From: Paul Durrant <paul.durrant@citrix.com>
To: xen-devel@lists.xenproject.org
Cc: Wei Liu <wei.liu2@citrix.com>,
Paul Durrant <paul.durrant@citrix.com>,
Ian Jackson <ian.jackson@eu.citrix.com>
Subject: [PATCH 4/4] tools/libxendevicemodel: add a call to restrict the handle
Date: Fri, 17 Feb 2017 10:27:09 +0000 [thread overview]
Message-ID: <1487327229-14641-4-git-send-email-paul.durrant@citrix.com> (raw)
In-Reply-To: <1487327229-14641-1-git-send-email-paul.durrant@citrix.com>
My recent patch [1] to the Linux privcmd module introduced a mechanism
to restrict an open file handle to subsequently only accept operations for
a specified domain.
This patch extends the libxendevicemodel API and make use of the
mechanism in the Linux-specific code to restrict operations on the
interface handle.
[1] https://git.kernel.org/cgit/linux/kernel/git/ostr/linux.git/commit/?id=4610d240
Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
---
Cc: Ian Jackson <ian.jackson@eu.citrix.com>
Cc: Wei Liu <wei.liu2@citrix.com>
---
tools/include/xen-sys/Linux/privcmd.h | 2 ++
tools/libs/devicemodel/compat.c | 9 +++++++++
tools/libs/devicemodel/core.c | 5 +++++
tools/libs/devicemodel/include/xendevicemodel.h | 10 ++++++++++
tools/libs/devicemodel/libxendevicemodel.map | 1 +
tools/libs/devicemodel/linux.c | 11 +++++++++++
tools/libs/devicemodel/private.h | 3 +++
7 files changed, 41 insertions(+)
diff --git a/tools/include/xen-sys/Linux/privcmd.h b/tools/include/xen-sys/Linux/privcmd.h
index c80eb5e..732ff7c 100644
--- a/tools/include/xen-sys/Linux/privcmd.h
+++ b/tools/include/xen-sys/Linux/privcmd.h
@@ -101,5 +101,7 @@ typedef struct privcmd_dm_op {
_IOC(_IOC_NONE, 'P', 4, sizeof(privcmd_mmapbatch_v2_t))
#define IOCTL_PRIVCMD_DM_OP \
_IOC(_IOC_NONE, 'P', 5, sizeof(privcmd_dm_op_t))
+#define IOCTL_PRIVCMD_RESTRICT \
+ _IOC(_IOC_NONE, 'P', 6, sizeof(domid_t))
#endif /* __LINUX_PUBLIC_PRIVCMD_H__ */
diff --git a/tools/libs/devicemodel/compat.c b/tools/libs/devicemodel/compat.c
index 245e907..5b4fdae 100644
--- a/tools/libs/devicemodel/compat.c
+++ b/tools/libs/devicemodel/compat.c
@@ -15,6 +15,8 @@
* License along with this library; If not, see <http://www.gnu.org/licenses/>.
*/
+#include <errno.h>
+
#include "private.h"
int osdep_xendevicemodel_open(xendevicemodel_handle *dmod)
@@ -34,6 +36,13 @@ int osdep_xendevicemodel_op(xendevicemodel_handle *dmod,
return xendevicemodel_xcall(dmod, domid, nr_bufs, bufs);
}
+int osdep_xendevicemodel_restrict(xendevicemodel_handle *dmod,
+ domid_t domid)
+{
+ errno = EOPNOTSUPP;
+ return -1;
+}
+
/*
* Local variables:
* mode: C
diff --git a/tools/libs/devicemodel/core.c b/tools/libs/devicemodel/core.c
index 7e9f893..b4ad00e 100644
--- a/tools/libs/devicemodel/core.c
+++ b/tools/libs/devicemodel/core.c
@@ -492,6 +492,11 @@ int xendevicemodel_inject_event(
return xendevicemodel_op(dmod, domid, 1, &op, sizeof(op));
}
+int xendevicemodel_restrict(xendevicemodel_handle *dmod, domid_t domid)
+{
+ return osdep_xendevicemodel_restrict(dmod, domid);
+}
+
/*
* Local variables:
* mode: C
diff --git a/tools/libs/devicemodel/include/xendevicemodel.h b/tools/libs/devicemodel/include/xendevicemodel.h
index e00f8da..b3f600e 100644
--- a/tools/libs/devicemodel/include/xendevicemodel.h
+++ b/tools/libs/devicemodel/include/xendevicemodel.h
@@ -283,6 +283,16 @@ int xendevicemodel_inject_event(
xendevicemodel_handle *dmod, domid_t domid, int vcpu, uint8_t vector,
uint8_t type, uint32_t error_code, uint8_t insn_len, uint64_t cr2);
+/**
+ * This function restricts the use of this handle to the specified
+ * domain.
