From: Ian Jackson <ian.jackson@eu.citrix.com>
To: xen-devel@lists.xensource.com
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>,
Stefano Stabellini <sstabellini@kernel.org>,
Wei Liu <wei.liu2@citrix.com>
Subject: [PATCH 09/22] xentoolcore_restrict: Break out xentoolcore__restrict_by_dup2_null
Date: Fri, 15 Sep 2017 19:48:46 +0100 [thread overview]
Message-ID: <1505501339-11965-10-git-send-email-ian.jackson@eu.citrix.com> (raw)
In-Reply-To: <1505501339-11965-1-git-send-email-ian.jackson@eu.citrix.com>
Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
---
tools/libs/call/core.c | 30 +---------------------
tools/libs/toolcore/handlereg.c | 26 +++++++++++++++++++
tools/libs/toolcore/include/xentoolcore_internal.h | 12 +++++++++
tools/libs/toolcore/libxentoolcore.map | 1 +
4 files changed, 40 insertions(+), 29 deletions(-)
diff --git a/tools/libs/call/core.c b/tools/libs/call/core.c
index 11ecc87..d6ce73d 100644
--- a/tools/libs/call/core.c
+++ b/tools/libs/call/core.c
@@ -15,39 +15,11 @@
#include <stdlib.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <unistd.h>
-
#include "private.h"
static int all_restrict_cb(Xentoolcore__Active_Handle *ah, uint32_t domid) {
xencall_handle *xcall = CONTAINER_OF(ah, *xcall, tc_ah);
- int nullfd = -1, r;
-
- if (xcall->fd < 0)
- /* just in case */
- return 0;
-
- /*
- * We don't implement a restrict function. We neuter the fd by
- * dup'ing /dev/null onto it. This is better than closing it,
- * because it does not involve locking against concurrent uses
- * of xencall in other threads.
- */
- nullfd = open("/dev/null",O_RDONLY);
- if (nullfd < 0) goto err;
-
- r = dup2(nullfd, xcall->fd);
- if (r < 0) goto err;
-
- close(nullfd);
- return 0;
-
-err:
- if (nullfd >= 0) close(nullfd);
- return -1;
+ return xentoolcore__restrict_by_dup2_null(xcall->fd);
}
xencall_handle *xencall_open(xentoollog_logger *logger, unsigned open_flags)
diff --git a/tools/libs/toolcore/handlereg.c b/tools/libs/toolcore/handlereg.c
index cfd01a2..56d8b2d 100644
--- a/tools/libs/toolcore/handlereg.c
+++ b/tools/libs/toolcore/handlereg.c
@@ -22,6 +22,11 @@
#include "xentoolcore_internal.h"
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+
#include <pthread.h>
#include <assert.h>
@@ -67,6 +72,27 @@ int xentoolcore_restrict_all(uint32_t domid) {
return r;
}
+int xentoolcore__restrict_by_dup2_null(int fd) {
+ int nullfd = -1, r;
+
+ if (fd < 0)
+ /* just in case */
+ return 0;
+
+ nullfd = open("/dev/null",O_RDONLY);
+ if (nullfd < 0) goto err;
+
+ r = dup2(nullfd, fd);
+ if (r < 0) goto err;
+
+ close(nullfd);
+ return 0;
+
+err:
+ if (nullfd >= 0) close(nullfd);
+ return -1;
+}
+
/*
* Local variables:
* mode: C
diff --git a/tools/libs/toolcore/include/xentoolcore_internal.h b/tools/libs/toolcore/include/xentoolcore_internal.h
index 27497d6..7e96a48 100644
--- a/tools/libs/toolcore/include/xentoolcore_internal.h
+++ b/tools/libs/toolcore/include/xentoolcore_internal.h
@@ -91,6 +91,18 @@ struct Xentoolcore__Active_Handle {
void xentoolcore__register_active_handle(Xentoolcore__Active_Handle*);
void xentoolcore__deregister_active_handle(Xentoolcore__Active_Handle*);
+/*
+ * Utility function for use in restrict_callback in libraries whose
+ * handles don't have a useful restrict function. We neuter the fd by
+ * dup'ing /dev/null onto it. This is better than closing it, because
+ * it does not involve locking against concurrent uses of in other
+ * threads.
+ *
+ * Returns the value that restrict_callback should return.
+ * fd may be < 0.
