From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53435) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmNX-000414-79 for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:36 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dzmNU-0004L1-78 for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:35 -0400 Received: from smtp.citrix.com ([66.165.176.89]:36041) by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71) (envelope-from ) id 1dzmNU-0004Jj-1q for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:32 -0400 From: Ian Jackson Date: Wed, 4 Oct 2017 17:18:06 +0100 Message-ID: <1507133891-26013-4-git-send-email-ian.jackson@eu.citrix.com> In-Reply-To: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> References: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> MIME-Version: 1.0 Content-Type: text/plain Subject: [Qemu-devel] [PATCH 3/8] xen: defer call to xen_restrict until after os_setup_post List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: Ross Lagerwall , Anthony PERARD , xen-devel@lists.xenproject.org, Juergen Gross , Stefano Stabellini , Ian Jackson , xen-devel@nongnu.org, Ian Jackson We need to restrict *all* the control fds that qemu opens. Looking in /proc/PID/fd shows there are many; their allocation seems scattered throughout Xen support code in qemu. We must postpone the restrict call until roughly the same time as qemu changes its uid, chroots (if applicable), and so on. There doesn't seem to be an appropriate hook already. The RunState change hook fires at different times depending on exactly what mode qemu is operating in. And it appears that no-one but the Xen code wants a hook at this phase of execution. So, introduce a bare call to a new function xen_setup_post, just after os_setup_post. Also provide the appropriate stub for when Xen compilation is disabled. Signed-off-by: Ian Jackson --- hw/i386/xen/xen-hvm.c | 8 -------- hw/xen/xen-common.c | 13 +++++++++++++ include/sysemu/sysemu.h | 2 ++ stubs/xen-hvm.c | 5 +++++ vl.c | 1 + 5 files changed, 21 insertions(+), 8 deletions(-) diff --git a/hw/i386/xen/xen-hvm.c b/hw/i386/xen/xen-hvm.c index d9ccd5d..7b60ec6 100644 --- a/hw/i386/xen/xen-hvm.c +++ b/hw/i386/xen/xen-hvm.c @@ -1254,14 +1254,6 @@ void xen_hvm_init(PCMachineState *pcms, MemoryRegion **ram_memory) goto err; } - if (xen_domid_restrict) { - rc = xen_restrict(xen_domid); - if (rc < 0) { - error_report("failed to restrict: error %d", errno); - goto err; - } - } - xen_create_ioreq_server(xen_domid, &state->ioservid); state->exit.notify = xen_exit_notifier; diff --git a/hw/xen/xen-common.c b/hw/xen/xen-common.c index 632a938..4056420 100644 --- a/hw/xen/xen-common.c +++ b/hw/xen/xen-common.c @@ -117,6 +117,19 @@ static void xen_change_state_handler(void *opaque, int running, } } +void xen_setup_post(void) +{ + int rc; + + if (xen_domid_restrict) { + rc = xen_restrict(xen_domid); + if (rc < 0) { + perror("xen: failed to restrict"); + exit(1); + } + } +} + static int xen_init(MachineState *ms) { xen_xc = xc_interface_open(0, 0, 0); diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h index b213696..b064a55 100644 --- a/include/sysemu/sysemu.h +++ b/include/sysemu/sysemu.h @@ -93,6 +93,8 @@ void qemu_remove_machine_init_done_notifier(Notifier *notify); void qemu_announce_self(void); +void xen_setup_post(void); + extern int autostart; typedef enum { diff --git a/stubs/xen-hvm.c b/stubs/xen-hvm.c index 3ca6c51..9701feb 100644 --- a/stubs/xen-hvm.c +++ b/stubs/xen-hvm.c @@ -13,6 +13,7 @@ #include "hw/xen/xen.h" #include "exec/memory.h" #include "qmp-commands.h" +#include "sysemu/sysemu.h" int xen_pci_slot_get_pirq(PCIDevice *pci_dev, int irq_num) { @@ -61,3 +62,7 @@ void xen_hvm_init(PCMachineState *pcms, MemoryRegion **ram_memory) void qmp_xen_set_global_dirty_log(bool enable, Error **errp) { } + +void xen_setup_post(void) +{ +} diff --git a/vl.c b/vl.c index fb1f05b..9e7d541 100644 --- a/vl.c +++ b/vl.c @@ -4793,6 +4793,7 @@ int main(int argc, char **argv, char **envp) } os_setup_post(); + xen_setup_post(); main_loop(); replay_disable_events(); -- 2.1.4 From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ian Jackson Subject: [PATCH 3/8] xen: defer call to xen_restrict until after os_setup_post Date: Wed, 4 Oct 2017 17:18:06 +0100 Message-ID: <1507133891-26013-4-git-send-email-ian.jackson@eu.citrix.com> References: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Return-path: Received: from mail6.bemta6.messagelabs.com ([193.109.254.103]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dzmNW-0006v1-EH for xen-devel@lists.xenproject.org; Wed, 04 Oct 2017 16:18:34 +0000 In-Reply-To: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" To: qemu-devel@nongnu.org