From patchwork Wed Oct 4 16:18:04 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian Jackson X-Patchwork-Id: 821384 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=2001:4830:134:3::11; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3y6h1K2DF6z9sxR for ; Thu, 5 Oct 2017 03:19:17 +1100 (AEDT) Received: from localhost ([::1]:36018 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmOB-00041U-Dd for incoming@patchwork.ozlabs.org; Wed, 04 Oct 2017 12:19:15 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53437) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmNX-000416-7F for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:36 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dzmNT-0004Ks-V9 for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:35 -0400 Received: from smtp.citrix.com ([66.165.176.89]:36041) by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71) (envelope-from ) id 1dzmNT-0004Jj-Oz for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:31 -0400 X-IronPort-AV: E=Sophos;i="5.42,477,1500940800"; d="scan'208";a="442509647" From: Ian Jackson To: Date: Wed, 4 Oct 2017 17:18:04 +0100 Message-ID: <1507133891-26013-2-git-send-email-ian.jackson@eu.citrix.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> References: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 66.165.176.89 Subject: [Qemu-devel] [PATCH 1/8] xen: link against xentoolcore X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Stefano Stabellini , Ian Jackson , Ross Lagerwall , Anthony PERARD , xen-devel@lists.xenproject.org, xen-devel@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" From: Anthony PERARD Xen libraries 4.10 will include a new xentoolcore library, without which xendevicemodel et al will not work. Signed-off-by: Ian Jackson --- configure | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/configure b/configure index fd7e3a5..6f691df 100755 --- a/configure +++ b/configure @@ -2072,7 +2072,7 @@ if test "$xen" != "no" ; then $($pkg_config --modversion xencontrol | sed 's/\./ /g') )" xen=yes xen_pc="xencontrol xenstore xenguest xenforeignmemory xengnttab" - xen_pc="$xen_pc xenevtchn xendevicemodel" + xen_pc="$xen_pc xenevtchn xendevicemodel xentoolcore" QEMU_CFLAGS="$QEMU_CFLAGS $($pkg_config --cflags $xen_pc)" libs_softmmu="$($pkg_config --libs $xen_pc) $libs_softmmu" LDFLAGS="$($pkg_config --libs $xen_pc) $LDFLAGS" @@ -2104,18 +2104,20 @@ EOF cat > $TMPC < +#include int main(void) { xenforeignmemory_handle *xfmem; xfmem = xenforeignmemory_open(0, 0); xenforeignmemory_map2(xfmem, 0, 0, 0, 0, 0, 0, 0); + xentoolcore_restrict_all(0); return 0; } EOF - compile_prog "" "$xen_libs -lxendevicemodel $xen_stable_libs" + compile_prog "" "$xen_libs -lxendevicemodel $xen_stable_libs -lxentoolcore" then - xen_stable_libs="-lxendevicemodel $xen_stable_libs" + xen_stable_libs="-lxendevicemodel $xen_stable_libs -lxentoolcore" xen_ctrl_version=41000 xen=yes elif From patchwork Wed Oct 4 16:18:05 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian Jackson X-Patchwork-Id: 821387 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=2001:4830:134:3::11; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3y6h2T0PB7z9sxR for ; Thu, 5 Oct 2017 03:20:17 +1100 (AEDT) Received: from localhost ([::1]:36021 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmP9-0004fA-2J for incoming@patchwork.ozlabs.org; Wed, 04 Oct 2017 12:20:15 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53848) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmOK-0004bV-J3 for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:19:25 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dzmOH-0004z6-Ax for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:19:24 -0400 Received: from smtp02.citrix.com ([66.165.176.63]:9557) by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71) (envelope-from ) id 1dzmOH-0004yD-5Q for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:19:21 -0400 X-IronPort-AV: E=Sophos;i="5.42,477,1500940800"; d="scan'208";a="450479836" From: Ian Jackson To: Date: Wed, 4 Oct 2017 17:18:05 +0100 Message-ID: <1507133891-26013-3-git-send-email-ian.jackson@eu.citrix.