+ *
+ * @parm dmod handle to the open devicemodel interface
+ * @parm domid the domain id
+ * @return 0 on success, -1 on failure.
+ */
+int xendevicemodel_restrict(xendevicemodel_handle *dmod, domid_t domid);
+
#endif /* __XEN_TOOLS__ */
#endif /* XENDEVICEMODEL_H */
diff --git a/tools/libs/devicemodel/libxendevicemodel.map b/tools/libs/devicemodel/libxendevicemodel.map
index abc6d06..45c773e 100644
--- a/tools/libs/devicemodel/libxendevicemodel.map
+++ b/tools/libs/devicemodel/libxendevicemodel.map
@@ -17,6 +17,7 @@ VERS_1.0 {
xendevicemodel_modified_memory;
xendevicemodel_set_mem_type;
xendevicemodel_inject_event;
+ xendevicemodel_restrict;
xendevicemodel_close;
local: *; /* Do not expose anything by default */
};
diff --git a/tools/libs/devicemodel/linux.c b/tools/libs/devicemodel/linux.c
index 7511ee7..438c55b 100644
--- a/tools/libs/devicemodel/linux.c
+++ b/tools/libs/devicemodel/linux.c
@@ -112,6 +112,17 @@ int osdep_xendevicemodel_op(xendevicemodel_handle *dmod,
return 0;
}
+int osdep_xendevicemodel_restrict(xendevicemodel_handle *dmod,
+ domid_t domid)
+{
+ if (dmod->fd < 0) {
+ errno = EOPNOTSUPP;
+ return -1;
+ }
+
+ return ioctl(dmod->fd, IOCTL_PRIVCMD_RESTRICT, &domid);
+}
+
/*
* Local variables:
* mode: C
diff --git a/tools/libs/devicemodel/private.h b/tools/libs/devicemodel/private.h
index 5ce3b45..4ce5aac 100644
--- a/tools/libs/devicemodel/private.h
+++ b/tools/libs/devicemodel/private.h
@@ -29,6 +29,9 @@ int osdep_xendevicemodel_op(xendevicemodel_handle *dmod,
domid_t domid, unsigned int nr_bufs,
struct xendevicemodel_buf bufs[]);
+int osdep_xendevicemodel_restrict(
+ xendevicemodel_handle *dmod, domid_t domid);
+
#define PERROR(_f...) \
xtl_log(dmod->logger, XTL_ERROR, errno, "xendevicemodel", _f)
--
2.1.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2017-02-17 10:27 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-17 10:27 [PATCH 1/4] tools/libxendevicemodel: introduce the new library Paul Durrant
2017-02-17 10:27 ` [PATCH 2/4] tools/libxendevicemodel: extract functions and add a compat layer Paul Durrant
2017-02-20 15:09 ` Wei Liu
2017-02-20 15:15 ` Paul Durrant
2017-02-17 10:27 ` [PATCH 3/4] tools/libxendevicemodel: introduce a Linux-specific implementation Paul Durrant
2017-02-20 15:09 ` Wei Liu
2017-02-17 10:27 ` Paul Durrant [this message]
2017-02-20 15:09 ` [PATCH 4/4] tools/libxendevicemodel: add a call to restrict the handle Wei Liu
2017-02-20 15:07 ` [PATCH 1/4] tools/libxendevicemodel: introduce the new library Wei Liu
2017-02-20 15:11 ` Paul Durrant
2017-02-20 15:12 ` Wei Liu
2017-02-20 15:14 ` Paul Durrant
2017-02-20 15:20 ` Wei Liu
2017-02-21 21:59 ` Samuel Thibault
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1487327229-14641-4-git-send-email-paul.durrant@citrix.com \
--to=paul.durrant@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).