[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 23/24] xenstored: add --priv-domid parameter



This parameter identifies an alternative service domain which has
superuser access to the xenstore database, which is currently required
to set up a new domain's xenstore entries.

Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
Cc: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
---
 tools/xenstore/xenstored_core.c   |    5 +++++
 tools/xenstore/xenstored_core.h   |    1 +
 tools/xenstore/xenstored_domain.c |    2 +-
 3 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c
index 66584f5..a42f552 100644
--- a/tools/xenstore/xenstored_core.c
+++ b/tools/xenstore/xenstored_core.c
@@ -1752,6 +1752,7 @@ static struct option options[] = {
        { "event", 1, NULL, 'e' },
        { "help", 0, NULL, 'H' },
        { "no-fork", 0, NULL, 'N' },
+       { "priv-domid", 1, NULL, 'p' },
        { "output-pid", 0, NULL, 'P' },
        { "entry-size", 1, NULL, 'S' },
        { "trace-file", 1, NULL, 'T' },
@@ -1765,6 +1766,7 @@ static struct option options[] = {
 
 extern void dump_conn(struct connection *conn); 
 int dom0_event = 0;
+int priv_domid = 0;
 
 int main(int argc, char *argv[])
 {
@@ -1825,6 +1827,9 @@ int main(int argc, char *argv[])
                case 'e':
                        dom0_event = strtol(optarg, NULL, 10);
                        break;
+               case 'p':
+                       priv_domid = strtol(optarg, NULL, 10);
+                       break;
                }
        }
        if (optind != argc)
diff --git a/tools/xenstore/xenstored_core.h b/tools/xenstore/xenstored_core.h
index e1c2be7..92c27ba 100644
--- a/tools/xenstore/xenstored_core.h
+++ b/tools/xenstore/xenstored_core.h
@@ -169,6 +169,7 @@ void dtrace_io(const struct connection *conn, const struct 
buffered_data *data,
 
 extern int event_fd;
 extern int dom0_event;
+extern int priv_domid;
 
 /* Map the kernel's xenstore page. */
 void *xenbus_map(void);
diff --git a/tools/xenstore/xenstored_domain.c 
b/tools/xenstore/xenstored_domain.c
index fa9c8fe..f8c822f 100644
--- a/tools/xenstore/xenstored_domain.c
+++ b/tools/xenstore/xenstored_domain.c
@@ -259,7 +259,7 @@ bool domain_can_read(struct connection *conn)
 
 bool domain_is_unprivileged(struct connection *conn)
 {
-       return (conn && conn->domain && conn->domain->domid != 0);
+       return (conn && conn->domain && conn->domain->domid != 0 && 
conn->domain->domid != priv_domid);
 }
 
 bool domain_can_write(struct connection *conn)
-- 
1.7.7.6


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.