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> References: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 66.165.176.63 Subject: [Qemu-devel] [PATCH 2/8] xen: restrict: use xentoolcore_restrict_all X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Stefano Stabellini , Ian Jackson , Ross Lagerwall , Anthony PERARD , xen-devel@lists.xenproject.org, xen-devel@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" And insist that it works. Drop individual use of xendevicemodel_restrict and xenforeignmemory_restrict. These are not actually effective in this version of qemu, because qemu has a large number of fds open onto various Xen control devices. The restriction arrangements are still not right, because the restriction needs to be done very late - after qemu has opened all of its control fds. xentoolcore_restrict_all and xentoolcore.h are available in Xen 4.10 and later, only. Provide a compatibility stub. And drop the compatibility stubs for the old functions. Signed-off-by: Ian Jackson --- v2: Modify the compatibility code, too. Bump this patch ahead of "defer call to xen_restrict until running" Retain call to xentoolcore_restrict_all Signed-off-by: Ian Jackson --- include/hw/xen/xen_common.h | 46 +++++++++++---------------------------------- 1 file changed, 11 insertions(+), 35 deletions(-) diff --git a/include/hw/xen/xen_common.h b/include/hw/xen/xen_common.h index 86c7f26..3f44a63 100644 --- a/include/hw/xen/xen_common.h +++ b/include/hw/xen/xen_common.h @@ -91,6 +91,16 @@ static inline void *xenforeignmemory_map2(xenforeignmemory_handle *h, return xenforeignmemory_map(h, dom, prot, pages, arr, err); } +static inline int xentoolcore_restrict_all(domid_t domid) +{ + errno = ENOTTY; + return -1; +} + +#else /* CONFIG_XEN_CTRL_INTERFACE_VERSION >= 41000 */ + +#include + #endif #if CONFIG_XEN_CTRL_INTERFACE_VERSION < 40900 @@ -218,20 +228,6 @@ static inline int xendevicemodel_set_mem_type( return xc_hvm_set_mem_type(dmod, domid, mem_type, first_pfn, nr); } -static inline int xendevicemodel_restrict( - xendevicemodel_handle *dmod, domid_t domid) -{ - errno = ENOTTY; - return -1; -} - -static inline int xenforeignmemory_restrict( - xenforeignmemory_handle *fmem, domid_t domid) -{ - errno = ENOTTY; - return -1; -} - #else /* CONFIG_XEN_CTRL_INTERFACE_VERSION >= 40900 */ #undef XC_WANT_COMPAT_DEVICEMODEL_API @@ -290,28 +286,8 @@ static inline int xen_modified_memory(domid_t domid, uint64_t first_pfn, static inline int xen_restrict(domid_t domid) { int rc; - - /* Attempt to restrict devicemodel operations */ - rc = xendevicemodel_restrict(xen_dmod, domid); + rc = xentoolcore_restrict_all(domid); trace_xen_domid_restrict(rc ? errno : 0); - - if (rc < 0) { - /* - * If errno is ENOTTY then restriction is not implemented so - * there's no point in trying to restrict other types of - * operation, but it should not be treated as a failure. - */ - if (errno == ENOTTY) { - return 0; - } - - return rc; - } - - /* Restrict foreignmemory operations */ - rc = xenforeignmemory_restrict(xen_fmem, domid); - trace_xen_domid_restrict(rc ? errno : 0); - return rc; } From patchwork Wed Oct 4 16:18:06 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian Jackson X-Patchwork-Id: 821388 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=2001:4830:134:3::11; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3y6h4M4GnMz9sxR for ; Thu, 5 Oct 2017 03:21:54 +1100 (AEDT) Received: from localhost ([::1]:36033 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmQh-0006Fy-O8 for incoming@patchwork.ozlabs.org; Wed, 04 Oct 2017 12:21:51 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53435) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmNX-000414-79 for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:36 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dzmNU-0004L1-78 for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:35 -0400 Received: from smtp.citrix.com ([66.165.176.89]:36041) by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71) (envelope-from ) id 1dzmNU-0004Jj-1q for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:32 -0400 X-IronPort-AV: E=Sophos;i="5.42,477,1500940800"; d="scan'208";a="442509649" From: Ian Jackson To: Date: Wed, 4 Oct 2017 17:18:06 +0100 Message-ID: <1507133891-26013-4-git-send-email-ian.jackson@eu.citrix.