From patchwork Wed Oct 18 13:42:33 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ross Lagerwall <ross.lagerwall@citrix.com>
X-Patchwork-Id: 10014723
Return-Path: <xen-devel-bounces@lists.xen.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	E02A660215 for <patchwork-xen-devel@patchwork.kernel.org>;
	Wed, 18 Oct 2017 13:45:31 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D43BB28AC7
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Wed, 18 Oct 2017 13:45:31 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id C767528B0F; Wed, 18 Oct 2017 13:45:31 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED
	autolearn=ham version=3.3.1
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 1AD4028AC7
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Wed, 18 Oct 2017 13:45:31 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <xen-devel-bounces@lists.xen.org>)
	id 1e4ocv-000575-5H; Wed, 18 Oct 2017 13:43:17 +0000
Received: from mail6.bemta6.messagelabs.com ([193.109.254.103])
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <prvs=457f25213=ross.lagerwall@citrix.com>)
	id 1e4oct-00056e-Ic
	for xen-devel@lists.xen.org; Wed, 18 Oct 2017 13:43:16 +0000
Received: from [85.158.143.35] by server-2.bemta-6.messagelabs.com id
	C8/80-31897-27A57E95; Wed, 18 Oct 2017 13:43:14 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprBIsWRWlGSWpSXmKPExsXitHSDvW5R1PN
	Ig/mLeC2WfFzM4sDocXT3b6YAxijWzLyk/IoE1ozrF9uZCnYrVty4NZG1gXGlTBcjJ4eEgL/E
	3AP32UFsNgEDiVuXvjOD2CIC6hKnOy6ydjFycTALLGCU2Lj+PyNIQlggVGJT92tWEJtFQFVi3
	93fYDavgJ3Eg4tT2CGGyknsuTgDzOYUsJd4NHsbE4gtBFRz+NF6dghbTeLt8jMsEL2CEidnPg
	GzmQUkJA6+eME8gZF3FpLULCSpBYxMqxg1ilOLylKLdI0s9JKKMtMzSnITM3N0DQ3M9HJTi4s
	T01NzEpOK9ZLzczcxAsOHAQh2MJ5fG3iIUZKDSUmUV/fAs0ghvqT8lMqMxOKM+KLSnNTiQ4wy
	HBxKErzbI59HCgkWpaanVqRl5gADGSYtwcGjJMIbFQGU5i0uSMwtzkyHSJ1iNOY4tunyHyaOj
	pt3/zAJseTl56VKifPuA5kkAFKaUZoHNwgWYZcYZaWEeRmBThPiKUgtys0sQZV/xSjOwagkzH
	sCZApPZl4J3L5XQKcwAZ2yzukJyCkliQgpqQbG9IhOsR8/w+8/YV14MfhuVOhCgZX9Xs+mP7v
	8UH9u/627FUy3fNqm750S+uzF1pkHg3Yaa72M+nx28jV/9QqxVddlMgympe/hPJ4iLPLRU23i
	XZtbN6RufP51/3lOm4rQIcs89+VaN18oF1qbsBXKbLr1+YE3x+p3gQcCu78/uWJ3y3dfYpjOT
	yWW4oxEQy3mouJEAEBTLNmrAgAA
X-Env-Sender: prvs=457f25213=ross.lagerwall@citrix.com
X-Msg-Ref: server-3.tower-21.messagelabs.com!1508334192!74301749!1
X-Originating-IP: [66.165.176.63]
X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor:
	VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni42MyA9PiAzMDYwNDg=\n,
	received_headers: No Received headers
X-StarScan-Received: 
X-StarScan-Version: 9.4.45; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 61309 invoked from network); 18 Oct 2017 13:43:13 -0000
Received: from smtp02.citrix.com (HELO SMTP02.CITRIX.COM) (66.165.176.63)
	by server-3.tower-21.messagelabs.com with RC4-SHA encrypted SMTP;
	18 Oct 2017 13:43:13 -0000
X-IronPort-AV: E=Sophos;i="5.43,397,1503360000"; d="scan'208";a="454794625"
From: Ross Lagerwall <ross.lagerwall@citrix.com>
To: Xen-devel <xen-devel@lists.xen.org>
Date: Wed, 18 Oct 2017 14:42:33 +0100
Message-ID: <20171018134233.11973-2-ross.lagerwall@citrix.com>
X-Mailer: git-send-email 2.9.5
In-Reply-To: <20171018134233.11973-1-ross.lagerwall@citrix.com>
References: <20171018134233.11973-1-ross.lagerwall@citrix.com>
MIME-Version: 1.0
Cc: Ross Lagerwall <ross.lagerwall@citrix.com>,
	Julien Grall <julien.grall@linaro.org>,
	Ian Jackson <ian.jackson@eu.citrix.com>, Wei Liu <wei.liu2@citrix.com>
Subject: [Xen-devel] [PATCH v2 for-4.10 2/2] xentoolcore_restrict_all:
	Implement for libxenevtchn
X-BeenThere: xen-devel@lists.xen.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xen.org>
List-Unsubscribe: <https://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <https://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xen.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>
X-Virus-Scanned: ClamAV using ClamSMTP

Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
---
Changed in v2:
* Keep warning about DoS and resource exhaustion being a possibility.

