From nobody Tue Apr 30 08:51:52 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as
 permitted sender) client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted
 sender)  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 1505499131610170.69705922235823;
 Fri, 15 Sep 2017 11:12:11 -0700 (PDT)
Received: from localhost ([::1]:54504 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1dsv62-00022z-Lh
	for importer@patchew.org; Fri, 15 Sep 2017 14:12:10 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:39182)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4C-0000n1-8d
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:17 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4B-0006yW-96
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:16 -0400
Received: from smtp02.citrix.com ([66.165.176.63]:59995)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4B-0006gP-39
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:15 -0400
X-IronPort-AV: E=Sophos;i="5.42,398,1500940800"; d="scan'208";a="448014556"
From: Ian Jackson <ian.jackson@eu.citrix.com>
To: <qemu-devel@nongnu.org>
Date: Fri, 15 Sep 2017 19:09:54 +0100
Message-ID: <1505498999-17427-2-git-send-email-ian.jackson@eu.citrix.com>
X-Mailer: git-send-email 2.1.4
In-Reply-To: <1505498999-17427-1-git-send-email-ian.jackson@eu.citrix.com>
References: <1505498999-17427-1-git-send-email-ian.jackson@eu.citrix.com>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 66.165.176.63
Subject: [Qemu-devel] [PATCH RFC 1/6] xen: link against xentoolcore
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Juergen Gross <jgross@suse.com>,
	Stefano Stabellini <sstabellini@kernel.org>,
	Ian Jackson <Ian.Jackson@eu.citrix.com>, xen-devel@nongnu.org
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
---
 configure | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/configure b/configure
index fd7e3a5..c59a0c0 100755
--- a/configure
+++ b/configure
@@ -2072,14 +2072,14 @@ if test "$xen" !=3D "no" ; then
       $($pkg_config --modversion xencontrol | sed 's/\./ /g') )"
     xen=3Dyes
     xen_pc=3D"xencontrol xenstore xenguest xenforeignmemory xengnttab"
-    xen_pc=3D"$xen_pc xenevtchn xendevicemodel"
+    xen_pc=3D"$xen_pc xenevtchn xendevicemodel xentoolcore"
     QEMU_CFLAGS=3D"$QEMU_CFLAGS $($pkg_config --cflags $xen_pc)"
     libs_softmmu=3D"$($pkg_config --libs $xen_pc) $libs_softmmu"
     LDFLAGS=3D"$($pkg_config --libs $xen_pc) $LDFLAGS"
   else
=20
     xen_libs=3D"-lxenstore -lxenctrl -lxenguest"
-    xen_stable_libs=3D"-lxenforeignmemory -lxengnttab -lxenevtchn"
+    xen_stable_libs=3D"-lxenforeignmemory -lxengnttab -lxenevtchn -lxentoo=
lcore"
=20
     # First we test whether Xen headers and libraries are available.
     # If no, we are done and there is no Xen support.
--=20
2.1.4


From nobody Tue Apr 30 08:51:52 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as
 permitted sender) client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted
 sender)  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 1505499137202734.6072034173429;
 Fri, 15 Sep 2017 11:12:17 -0700 (PDT)
Received: from localhost ([::1]:54506 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1dsv68-0002DX-AZ
	for importer@patchew.org; Fri, 15 Sep 2017 14:12:16 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:39227)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4H-0000rC-1C
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:22 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4C-0006z3-8W
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:20 -0400
Received: from smtp.citrix.com ([66.165.176.89]:59596)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4C-0006yi-1W
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:16 -0400
X-IronPort-AV: E=Sophos;i="5.42,398,1500940800"; d="scan'208";a="439962722"
From: Ian Jackson <ian.jackson@eu.citrix.com>
To: <qemu-devel@nongnu.org>
Date: Fri, 15 Sep 2017 19:09:55 +0100
Message-ID: <1505498999-17427-3-git-send-email-ian.jackson@eu.citrix.com>
X-Mailer: git-send-email 2.1.4
In-Reply-To: <1505498999-17427-1-git-send-email-ian.jackson@eu.citrix.com>
References: <1505498999-17427-1-git-send-email-ian.jackson@eu.citrix.com>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 66.165.176.89
Subject: [Qemu-devel] [PATCH RFC 2/6] xen: defer call to xen_restrict until
 running
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Juergen Gross <jgross@suse.com>,
	Stefano Stabellini <sstabellini@kernel.org>,
	Ian Jackson <Ian.Jackson@eu.citrix.com>, xen-devel@nongnu.org
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
---
 hw/i386/xen/xen-hvm.c |  8 --------
 hw/xen/xen-common.c   | 10 ++++++++++
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/hw/i386/xen/xen-hvm.c b/hw/i386/xen/xen-hvm.c
index d9ccd5d..7b60ec6 100644
--- a/hw/i386/xen/xen-hvm.c
+++ b/hw/i386/xen/xen-hvm.c
@@ -1254,14 +1254,6 @@ void xen_hvm_init(PCMachineState *pcms, MemoryRegion=
 **ram_memory)
         goto err;
     }
=20
-    if (xen_domid_restrict) {
-        rc =3D xen_restrict(xen_domid);
-        if (rc < 0) {
-            error_report("failed to restrict: error %d", errno);
-            goto err;
-        }
-    }
-
     xen_create_ioreq_server(xen_domid, &state->ioservid);
=20
     state->exit.notify =3D xen_exit_notifier;
diff --git a/hw/xen/xen-common.c b/hw/xen/xen-common.c
index 632a938..dfee53e 100644
--- a/hw/xen/xen-common.c
+++ b/hw/xen/xen-common.c
@@ -111,9 +111,19 @@ static void xenstore_record_dm_state(struct xs_handle =
*xs, const char *state)
 static void xen_change_state_handler(void *opaque, int running,
                                      RunState state)
 {
+    int rc;
+
     if (running) {
         /* record state running */
         xenstore_record_dm_state(xenstore, "running");
+
+        if (xen_domid_restrict) {
+            rc =3D xen_restrict(xen_domid);
+            if (rc < 0) {
+                perror("xen: failed to restrict");
+                exit(1);
+            }
+        }
     }
 }
=20
--=20
2.1.4