Cc: Juergen Gross , Stefano Stabellini , Ian Jackson , Ross Lagerwall , Anthony PERARD , xen-devel@lists.xenproject.org, xen-devel@nongnu.org List-Id: xen-devel@lists.xenproject.org V2UgbmVlZCB0byByZXN0cmljdCAqYWxsKiB0aGUgY29udHJvbCBmZHMgdGhhdCBxZW11IG9wZW5z LiAgTG9va2luZyBpbgovcHJvYy9QSUQvZmQgc2hvd3MgdGhlcmUgYXJlIG1hbnk7IHRoZWlyIGFs bG9jYXRpb24gc2VlbXMgc2NhdHRlcmVkCnRocm91Z2hvdXQgWGVuIHN1cHBvcnQgY29kZSBpbiBx ZW11LgoKV2UgbXVzdCBwb3N0cG9uZSB0aGUgcmVzdHJpY3QgY2FsbCB1bnRpbCByb3VnaGx5IHRo ZSBzYW1lIHRpbWUgYXMgcWVtdQpjaGFuZ2VzIGl0cyB1aWQsIGNocm9vdHMgKGlmIGFwcGxpY2Fi bGUpLCBhbmQgc28gb24uCgpUaGVyZSBkb2Vzbid0IHNlZW0gdG8gYmUgYW4gYXBwcm9wcmlhdGUg aG9vayBhbHJlYWR5LiAgVGhlIFJ1blN0YXRlCmNoYW5nZSBob29rIGZpcmVzIGF0IGRpZmZlcmVu dCB0aW1lcyBkZXBlbmRpbmcgb24gZXhhY3RseSB3aGF0IG1vZGUKcWVtdSBpcyBvcGVyYXRpbmcg aW4uCgpBbmQgaXQgYXBwZWFycyB0aGF0IG5vLW9uZSBidXQgdGhlIFhlbiBjb2RlIHdhbnRzIGEg aG9vayBhdCB0aGlzIHBoYXNlCm9mIGV4ZWN1dGlvbi4gIFNvLCBpbnRyb2R1Y2UgYSBiYXJlIGNh bGwgdG8gYSBuZXcgZnVuY3Rpb24KeGVuX3NldHVwX3Bvc3QsIGp1c3QgYWZ0ZXIgb3Nfc2V0dXBf cG9zdC4gIEFsc28gcHJvdmlkZSB0aGUKYXBwcm9wcmlhdGUgc3R1YiBmb3Igd2hlbiBYZW4gY29t cGlsYXRpb24gaXMgZGlzYWJsZWQuCgpTaWduZWQtb2ZmLWJ5OiBJYW4gSmFja3NvbiA8SWFuLkph Y2tzb25AZXUuY2l0cml4LmNvbT4KLS0tCiBody9pMzg2L3hlbi94ZW4taHZtLmMgICB8ICA4IC0t LS0tLS0tCiBody94ZW4veGVuLWNvbW1vbi5jICAgICB8IDEzICsrKysrKysrKysrKysKIGluY2x1 ZGUvc3lzZW11L3N5c2VtdS5oIHwgIDIgKysKIHN0dWJzL3hlbi1odm0uYyAgICAgICAgIHwgIDUg KysrKysKIHZsLmMgICAgICAgICAgICAgICAgICAgIHwgIDEgKwogNSBmaWxlcyBjaGFuZ2VkLCAy MSBpbnNlcnRpb25zKCspLCA4IGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL2h3L2kzODYveGVu L3hlbi1odm0uYyBiL2h3L2kzODYveGVuL3hlbi1odm0uYwppbmRleCBkOWNjZDVkLi43YjYwZWM2 IDEwMDY0NAotLS0gYS9ody9pMzg2L3hlbi94ZW4taHZtLmMKKysrIGIvaHcvaTM4Ni94ZW4veGVu LWh2bS5jCkBAIC0xMjU0LDE0ICsxMjU0LDYgQEAgdm9pZCB4ZW5faHZtX2luaXQoUENNYWNoaW5l U3RhdGUgKnBjbXMsIE1lbW9yeVJlZ2lvbiAqKnJhbV9tZW1vcnkpCiAgICAgICAgIGdvdG8gZXJy OwogICAgIH0KIAotICAgIGlmICh4ZW5fZG9taWRfcmVzdHJpY3QpIHsKLSAgICAgICAgcmMgPSB4 ZW5fcmVzdHJpY3QoeGVuX2RvbWlkKTsKLSAgICAgICAgaWYgKHJjIDwgMCkgewotICAgICAgICAg ICAgZXJyb3JfcmVwb3J0KCJmYWlsZWQgdG8gcmVzdHJpY3Q6IGVycm9yICVkIiwgZXJybm8pOwot ICAgICAgICAgICAgZ290byBlcnI7Ci0gICAgICAgIH0KLSAgICB9Ci0KICAgICB4ZW5fY3JlYXRl X2lvcmVxX3NlcnZlcih4ZW5fZG9taWQsICZzdGF0ZS0+aW9zZXJ2aWQpOwogCiAgICAgc3RhdGUt PmV4aXQubm90aWZ5ID0geGVuX2V4aXRfbm90aWZpZXI7CmRpZmYgLS1naXQgYS9ody94ZW4veGVu