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> References: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 66.165.176.89 Subject: [Qemu-devel] [PATCH 3/8] xen: defer call to xen_restrict until after os_setup_post X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Stefano Stabellini , Ian Jackson , Ross Lagerwall , Anthony PERARD , xen-devel@lists.xenproject.org, xen-devel@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" We need to restrict *all* the control fds that qemu opens. Looking in /proc/PID/fd shows there are many; their allocation seems scattered throughout Xen support code in qemu. We must postpone the restrict call until roughly the same time as qemu changes its uid, chroots (if applicable), and so on. There doesn't seem to be an appropriate hook already. The RunState change hook fires at different times depending on exactly what mode qemu is operating in. And it appears that no-one but the Xen code wants a hook at this phase of execution. So, introduce a bare call to a new function xen_setup_post, just after os_setup_post. Also provide the appropriate stub for when Xen compilation is disabled. Signed-off-by: Ian Jackson --- hw/i386/xen/xen-hvm.c | 8 -------- hw/xen/xen-common.c | 13 +++++++++++++ include/sysemu/sysemu.h | 2 ++ stubs/xen-hvm.c | 5 +++++ vl.c | 1 + 5 files changed, 21 insertions(+), 8 deletions(-) diff --git a/hw/i386/xen/xen-hvm.c b/hw/i386/xen/xen-hvm.c index d9ccd5d..7b60ec6 100644 --- a/hw/i386/xen/xen-hvm.c +++ b/hw/i386/xen/xen-hvm.c @@ -1254,14 +1254,6 @@ void xen_hvm_init(PCMachineState *pcms, MemoryRegion **ram_memory) goto err; } - if (xen_domid_restrict) { - rc = xen_restrict(xen_domid); - if (rc < 0) { - error_report("failed to restrict: error %d", errno); - goto err; - } - } - xen_create_ioreq_server(xen_domid, &state->ioservid); state->exit.notify = xen_exit_notifier; diff --git a/hw/xen/xen-common.c b/hw/xen/xen-common.c index 632a938..4056420 100644 --- a/hw/xen/xen-common.c +++ b/hw/xen/xen-common.c @@ -117,6 +117,19 @@ static void xen_change_state_handler(void *opaque, int running, } } +void xen_setup_post(void) +{ + int rc; + + if (xen_domid_restrict) { + rc = xen_restrict(xen_domid); + if (rc < 0) { + perror("xen: failed to restrict"); + exit(1); + } + } +} + static int xen_init(MachineState *ms) { xen_xc = xc_interface_open(0, 0, 0); diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h index b213696..b064a55 100644 --- a/include/sysemu/sysemu.h +++ b/include/sysemu/sysemu.h @@ -93,6 +93,8 @@ void qemu_remove_machine_init_done_notifier(Notifier *notify); void qemu_announce_self(void); +void xen_setup_post(void); + extern int autostart; typedef enum { diff --git a/stubs/xen-hvm.c b/stubs/xen-hvm.c index 3ca6c51..9701feb 100644 --- a/stubs/xen-hvm.c +++ b/stubs/xen-hvm.c @@ -13,6 +13,7 @@ #include "hw/xen/xen.h" #include "exec/memory.h" #include "qmp-commands.h" +#include "sysemu/sysemu.h" int xen_pci_slot_get_pirq(PCIDevice *pci_dev, int irq_num) { @@ -61,3 +62,7 @@ void xen_hvm_init(PCMachineState *pcms, MemoryRegion **ram_memory) void qmp_xen_set_global_dirty_log(bool enable, Error **errp) { } + +void xen_setup_post(void) +{ +} diff --git a/vl.c b/vl.c index fb1f05b..9e7d541 100644 --- a/vl.c +++ b/vl.c @@ -4793,6 +4793,7 @@ int main(int argc, char **argv, char **envp) } os_setup_post(); + xen_setup_post(); main_loop(); replay_disable_events(); From patchwork Wed Oct 4 16:18:07 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian Jackson X-Patchwork-Id: 821390 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=2001:4830:134:3::11; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3y6h7r27lNz9sxR for ; Thu, 5 Oct 2017 03:24:56 +1100 (AEDT) Received: from localhost ([::1]:36046 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmTe-0000ox-Do for incoming@patchwork.ozlabs.org; Wed, 04 Oct 2017 12:24:54 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53873) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmOL-0004cO-QL for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:19:26 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dzmOK-00050z-Sq for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:19:25 -0400 Received: from smtp02.citrix.com ([66.165.176.63]:9557) by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71) (envelope-from ) id 1dzmOK-0004yD-MX for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:19:24 -0400 X-IronPort-AV: E=Sophos;i="5.42,477,1500940800"; d="scan'208";a="450479838" From: Ian Jackson To: Date: Wed, 4 Oct 2017 17:18:07 +0100 Message-ID: <1507133891-26013-5-git-send-email-ian.jackson@eu.citrix.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> References: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 66.165.176.63 Subject: [Qemu-devel] [PATCH 4/8] xen: destroy_hvm_domain: Move reason into a variable X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Stefano Stabellini , Ian Jackson , Ross Lagerwall , Anthony PERARD , xen-devel@lists.xenproject.org, xen-devel@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" We are going to want to reuse this. No functional change. Signed-off-by: Ian Jackson Reviewed-by: Anthony PERARD --- hw/i386/xen/xen-hvm.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/hw/i386/xen/xen-hvm.c b/hw/i386/xen/xen-hvm.c index 7b60ec6..83420cd 100644 --- a/hw/i386/xen/xen-hvm.c +++ b/hw/i386/xen/xen-hvm.c @@ -1387,12 +1387,13 @@ void destroy_hvm_domain(bool reboot) xc_interface *xc_handle; int sts; + unsigned int reason = reboot ? SHUTDOWN_reboot : SHUTDOWN_poweroff; + xc_handle = xc_interface_open(0, 0, 0); if (xc_handle == NULL) { fprintf(stderr, "Cannot acquire xenctrl handle\n"); } else { - sts = xc_domain_shutdown(xc_handle, xen_domid, - reboot ? SHUTDOWN_reboot : SHUTDOWN_poweroff); + sts = xc_domain_shutdown(xc_handle, xen_domid, reason); if (sts != 0) { fprintf(stderr, "xc_domain_shutdown failed to issue %s, " "sts %d, %s\n", reboot ? "reboot" : "poweroff", From patchwork Wed Oct 4 16:18:08 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian Jackson X-Patchwork-Id: 821386 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=2001:4830:134:3::11; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3y6h1N3q0Tz9sxR for ; Thu, 5 Oct 2017 03:19:20 +1100 (AEDT) Received: from localhost ([::1]:36019 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmOE-00043o-Jv for incoming@patchwork.ozlabs.org; Wed, 04 Oct 2017 12:19:18 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53438) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmNX-000417-7w for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:36 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dzmNU-0004L7-Ct for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:35 -0400 Received: from smtp.citrix.com ([66.165.176.89]:33390) by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71) (envelope-from ) id 1dzmNU-0004Kc-5R for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:32 -0400 X-IronPort-AV: E=Sophos;i="5.42,477,1500940800"; d="scan'208";a="442509651" From: Ian Jackson To: Date: Wed, 4 Oct 2017 17:18:08 +0100 Message-ID: <1507133891-26013-6-git-send-email-ian.jackson@eu.citrix.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> References: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 66.165.176.89 Subject: [Qemu-devel] [PATCH 5/8] xen: move xc_interface compatibility fallback further up the file X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Stefano Stabellini , Ian Jackson , Ross Lagerwall , Anthony PERARD , xen-devel@lists.xenproject.org, xen-devel@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" We are going to want to use the dummy xendevicemodel_handle type in new stub functions in the CONFIG_XEN_CTRL_INTERFACE_VERSION < 41000 section. So we need to provide that definition, or (as applicable) include the appropriate header, earlier in the file. (Ideally the newer compatibility layers would be at the bottom of the file, so that they can naturally benefit from the compatibility layers for earlier version. But that's rather too much for this series.) No functional change. Signed-off-by: Ian Jackson --- v2: New patch in v2 of the series --- include/hw/xen/xen_common.h | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/include/hw/xen/xen_common.h b/include/hw/xen/xen_common.h index 3f44a63..8efdb8a 100644 --- a/include/hw/xen/xen_common.h +++ b/include/hw/xen/xen_common.h @@ -78,6 +78,17 @@ static inline void *xenforeignmemory_map(xc_interface *h, uint32_t dom, extern xenforeignmemory_handle *xen_fmem; +#if CONFIG_XEN_CTRL_INTERFACE_VERSION < 40900 + +typedef xc_interface xendevicemodel_handle; + +#else /* CONFIG_XEN_CTRL_INTERFACE_VERSION >= 40900 */ + +#undef XC_WANT_COMPAT_DEVICEMODEL_API +#include + +#endif + #if CONFIG_XEN_CTRL_INTERFACE_VERSION < 41000 #define XEN_COMPAT_PHYSMAP @@ -105,8 +116,6 @@ static inline int xentoolcore_restrict_all(domid_t domid) #if CONFIG_XEN_CTRL_INTERFACE_VERSION < 40900 -typedef xc_interface xendevicemodel_handle; - static inline xendevicemodel_handle *xendevicemodel_open( struct xentoollog_logger *logger, unsigned int open_flags) { @@ -228,11 +237,6 @@ static inline int xendevicemodel_set_mem_type( return xc_hvm_set_mem_type(dmod, domid, mem_type, first_pfn, nr); } -#else /* CONFIG_XEN_CTRL_INTERFACE_VERSION >= 40900 */ - -#undef XC_WANT_COMPAT_DEVICEMODEL_API -#include - #endif extern xendevicemodel_handle *xen_dmod; From patchwork Wed Oct 4 16:18:09 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian Jackson X-Patchwork-Id: 821391 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=2001:4830:134:3::11; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3y6h975BQxz9sxR for ; Thu, 5 Oct 2017 03:26:03 +1100 (AEDT) Received: from localhost ([::1]:36053 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmUj-0001VM-Qd for incoming@patchwork.ozlabs.org; Wed, 04 Oct 2017 12:26:01 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53893) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmOM-0004d4-I2 for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:19:27 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dzmOL-00051d-Kr for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:19:26 -0400 Received: from smtp02.citrix.com ([66.165.176.63]:9557) by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71) (envelope-from ) id 1dzmOL-0004yD-Bo for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:19:25 -0400 X-IronPort-AV: E=Sophos;i="5.42,477,1500940800"; d="scan'208";a="450479839" From: Ian Jackson To: Date: Wed, 4 Oct 2017 17:18:09 +0100 Message-ID: <1507133891-26013-7-git-send-email-ian.jackson@eu.citrix.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> References: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 66.165.176.63 Subject: [Qemu-devel] [PATCH 6/8] xen: destroy_hvm_domain: Try xendevicemodel_shutdown X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Stefano Stabellini , Ian Jackson , Ross Lagerwall , Anthony PERARD , xen-devel@lists.xenproject.org, xen-devel@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" xc_interface_open etc. is not going to work if we have dropped privilege, but xendevicemodel_shutdown will if everything is new enough. xendevicemodel_shutdown is only availabe in Xen 4.10 and later, so provide a stub for earlier versions. Signed-off-by: Ian Jackson --- v2: Add compatibility stub for Xen < 4.10. Fix coding style. Signed-off-by: Ian Jackson --- hw/i386/xen/xen-hvm.c | 10 ++++++++++ include/hw/xen/xen_common.h | 7 +++++++ 2 files changed, 17 insertions(+) diff --git a/hw/i386/xen/xen-hvm.c b/hw/i386/xen/xen-hvm.c index 83420cd..25b8b14 100644 --- a/hw/i386/xen/xen-hvm.c +++ b/hw/i386/xen/xen-hvm.c @@ -1386,9 +1386,19 @@ void destroy_hvm_domain(bool reboot) { xc_interface *xc_handle; int sts; + int rc; unsigned int reason = reboot ? SHUTDOWN_reboot : SHUTDOWN_poweroff; + if (xen_dmod) { + rc = xendevicemodel_shutdown(xen_dmod, xen_domid, reason); + if (!rc) { + return; + } + perror("xendevicemodel_shutdown failed"); + /* well, try the old thing then */ + } + xc_handle = xc_interface_open(0, 0, 0); if (xc_handle == NULL) { fprintf(stderr, "Cannot acquire xenctrl handle\n"); diff --git a/include/hw/xen/xen_common.h b/include/hw/xen/xen_common.h index 8efdb8a..1d6fb57 100644 --- a/include/hw/xen/xen_common.h +++ b/include/hw/xen/xen_common.h @@ -108,6 +108,13 @@ static inline int xentoolcore_restrict_all(domid_t domid) return -1; } +static inline int xendevicemodel_shutdown(xendevicemodel_handle *dmod, + domid_t domid, unsigned int reason) +{ + errno = ENOTTY; + return -1; +} + #else /* CONFIG_XEN_CTRL_INTERFACE_VERSION >= 41000 */ #include From patchwork Wed Oct 4 16:18:10 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian Jackson X-Patchwork-Id: 821385 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=2001:4830:134:3::11; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3y6h1L3t9hz9t2h for ; Thu, 5 Oct 2017 03:19:17 +1100 (AEDT) Received: from localhost ([::1]:36017 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmOB-00041T-Fp for incoming@patchwork.ozlabs.org; Wed, 04 Oct 2017 12:19:15 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53436) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmNX-000415-7H for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:36 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dzmNV-0004LY-1h for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:35 -0400 Received: from smtp.citrix.com ([66.165.176.89]:50333) by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71) (envelope-from ) id 1dzmNU-0004LE-Si for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:18:32 -0400 X-IronPort-AV: E=Sophos;i="5.42,477,1500940800"; d="scan'208";a="442509656" From: Ian Jackson To: Date: Wed, 4 Oct 2017 17:18:10 +0100 Message-ID: <1507133891-26013-8-git-send-email-ian.jackson@eu.citrix.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> References: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 66.165.176.89 Subject: [Qemu-devel] [PATCH 7/8] os-posix: Provide new -runasid option X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Stefano Stabellini , Ian Jackson , Ross Lagerwall , Anthony PERARD , xen-devel@lists.xenproject.org, xen-devel@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" This allows the caller to specify a uid and gid to use, even if there is no corresponding password entry. This will be useful in certain Xen configurations. Signed-off-by: Ian Jackson --- v2: Coding style fixes. --- os-posix.c | 31 +++++++++++++++++++++++++++---- qemu-options.hx | 12 ++++++++++++ 2 files changed, 39 insertions(+), 4 deletions(-) diff --git a/os-posix.c b/os-posix.c index 92e9d85..d63680b 100644 --- a/os-posix.c +++ b/os-posix.c @@ -43,6 +43,8 @@ #endif static struct passwd *user_pwd; +static uid_t user_uid = (uid_t)-1; +static gid_t user_gid = (gid_t)-1; static const char *chroot_dir; static int daemonize; static int daemon_pipe; @@ -134,6 +136,9 @@ void os_set_proc_name(const char *s) */ void os_parse_cmd_args(int index, const char *optarg) { + unsigned long lv; + char *ep; + int rc; switch (index) { #ifdef CONFIG_SLIRP case QEMU_OPTION_smb: @@ -150,6 +155,22 @@ void os_parse_cmd_args(int index, const char *optarg) exit(1); } break; + case QEMU_OPTION_runasid: + errno = 0; + lv = strtoul(optarg, &ep, 0); /* can't qemu_strtoul, want *ep=='.' */ + user_uid = lv; /* overflow here is ID in C99 */ + if (errno || *ep != '.' || user_uid != lv || user_uid == (uid_t)-1) { + fprintf(stderr, "Could not obtain uid from \"%s\"", optarg); + exit(1); + } + lv = 0; + rc = qemu_strtoul(ep + 1, 0, 0, &lv); + user_gid = lv; /* overflow here is ID in C99 */ + if (rc || user_gid != lv || user_gid == (gid_t)-1) { + fprintf(stderr, "Could not obtain gid from \"%s\"", optarg); + exit(1); + } + break; case QEMU_OPTION_chroot: chroot_dir = optarg; break; @@ -166,17 +187,19 @@ void os_parse_cmd_args(int index, const