From nobody Tue Apr 30 08:51:52 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as
 permitted sender) client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted
 sender)  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 1505499270325414.7593890075001;
 Fri, 15 Sep 2017 11:14:30 -0700 (PDT)
Received: from localhost ([::1]:54511 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1dsv8G-00051v-LY
	for importer@patchew.org; Fri, 15 Sep 2017 14:14:28 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:39230)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4H-0000rT-9R
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:22 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4C-0006zZ-Ld
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:21 -0400
Received: from smtp.citrix.com ([66.165.176.89]:59596)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4C-0006yi-Ec
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:16 -0400
X-IronPort-AV: E=Sophos;i="5.42,398,1500940800"; d="scan'208";a="439962723"
From: Ian Jackson <ian.jackson@eu.citrix.com>
To: <qemu-devel@nongnu.org>
Date: Fri, 15 Sep 2017 19:09:56 +0100
Message-ID: <1505498999-17427-4-git-send-email-ian.jackson@eu.citrix.com>
X-Mailer: git-send-email 2.1.4
In-Reply-To: <1505498999-17427-1-git-send-email-ian.jackson@eu.citrix.com>
References: <1505498999-17427-1-git-send-email-ian.jackson@eu.citrix.com>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 66.165.176.89
Subject: [Qemu-devel] [PATCH RFC 3/6] xen: restrict: use
 xentoolcore_restrict_all
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Juergen Gross <jgross@suse.com>,
	Stefano Stabellini <sstabellini@kernel.org>,
	Ian Jackson <Ian.Jackson@eu.citrix.com>, xen-devel@nongnu.org
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

And insist that it works.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
---
 include/hw/xen/xen_common.h | 26 ++------------------------
 1 file changed, 2 insertions(+), 24 deletions(-)

diff --git a/include/hw/xen/xen_common.h b/include/hw/xen/xen_common.h
index 86c7f26..b6cb024 100644
--- a/include/hw/xen/xen_common.h
+++ b/include/hw/xen/xen_common.h
@@ -12,6 +12,7 @@
=20
 #include <xenctrl.h>
 #include <xenstore.h>
+#include <xentoolcore.h>
 #include <xen/io/xenbus.h>
=20
 #include "hw/hw.h"
@@ -289,30 +290,7 @@ static inline int xen_modified_memory(domid_t domid, u=
int64_t first_pfn,
=20
 static inline int xen_restrict(domid_t domid)
 {
-    int rc;
-
-    /* Attempt to restrict devicemodel operations */
-    rc =3D xendevicemodel_restrict(xen_dmod, domid);
-    trace_xen_domid_restrict(rc ? errno : 0);
-
-    if (rc < 0) {
-        /*
-         * If errno is ENOTTY then restriction is not implemented so
-         * there's no point in trying to restrict other types of
-         * operation, but it should not be treated as a failure.
-         */
-        if (errno =3D=3D ENOTTY) {
-            return 0;
-        }
-
-        return rc;
-    }
-
-    /* Restrict foreignmemory operations */
-    rc =3D xenforeignmemory_restrict(xen_fmem, domid);
-    trace_xen_domid_restrict(rc ? errno : 0);
-
-    return rc;
+    return xentoolcore_restrict_all(domid);
 }
=20
 void destroy_hvm_domain(bool reboot);
--=20
2.1.4