LWNvbW1vbi5jIGIvaHcveGVuL3hlbi1jb21tb24uYwppbmRleCA2MzJhOTM4Li40MDU2NDIwIDEw MDY0NAotLS0gYS9ody94ZW4veGVuLWNvbW1vbi5jCisrKyBiL2h3L3hlbi94ZW4tY29tbW9uLmMK QEAgLTExNyw2ICsxMTcsMTkgQEAgc3RhdGljIHZvaWQgeGVuX2NoYW5nZV9zdGF0ZV9oYW5kbGVy KHZvaWQgKm9wYXF1ZSwgaW50IHJ1bm5pbmcsCiAgICAgfQogfQogCit2b2lkIHhlbl9zZXR1cF9w b3N0KHZvaWQpCit7CisgICAgaW50IHJjOworCisgICAgaWYgKHhlbl9kb21pZF9yZXN0cmljdCkg eworICAgICAgICByYyA9IHhlbl9yZXN0cmljdCh4ZW5fZG9taWQpOworICAgICAgICBpZiAocmMg PCAwKSB7CisgICAgICAgICAgICBwZXJyb3IoInhlbjogZmFpbGVkIHRvIHJlc3RyaWN0Iik7Cisg ICAgICAgICAgICBleGl0KDEpOworICAgICAgICB9CisgICAgfQorfQorCiBzdGF0aWMgaW50IHhl bl9pbml0KE1hY2hpbmVTdGF0ZSAqbXMpCiB7CiAgICAgeGVuX3hjID0geGNfaW50ZXJmYWNlX29w ZW4oMCwgMCwgMCk7CmRpZmYgLS1naXQgYS9pbmNsdWRlL3N5c2VtdS9zeXNlbXUuaCBiL2luY2x1 ZGUvc3lzZW11L3N5c2VtdS5oCmluZGV4IGIyMTM2OTYuLmIwNjRhNTUgMTAwNjQ0Ci0tLSBhL2lu Y2x1ZGUvc3lzZW11L3N5c2VtdS5oCisrKyBiL2luY2x1ZGUvc3lzZW11L3N5c2VtdS5oCkBAIC05 Myw2ICs5Myw4IEBAIHZvaWQgcWVtdV9yZW1vdmVfbWFjaGluZV9pbml0X2RvbmVfbm90aWZpZXIo Tm90aWZpZXIgKm5vdGlmeSk7CiAKIHZvaWQgcWVtdV9hbm5vdW5jZV9zZWxmKHZvaWQpOwogCit2 b2lkIHhlbl9zZXR1cF9wb3N0KHZvaWQpOworCiBleHRlcm4gaW50IGF1dG9zdGFydDsKIAogdHlw ZWRlZiBlbnVtIHsKZGlmZiAtLWdpdCBhL3N0dWJzL3hlbi1odm0uYyBiL3N0dWJzL3hlbi1odm0u YwppbmRleCAzY2E2YzUxLi45NzAxZmViIDEwMDY0NAotLS0gYS9zdHVicy94ZW4taHZtLmMKKysr IGIvc3R1YnMveGVuLWh2bS5jCkBAIC0xMyw2ICsxMyw3IEBACiAjaW5jbHVkZSAiaHcveGVuL3hl bi5oIgogI2luY2x1ZGUgImV4ZWMvbWVtb3J5LmgiCiAjaW5jbHVkZSAicW1wLWNvbW1hbmRzLmgi CisjaW5jbHVkZSAic3lzZW11L3N5c2VtdS5oIgogCiBpbnQgeGVuX3BjaV9zbG90X2dldF9waXJx KFBDSURldmljZSAqcGNpX2RldiwgaW50IGlycV9udW0pCiB7CkBAIC02MSwzICs2Miw3IEBAIHZv aWQgeGVuX2h2bV9pbml0KFBDTWFjaGluZVN0YXRlICpwY21zLCBNZW1vcnlSZWdpb24gKipyYW1f bWVtb3J5KQogdm9pZCBxbXBfeGVuX3NldF9nbG9iYWxfZGlydHlfbG9nKGJvb2wgZW5hYmxlLCBF cnJvciAqKmVycnApCiB7CiB9CisKK3ZvaWQgeGVuX3NldHVwX3Bvc3Qodm9pZCkKK3sKK30KZGlm ZiAtLWdpdCBhL3ZsLmMgYi92bC5jCmluZGV4IGZiMWYwNWIuLjllN2Q1NDEgMTAwNjQ0Ci0tLSBh L3ZsLmMKKysrIGIvdmwuYwpAQCAtNDc5Myw2ICs0NzkzLDcgQEAgaW50IG1haW4oaW50IGFyZ2Ms IGNoYXIgKiphcmd2LCBjaGFyICoqZW52cCkKICAgICB9CiAKICAgICBvc19zZXR1cF9wb3N0KCk7 CisgICAgeGVuX3NldHVwX3Bvc3QoKTsKIAogICAgIG1haW5fbG9vcCgpOwogICAgIHJlcGxheV9k aXNhYmxlX2V2ZW50cygpOwotLSAKMi4xLjQKCgpfX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fXwpYZW4tZGV2ZWwgbWFpbGluZyBsaXN0Clhlbi1kZXZlbEBsaXN0 cy54ZW4ub3JnCmh0dHBzOi8vbGlzdHMueGVuLm9yZy94ZW4tZGV2ZWwK