From mboxrd@z Thu Jan 1 00:00:00 1970 From: Daniel De Graaf Subject: Re: [PATCH 16/18] xenstored: use domain_is_unprivileged instead of checking conn->id Date: Wed, 18 Jan 2012 13:31:21 -0500 Message-ID: <4F170FF9.2010201@tycho.nsa.gov> References: <1326302490-19428-1-git-send-email-dgdegra@tycho.nsa.gov> <1326411330-7915-1-git-send-email-dgdegra@tycho.nsa.gov> <1326411330-7915-17-git-send-email-dgdegra@tycho.nsa.gov> <1326887077.14689.214.camel@zakaz.uk.xensource.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1326887077.14689.214.camel@zakaz.uk.xensource.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Ian Campbell Cc: "xen-devel@lists.xensource.com" List-Id: xen-devel@lists.xenproject.org On 01/18/2012 06:44 AM, Ian Campbell wrote: > On Thu, 2012-01-12 at 23:35 +0000, Daniel De Graaf wrote: >> This centralizes all the permission checking for privileged domains in >> preparation for allowing domains other than dom0 to be privileged. >> >> Signed-off-by: Daniel De Graaf >> --- >> tools/xenstore/xenstored_core.c | 6 +++--- >> tools/xenstore/xenstored_domain.c | 8 ++++---- >> 2 files changed, 7 insertions(+), 7 deletions(-) >> >> diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c >> index 4ec63f1..eea5fd6 100644 >> --- a/tools/xenstore/xenstored_core.c >> +++ b/tools/xenstore/xenstored_core.c >> @@ -488,7 +488,7 @@ static enum xs_perm_type perm_for_conn(struct connection *conn, >> mask &= ~XS_PERM_WRITE; >> >> /* Owners and tools get it all... */ >> - if (!conn->id || perms[0].id == conn->id >> + if (!domain_is_unprivileged(conn) || perms[0].id == conn->id > > domain_is_unprivileged is: > conn && conn->domain && conn->domain->domid != 0 > > which isn't quite the same as the code being replaced. The difference > appears to be the conn->id is valid for socket connections as well as > domain connections whereas conn->domain is only present for domain > connections. > > Does this change not mean that, for the dom0-process xenstored > configuration we now treat socket based connections as unprivileged > where previously they would be unprivileged? No. For dom0 socket connections, conn->domain is NULL so the connection is not unprivileged (making it privileged). This is why sane people do not make boolean functions test for "un" cases :)