(Note that v1 of this patch was incorrectly titled v2.)

 tools/Rules.mk                            |  2 +-
 tools/libs/evtchn/Makefile                |  4 ++--
 tools/libs/evtchn/core.c                  | 13 +++++++++++++
 tools/libs/evtchn/private.h               |  3 +++
 tools/libs/toolcore/include/xentoolcore.h |  2 --
 5 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/tools/Rules.mk b/tools/Rules.mk
index be92f0a..61515d3 100644
--- a/tools/Rules.mk
+++ b/tools/Rules.mk
@@ -109,7 +109,7 @@ LDLIBS_libxentoolcore = $(SHDEPS_libxentoolcore) $(XEN_LIBXENTOOLCORE)/libxentoo
 SHLIB_libxentoolcore  = $(SHDEPS_libxentoolcore) -Wl,-rpath-link=$(XEN_LIBXENTOOLCORE)
 
 CFLAGS_libxenevtchn = -I$(XEN_LIBXENEVTCHN)/include $(CFLAGS_xeninclude)
-SHDEPS_libxenevtchn =
+SHDEPS_libxenevtchn = $(SHLIB_libxentoolcore)
 LDLIBS_libxenevtchn = $(SHDEPS_libxenevtchn) $(XEN_LIBXENEVTCHN)/libxenevtchn$(libextension)
 SHLIB_libxenevtchn  = $(SHDEPS_libxenevtchn) -Wl,-rpath-link=$(XEN_LIBXENEVTCHN)
 
diff --git a/tools/libs/evtchn/Makefile b/tools/libs/evtchn/Makefile
index bc98aed..9952b30 100644
--- a/tools/libs/evtchn/Makefile
+++ b/tools/libs/evtchn/Makefile
@@ -7,7 +7,7 @@ SHLIB_LDFLAGS += -Wl,--version-script=libxenevtchn.map
 
 CFLAGS   += -Werror -Wmissing-prototypes
 CFLAGS   += -I./include $(CFLAGS_xeninclude)
-CFLAGS   += $(CFLAGS_libxentoollog)
+CFLAGS   += $(CFLAGS_libxentoollog) $(CFLAGS_libxentoolcore)
 
 SRCS-y                 += core.c
 SRCS-$(CONFIG_Linux)   += linux.c
@@ -61,7 +61,7 @@ libxenevtchn.so.$(MAJOR): libxenevtchn.so.$(MAJOR).$(MINOR)
 	$(SYMLINK_SHLIB) $< $@
 
 libxenevtchn.so.$(MAJOR).$(MINOR): $(PIC_OBJS) libxenevtchn.map
-	$(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxenevtchn.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(LDLIBS_libxentoollog) $(APPEND_LDFLAGS)
+	$(CC) $(LDFLAGS) -Wl,$(SONAME_LDFLAG) -Wl,libxenevtchn.so.$(MAJOR) $(SHLIB_LDFLAGS) -o $@ $(PIC_OBJS) $(LDLIBS_libxentoollog) $(LDLIBS_libxentoolcore) $(APPEND_LDFLAGS)
 
 .PHONY: install
 install: build
diff --git a/tools/libs/evtchn/core.c b/tools/libs/evtchn/core.c
index 41621ff..14b7549 100644
--- a/tools/libs/evtchn/core.c
+++ b/tools/libs/evtchn/core.c
@@ -18,6 +18,16 @@
 
 #include "private.h"
 
+static int all_restrict_cb(Xentoolcore__Active_Handle *ah, domid_t domid) {
+    xenevtchn_handle *xce = CONTAINER_OF(ah, *xce, tc_ah);
+
+    if (xce->fd < 0)
+        /* just in case */
+        return 0;
+
+    return xenevtchn_restrict(xce, domid);
+}
+
 xenevtchn_handle *xenevtchn_open(xentoollog_logger *logger, unsigned open_flags)
 {
     xenevtchn_handle *xce = malloc(sizeof(*xce));
@@ -29,6 +39,9 @@ xenevtchn_handle *xenevtchn_open(xentoollog_logger *logger, unsigned open_flags)
     xce->logger = logger;
     xce->logger_tofree  = NULL;
 
+    xce->tc_ah.restrict_callback = all_restrict_cb;
+    xentoolcore__register_active_handle(&xce->tc_ah);
+
     if (!xce->logger) {
         xce->logger = xce->logger_tofree =
             (xentoollog_logger*)
diff --git a/tools/libs/evtchn/private.h b/tools/libs/evtchn/private.h
index 3d34862..31e595b 100644
--- a/tools/libs/evtchn/private.h
+++ b/tools/libs/evtchn/private.h
@@ -4,11 +4,14 @@
 #include <xentoollog.h>
 #include <xenevtchn.h>
 
+#include <xentoolcore_internal.h>
+
 #include <xen/xen.h>
 
 struct xenevtchn_handle {
     xentoollog_logger *logger, *logger_tofree;
     int fd;
+    Xentoolcore__Active_Handle tc_ah;
 };
 
 int osdep_evtchn_open(xenevtchn_handle *xce);
diff --git a/tools/libs/toolcore/include/xentoolcore.h b/tools/libs/toolcore/include/xentoolcore.h
index be6c570..8d28c2d 100644
--- a/tools/libs/toolcore/include/xentoolcore.h
+++ b/tools/libs/toolcore/include/xentoolcore.h
@@ -33,8 +33,6 @@
  *
  * Does not prevent effects that amount only to
  *   - denial of service, possibly host-wide, by resource exhaustion etc.
- *   - leak of not-very-interesting metainformation about other domains
- *     eg, specifically, event channel signals relating to other domains
  *
  * If this cannot be achieved, returns -1 and sets errno.
  * If called again with the same domid, it may succeed, or it may