char *optarg) static void change_process_uid(void) { - if (user_pwd) { - if (setgid(user_pwd->pw_gid) < 0) { + if (user_pwd || user_uid != (uid_t)-1) { + if (setgid(user_pwd ? user_pwd->pw_gid : user_gid) < 0) { fprintf(stderr, "Failed to setgid(%d)\n", user_pwd->pw_gid); exit(1); } - if (initgroups(user_pwd->pw_name, user_pwd->pw_gid) < 0) { + if ((user_pwd + ? initgroups(user_pwd->pw_name, user_pwd->pw_gid) + : setgroups(1, &user_gid)) < 0) { fprintf(stderr, "Failed to initgroups(\"%s\", %d)\n", user_pwd->pw_name, user_pwd->pw_gid); exit(1); } - if (setuid(user_pwd->pw_uid) < 0) { + if (setuid(user_pwd ? user_pwd->pw_uid : user_gid) < 0) { fprintf(stderr, "Failed to setuid(%d)\n", user_pwd->pw_uid); exit(1); } diff --git a/qemu-options.hx b/qemu-options.hx index 9f6e2ad..34a5329 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -3968,6 +3968,18 @@ Immediately before starting guest execution, drop root privileges, switching to the specified user. ETEXI +#ifndef _WIN32 +DEF("runasid", HAS_ARG, QEMU_OPTION_runasid, \ + "-runasid uid.gid change to numeric uid and gid just before starting the VM\n", + QEMU_ARCH_ALL) +#endif +STEXI +@item -runasid @var{uid}.@var{gid} +@findex -runasid +Immediately before starting guest execution, drop root privileges, switching +to the specified uid and gid. +ETEXI + DEF("prom-env", HAS_ARG, QEMU_OPTION_prom_env, "-prom-env variable=value\n" " set OpenBIOS nvram variables\n", From patchwork Wed Oct 4 16:18:11 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian Jackson X-Patchwork-Id: 821389 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=2001:4830:134:3::11; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3y6h4N070fz9t2h for ; Thu, 5 Oct 2017 03:21:56 +1100 (AEDT) Received: from localhost ([::1]:36034 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmQk-0006Kv-1H for incoming@patchwork.ozlabs.org; Wed, 04 Oct 2017 12:21:54 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53898) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dzmOM-0004dY-SY for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:19:27 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dzmOL-00051r-VB for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:19:26 -0400 Received: from smtp02.citrix.com ([66.165.176.63]:9557) by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71) (envelope-from ) id 1dzmOL-0004yD-Q5 for qemu-devel@nongnu.org; Wed, 04 Oct 2017 12:19:25 -0400 X-IronPort-AV: E=Sophos;i="5.42,477,1500940800"; d="scan'208";a="450479840" From: Ian Jackson To: Date: Wed, 4 Oct 2017 17:18:11 +0100 Message-ID: <1507133891-26013-9-git-send-email-ian.jackson@eu.citrix.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> References: <1507133891-26013-1-git-send-email-ian.jackson@eu.citrix.com> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 66.165.176.63 Subject: [Qemu-devel] [PATCH 8/8] RFC configure: do_compiler: Dump some extra info under bash X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Stefano Stabellini , Ian Jackson , Ross Lagerwall , Anthony PERARD , xen-devel@lists.xenproject.org, xen-devel@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" This makes it much easier to find a particular thing in config.log. The information may be lacking in other shells, resulting in harmless empty output. (This is why we don't use the proper ${FUNCNAME[*]} array syntax - other shells will choke on that.) The extra output is only printed if configure is run with bash. The something), it is necessary to say bash ./configure to get the extra debug info in the log. Signed-off-by: Ian Jackson --- configure | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/configure b/configure index 6f691df..21a2b15 100755 --- a/configure +++ b/configure @@ -60,6 +60,10 @@ do_compiler() { # is compiler binary to execute. local compiler="$1" shift + echo >>config.log " +funcs: ${FUNCNAME} +lines: ${BASH_LINENO} +files: ${BASH_SOURCE}" echo $compiler "$@" >> config.log $compiler "$@" >> config.log 2>&1 || return $? # Test passed. If this is an --enable-werror build, rerun