git a/tools/libs/foreignmemory/private.h 
b/tools/libs/foreignmemory/private.h
index 9cc7814..ed7ec7a 100644
--- a/tools/libs/foreignmemory/private.h
+++ b/tools/libs/foreignmemory/private.h
@@ -32,6 +32,9 @@ void *osdep_xenforeignmemory_map(xenforeignmemory_handle 
*fmem,
 int osdep_xenforeignmemory_unmap(xenforeignmemory_handle *fmem,
                                  void *addr, size_t num);
 
+int osdep_xenforeignmemory_restrict(xenforeignmemory_handle *fmem,
+                                    domid_t domid);
+
 #if defined(__NetBSD__) || defined(__sun__)
 /* Strictly compat for those two only only */
 void *compat_mapforeign_batch(xenforeignmem_handle *fmem, uint32_t dom,
diff --git a/tools/libs/foreignmemory/solaris.c 
b/tools/libs/foreignmemory/solaris.c
index e925a29..fe7bb45 100644
--- a/tools/libs/foreignmemory/solaris.c
+++ b/tools/libs/foreignmemory/solaris.c
@@ -98,6 +98,13 @@ int osdep_xenforeignmemory_unmap(xenforeignmemory_handle 
*fmem,
     return munmap(addr, num*XC_PAGE_SIZE);
 }
 
+int osdep_xenforeignmemory_restrict(xenforeignmemory_handle *fmem,
+                                    domid_t domid)
+{
+    errno = -EOPNOTSUPP;
+    return -1;
+}
+
 /*
  * Local variables:
  * mode: C
--
generated by git-patchbot for /home/xen/git/xen.git#master

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.