Xen project Mailing List

[Xen-devel] [PATCH 17/24] xentoolcore_restrict_all: "Implement" for xenstore

From: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>

Date: Wed, 4 Oct 2017 16:57:23 +0100

Cc: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>

Delivery-date: Wed, 04 Oct 2017 16:07:47 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Signed-off-by: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> Acked-by: Wei Liu <wei.liu2@xxxxxxxxxx> --- tools/Rules.mk | 2 +- tools/xenstore/Makefile | 7 ++++--- tools/xenstore/xenstore.pc.in | 2 +- tools/xenstore/xs.c | 14 ++++++++++++++ 4 files changed, 20 insertions(+), 5 deletions(-) diff --git a/tools/Rules.mk b/tools/Rules.mk index 3239e76..be92f0a 100644 --- a/tools/Rules.mk +++ b/tools/Rules.mk @@ -146,7 +146,7 @@ LDLIBS_libxenguest = $(SHDEPS_libxenguest) $(XEN_LIBXC)/libxenguest$(libextensio SHLIB_libxenguest = $(SHDEPS_libxenguest) -Wl,-rpath-link=$(XEN_LIBXC) CFLAGS_libxenstore = -I$(XEN_XENSTORE)/include $(CFLAGS_xeninclude) -SHDEPS_libxenstore = +SHDEPS_libxenstore = $(SHLIB_libxentoolcore) LDLIBS_libxenstore = $(SHDEPS_libxenstore) $(XEN_XENSTORE)/libxenstore$(libextension) SHLIB_libxenstore = $(SHDEPS_libxenstore) -Wl,-rpath-link=$(XEN_XENSTORE) diff --git a/tools/xenstore/Makefile b/tools/xenstore/Makefile index ff428e2..2b99d2b 100644 --- a/tools/xenstore/Makefile +++ b/tools/xenstore/Makefile @@ -11,6 +11,7 @@ CFLAGS += -include $(XEN_ROOT)/tools/config.h CFLAGS += -I./include CFLAGS += $(CFLAGS_libxenevtchn) CFLAGS += $(CFLAGS_libxenctrl) +CFLAGS += $(CFLAGS_libxentoolcore) CFLAGS += -DXEN_LIB_STORED="\"$(XEN_LIB_STORED)\"" CFLAGS += -DXEN_RUN_STORED="\"$(XEN_RUN_STORED)\"" @@ -85,10 +86,10 @@ $(CLIENTS): xenstore ln -f xenstore $@ xenstore: xenstore_client.o $(LIBXENSTORE) - $(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS) + $(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(LDLIBS_libxentoolcore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS) xenstore-control: xenstore_control.o $(LIBXENSTORE) - $(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS) + $(CC) $< $(LDFLAGS) $(LDLIBS_libxenstore) $(LDLIBS_libxentoolcore) $(SOCKET_LIBS) -o $@ $(APPEND_LDFLAGS) xs_tdb_dump: xs_tdb_dump.o utils.o tdb.o talloc.o $(CC) $^ $(LDFLAGS) -o $@ $(APPEND_LDFLAGS) @@ -101,7 +102,7 @@ libxenstore.so.$(MAJOR): libxenstore.so.$(MAJOR).$(MINOR) xs.opic: CFLAGS += -DUSE_PTHREAD libxenstore.so.$(MAJOR).$(MINOR): xs.opic xs_lib.opic - $(CC) $(LDFLAGS) $(PTHREAD_LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxenstore.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $^ $(SOCKET_LIBS) $(PTHREAD_LIBS) $(APPEND_LDFLAGS) + $(CC) $(LDFLAGS) $(PTHREAD_LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxenstore.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $^ $(LDLIBS_libxentoolcore) $(SOCKET_LIBS) $(PTHREAD_LIBS) $(APPEND_LDFLAGS) libxenstore.a: xs.o xs_lib.o $(AR) rcs $@ $^ diff --git a/tools/xenstore/xenstore.pc.in b/tools/xenstore/xenstore.pc.in index 45dc6b0..6fd72a1 100644 --- a/tools/xenstore/xenstore.pc.in +++ b/tools/xenstore/xenstore.pc.in @@ -7,4 +7,4 @@ Description: The Xenstore library for Xen hypervisor Version: @@version@@ Cflags: -I${includedir} @@cflagslocal@@ Libs: @@libsflag@@${libdir} -lxenstore -Requires.private: xenevtchn,xencontrol,xengnttab +Requires.private: xenevtchn,xencontrol,xengnttab,xentoolcore diff --git a/tools/xenstore/xs.c b/tools/xenstore/xs.c index 7f85bb2..ae4b878 100644 --- a/tools/xenstore/xs.c +++ b/tools/xenstore/xs.c @@ -35,6 +35,8 @@ #include "list.h" #include "utils.h" +#include <xentoolcore_internal.h> + struct xs_stored_msg { struct list_head list; struct xsd_sockmsg hdr; @@ -48,6 +50,7 @@ struct xs_stored_msg { struct xs_handle { /* Communications channel to xenstore daemon. */ int fd; + Xentoolcore__Active_Handle tc_ah; /* for restrict */ /* * A read thread which pulls messages off the comms channel and @@ -122,6 +125,7 @@ static void *read_thread(void *arg); struct xs_handle { int fd; + Xentoolcore__Active_Handle tc_ah; /* for restrict */ struct list_head reply_list; struct list_head watch_list; /* Clients can select() on this pipe to wait for a watch to fire. */ @@ -219,6 +223,11 @@ static int get_dev(const char *connect_to) return open(connect_to, O_RDWR); } +static int all_restrict_cb(Xentoolcore__Active_Handle *ah, uint32_t domid) { + struct xs_handle *h = CONTAINER_OF(ah, *h, tc_ah); + return xentoolcore__restrict_by_dup2_null(h->fd); +} + static struct xs_handle *get_handle(const char *connect_to) { struct stat buf; @@ -232,6 +241,9 @@ static struct xs_handle *get_handle(const char *connect_to) memset(h, 0, sizeof(*h)); h->fd = -1; + h->tc_ah.restrict_callback = all_restrict_cb; + xentoolcore__register_active_handle(&h->tc_ah); + if (stat(connect_to, &buf) != 0) goto err; @@ -269,6 +281,7 @@ err: if (h) { if (h->fd >= 0) close(h->fd); + xentoolcore__deregister_active_handle(&h->tc_ah); } free(h); @@ -330,6 +343,7 @@ static void close_fds_free(struct xs_handle *h) { } close(h->fd); + xentoolcore__deregister_active_handle(&h->tc_ah); free(h); } -- 2.1.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.