From: Ian Jackson <ian.jackson@eu.citrix.com>
Date: Fri, 15 Sep 2017 10:44:58 +0000 (+0100)
Subject: xentoolcore_restrict_all: "Implement" for libxencall
X-Git-Tag: archive/raspbian/4.11.1-1+rpi1~1^2~66^2~1152
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=8d201cae61dbbbca8ead7b05e8c701d86d37542b;p=xen.git

xentoolcore_restrict_all: "Implement" for libxencall

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Acked-by: Wei Liu <wei.liu2@citrix.com>
---

diff --git a/tools/Rules.mk b/tools/Rules.mk
index 9b2fe36619..71037a1c1e 100644
--- a/tools/Rules.mk
+++ b/tools/Rules.mk
@@ -119,7 +119,7 @@ LDLIBS_libxengnttab = $(SHDEPS_libxengnttab) $(XEN_LIBXENGNTTAB)/libxengnttab$(l
 SHLIB_libxengnttab  = $(SHDEPS_libxengnttab) -Wl,-rpath-link=$(XEN_LIBXENGNTTAB)
 
 CFLAGS_libxencall = -I$(XEN_LIBXENCALL)/include $(CFLAGS_xeninclude)
-SHDEPS_libxencall =
+SHDEPS_libxencall = $(SHLIB_libxentoolcore)
 LDLIBS_libxencall = $(SHDEPS_libxencall) $(XEN_LIBXENCALL)/libxencall$(libextension)
 SHLIB_libxencall  = $(SHDEPS_libxencall) -Wl,-rpath-link=$(XEN_LIBXENCALL)
 
diff --git a/tools/libs/call/Makefile b/tools/libs/call/Makefile
index 1ccd5fd8b0..39dd207428 100644
--- a/tools/libs/call/Makefile
+++ b/tools/libs/call/Makefile
@@ -7,7 +7,7 @@ SHLIB_LDFLAGS += -Wl,--version-script=libxencall.map
 
 CFLAGS   += -Werror -Wmissing-prototypes
 CFLAGS   += -I./include $(CFLAGS_xeninclude)
-CFLAGS   += $(CFLAGS_libxentoollog)
+CFLAGS   += $(CFLAGS_libxentoollog) $(CFLAGS_libxentoolcore)
 
 SRCS-y                 += core.c buffer.c
 SRCS-$(CONFIG_Linux)   += linux.c
@@ -62,7 +62,7 @@ libxencall.so.$(MAJOR): libxencall.so.$(MAJOR).$(MINOR)
 	$(SYMLINK_SHLIB) $< $@
 
 libxencall.so.$(MAJOR).$(MINOR): $(PIC_OBJS) libxencall.map
-	$(CC) $(LDFLAGS) $(PTHREAD_LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxencall.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(LDLIBS_libxentoollog) $(APPEND_LDFLAGS)
+	$(CC) $(LDFLAGS) $(PTHREAD_LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxencall.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(LDLIBS_libxentoollog) $(LDLIBS_libxentoolcore) $(APPEND_LDFLAGS)
 
 .PHONY: install
 install: build
diff --git a/tools/libs/call/core.c b/tools/libs/call/core.c
index 5ca037237f..8d1b11bb79 100644
--- a/tools/libs/call/core.c
+++ b/tools/libs/call/core.c
@@ -15,8 +15,41 @@
 
 #include <stdlib.h>
 
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+
 #include "private.h"
 
+static int all_restrict_cb(Xentoolcore__Active_Handle *ah, uint32_t domid) {
+    xencall_handle *xcall = CONTAINER_OF(ah, *xcall, tc_ah);
+    int nullfd = -1, r;
+
+    if (xcall->fd < 0)
+        /* just in case */
+        return 0;
+
+    /*
+     * We don't implement a restrict function.  We neuter the fd by
+     * dup'ing /dev/null onto it.  This is better than closing it,
+     * because it does not involve locking against concurrent uses
+     * of xencall in other threads.
+     */
+    nullfd = open("/dev/null", O_RDONLY);
+    if (nullfd < 0) goto err;
+
+    r = dup2(nullfd, xcall->fd);
+    if (r < 0) goto err;
+
+    close(nullfd);
+    return 0;
+
+err:
+    if (nullfd >= 0) close(nullfd);
+    return -1;
+}
+
 xencall_handle *xencall_open(xentoollog_logger *logger, unsigned open_flags)
 {
     xencall_handle *xcall = malloc(sizeof(*xcall));
@@ -25,6 +58,8 @@ xencall_handle *xencall_open(xentoollog_logger *logger, unsigned open_flags)
     if (!xcall) return NULL;
 
     xcall->fd = -1;
+    xcall->tc_ah.restrict_callback = all_restrict_cb;
+    xentoolcore__register_active_handle(&xcall->tc_ah);
 
     xcall->flags = open_flags;
     xcall->buffer_cache_nr = 0;
@@ -53,6 +88,7 @@ xencall_handle *xencall_open(xentoollog_logger *logger, unsigned open_flags)
 
 err:
     osdep_xencall_close(xcall);
+    xentoolcore__deregister_active_handle(&xcall->tc_ah);
     xtl_logger_destroy(xcall->logger_tofree);
     free(xcall);
     return NULL;
@@ -66,6 +102,7 @@ int xencall_close(xencall_handle *xcall)
         return 0;
 
     rc = osdep_xencall_close(xcall);
+    xentoolcore__deregister_active_handle(&xcall->tc_ah);
     buffer_release_cache(xcall);
     xtl_logger_destroy(xcall->logger_tofree);
     free(xcall);
diff --git a/tools/libs/call/linux.c b/tools/libs/call/linux.c
index e8e03111ab..3f1b691fe7 100644
--- a/tools/libs/call/linux.c
+++ b/tools/libs/call/linux.c
@@ -21,6 +21,10 @@
 #include <fcntl.h>
 #include <unistd.h>
 
+#include <stdlib.h>
+#include <assert.h>
+#include <stdio.h>
+
 #include <sys/mman.h>
 #include <sys/ioctl.h>
 
diff --git a/tools/libs/call/private.h b/tools/libs/call/private.h
index 37dd15ff0b..533f0c4a8b 100644
--- a/tools/libs/call/private.h
+++ b/tools/libs/call/private.h
@@ -2,6 +2,7 @@
 #define XENCALL_PRIVATE_H
 
 #include <xentoollog.h>
+#include <xentoolcore_internal.h>
 
 #include <xencall.h>
 
@@ -20,6 +21,7 @@ struct xencall_handle {
     xentoollog_logger *logger, *logger_tofree;
     unsigned flags;
     int fd;
+    Xentoolcore__Active_Handle tc_ah;
 
     /*
      * A simple cache of unused, single page, hypercall buffers
diff --git a/tools/libs/call/xencall.pc.in b/tools/libs/call/xencall.pc.in
index 475c1339aa..409773e535 100644
--- a/tools/libs/call/xencall.pc.in
+++ b/tools/libs/call/xencall.pc.in
@@ -7,4 +7,4 @@ Description: The Xencall library for Xen hypervisor
 Version: @@version@@
 Cflags: -I${includedir} @@cflagslocal@@
 Libs: @@libsflag@@${libdir} -lxencall
-Requires.private: xentoollog
+Requires.private: xentoollog,xentoolcore