+ */
+int xentoolcore__restrict_by_dup2_null(int fd);
+
/* ---------- convenient stuff ---------- */
/*
diff --git a/tools/libs/toolcore/libxentoolcore.map b/tools/libs/toolcore/libxentoolcore.map
index eb5d251..0b7d925 100644
--- a/tools/libs/toolcore/libxentoolcore.map
+++ b/tools/libs/toolcore/libxentoolcore.map
@@ -3,5 +3,6 @@ VERS_1.0 {
xentoolcore_restrict_all;
xentoolcore__register_active_handle;
xentoolcore__deregister_active_handle;
+ xentoolcore__restrict_by_dup2_null;
local: *; /* Do not expose anything by default */
};
--
2.1.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2017-09-15 18:48 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-15 18:48 [PATCH 00/22] Provide some actual restriction of qemu Ian Jackson
2017-09-15 18:48 ` [PATCH 01/22] xen: Provide XEN_DMOP_remote_shutdown Ian Jackson
2017-09-18 9:44 ` Jan Beulich
2017-09-18 13:57 ` Ian Jackson
2017-09-18 14:16 ` Jan Beulich
2017-09-18 14:18 ` Wei Liu
2017-09-15 18:48 ` [PATCH 02/22] tools: libxendevicemodel: Provide xendevicemodel_shutdown Ian Jackson
2017-09-18 14:18 ` Wei Liu
2017-09-18 17:09 ` Ian Jackson
2017-09-15 18:48 ` [PATCH 03/22] xentoolcore, _restrict_all: Introduce new library and implementation Ian Jackson
2017-09-18 14:52 ` Wei Liu
2017-09-18 16:08 ` Ian Jackson
2017-09-19 8:52 ` Wei Liu
2017-09-19 8:52 ` Wei Liu
2017-09-19 10:42 ` Ian Jackson
2017-09-19 9:33 ` Wei Liu
2017-09-19 10:47 ` Ian Jackson
2017-09-19 10:57 ` Wei Liu
2017-09-19 11:04 ` Ian Jackson
2017-09-20 15:24 ` Wei Liu
2017-09-15 18:48 ` [PATCH 04/22] tools: qemu-xen build: prepare to link against xentoolcore Ian Jackson
2017-09-19 8:52 ` Wei Liu
2017-09-15 18:48 ` [PATCH 05/22] libxl: #include "xentoolcore_internal.h" Ian Jackson
2017-09-19 8:53 ` Wei Liu
2017-09-15 18:48 ` [PATCH 06/22] tools: move CONTAINER_OF to xentoolcore_internal.h Ian Jackson
2017-09-19 8:53 ` Wei Liu
2017-09-15 18:48 ` [PATCH 07/22] xentoolcore_restrict_all: Implement for libxendevicemodel Ian Jackson
2017-09-19 9:37 ` Wei Liu
2017-09-15 18:48 ` [PATCH 08/22] xentoolcore_restrict_all: "Implement" for libxencall Ian Jackson
2017-09-19 9:38 ` Wei Liu
2017-09-19 10:49 ` Ian Jackson
2017-09-15 18:48 ` Ian Jackson [this message]
2017-09-19 9:38 ` [PATCH 09/22] xentoolcore_restrict: Break out xentoolcore__restrict_by_dup2_null Wei Liu
2017-09-15 18:48 ` [PATCH 10/22] xentoolcore_restrict_all: Implement for libxenforeignmemory Ian Jackson
2017-09-19 9:40 ` Wei Liu
2017-09-19 10:51 ` Ian Jackson
2017-09-19 10:58 ` Wei Liu
2017-09-19 11:08 ` Ian Jackson
2017-09-20 15:25 ` Wei Liu
2017-09-21 16:18 ` Ian Jackson
2017-09-15 18:48 ` [PATCH 11/22] xentoolcore_restrict_all: Declare problems due to no evtchn support Ian Jackson
2017-09-19 9:40 ` Wei Liu
2017-09-15 18:48 ` [PATCH 12/22] xentoolcore_restrict_all: "Implement" for xengnttab Ian Jackson
2017-09-19 9:41 ` Wei Liu
2017-09-15 18:48 ` [PATCH 13/22] tools/xenstore: get_handle: use "goto err" error handling style Ian Jackson
2017-09-19 9:42 ` Wei Liu
2017-09-15 18:48 ` [PATCH 14/22] tools/xenstore: get_handle: Allocate struct before opening fd Ian Jackson
2017-09-19 9:43 ` Wei Liu
2017-09-15 18:48 ` [PATCH 15/22] xentoolcore_restrict_all: "Implement" for xenstore Ian Jackson
2017-09-19 9:43 ` Wei Liu
2017-09-15 18:48 ` [PATCH 16/22] xentoolcore, _restrict_all: Document implementation "complete" Ian Jackson
2017-09-18 14:49 ` Wei Liu
2017-09-18 16:06 ` Ian Jackson
2017-09-15 18:48 ` [PATCH 17/22] xl, libxl: Provide dm_restrict Ian Jackson
2017-09-19 9:48 ` Wei Liu
2017-09-19 10:54 ` Ian Jackson
2017-09-15 18:48 ` [PATCH 18/22] libxl: Rationalise calculation of user to run qemu as Ian Jackson
2017-09-18 14:49 ` Wei Liu
2017-09-15 18:48 ` [PATCH 19/22] libxl: libxl__dm_runas_helper: return pwd Ian Jackson
2017-09-19 9:48 ` Wei Liu
2017-09-15 18:48 ` [PATCH 20/22] libxl: userlookup_helper_getpwnam rename and turn into a macro Ian Jackson
2017-09-19 9:50 ` Wei Liu
2017-09-19 10:57 ` Ian Jackson
2017-09-15 18:48 ` [PATCH 21/22] libxl: dm_restrict: Support uid range user Ian Jackson
2017-09-15 18:48 ` [PATCH 22/22] RFC: tools: xentoolcore_restrict_all: use domid_t Ian Jackson
2017-09-19 10:02 ` Wei Liu
2017-09-19 11:01 ` Ian Jackson
2017-09-20 15:28 ` Wei Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1505501339-11965-10-git-send-email-ian.jackson@eu.citrix.com \
--to=ian.jackson@eu.citrix.com \
--cc=sstabellini@kernel.org \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).