From nobody Tue Apr 30 08:51:52 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as
 permitted sender) client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted
 sender)  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 1505499133083835.9202563318432;
 Fri, 15 Sep 2017 11:12:13 -0700 (PDT)
Received: from localhost ([::1]:54505 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1dsv64-000266-6Z
	for importer@patchew.org; Fri, 15 Sep 2017 14:12:12 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:39208)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4D-0000nv-FW
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:18 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4C-0006zT-JQ
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:17 -0400
Received: from smtp02.citrix.com ([66.165.176.63]:59995)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4C-0006gP-DJ
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:16 -0400
X-IronPort-AV: E=Sophos;i="5.42,398,1500940800"; d="scan'208";a="448014561"
From: Ian Jackson <ian.jackson@eu.citrix.com>
To: <qemu-devel@nongnu.org>
Date: Fri, 15 Sep 2017 19:09:57 +0100
Message-ID: <1505498999-17427-5-git-send-email-ian.jackson@eu.citrix.com>
X-Mailer: git-send-email 2.1.4
In-Reply-To: <1505498999-17427-1-git-send-email-ian.jackson@eu.citrix.com>
References: <1505498999-17427-1-git-send-email-ian.jackson@eu.citrix.com>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 66.165.176.63
Subject: [Qemu-devel] [PATCH RFC 4/6] xen: destroy_hvm_domain: Move reason
 into a variable
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Juergen Gross <jgross@suse.com>,
	Stefano Stabellini <sstabellini@kernel.org>,
	Ian Jackson <Ian.Jackson@eu.citrix.com>, xen-devel@nongnu.org
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

We are going to want to reuse this.

No functional change.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
---
 hw/i386/xen/xen-hvm.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/hw/i386/xen/xen-hvm.c b/hw/i386/xen/xen-hvm.c
index 7b60ec6..83420cd 100644
--- a/hw/i386/xen/xen-hvm.c
+++ b/hw/i386/xen/xen-hvm.c
@@ -1387,12 +1387,13 @@ void destroy_hvm_domain(bool reboot)
     xc_interface *xc_handle;
     int sts;
=20
+    unsigned int reason =3D reboot ? SHUTDOWN_reboot : SHUTDOWN_poweroff;
+
     xc_handle =3D xc_interface_open(0, 0, 0);
     if (xc_handle =3D=3D NULL) {
         fprintf(stderr, "Cannot acquire xenctrl handle\n");
     } else {
-        sts =3D xc_domain_shutdown(xc_handle, xen_domid,
-                                 reboot ? SHUTDOWN_reboot : SHUTDOWN_power=
off);
+        sts =3D xc_domain_shutdown(xc_handle, xen_domid, reason);
         if (sts !=3D 0) {
             fprintf(stderr, "xc_domain_shutdown failed to issue %s, "
                     "sts %d, %s\n", reboot ? "reboot" : "poweroff",
--=20
2.1.4


From nobody Tue Apr 30 08:51:52 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as
 permitted sender) client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted
 sender)  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 1505499272727655.3984268417084;
 Fri, 15 Sep 2017 11:14:32 -0700 (PDT)
Received: from localhost ([::1]:54512 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1dsv8J-000541-N2
	for importer@patchew.org; Fri, 15 Sep 2017 14:14:31 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:39231)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4H-0000rV-9i
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:22 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4D-0006zu-1e
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:21 -0400
Received: from smtp.citrix.com ([66.165.176.89]:59596)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv4C-0006yi-Rr
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:16 -0400
X-IronPort-AV: E=Sophos;i="5.42,398,1500940800"; d="scan'208";a="439962726"
From: Ian Jackson <ian.jackson@eu.citrix.com>
To: <qemu-devel@nongnu.org>
Date: Fri, 15 Sep 2017 19:09:58 +0100
Message-ID: <1505498999-17427-6-git-send-email-ian.jackson@eu.citrix.com>
X-Mailer: git-send-email 2.1.4
In-Reply-To: <1505498999-17427-1-git-send-email-ian.jackson@eu.citrix.com>
References: <1505498999-17427-1-git-send-email-ian.jackson@eu.citrix.com>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 66.165.176.89
Subject: [Qemu-devel] [PATCH RFC 5/6] xen: destroy_hvm_domain: Try
 xendevicemodel_shutdown
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Juergen Gross <jgross@suse.com>,
	Stefano Stabellini <sstabellini@kernel.org>,
	Ian Jackson <Ian.Jackson@eu.citrix.com>, xen-devel@nongnu.org
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

xc_interface_open etc. is not going to work if we have dropped
privilege, but xendevicemodel_shutdown will if everything is new
enough.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
---
 hw/i386/xen/xen-hvm.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/hw/i386/xen/xen-hvm.c b/hw/i386/xen/xen-hvm.c
index 83420cd..639425a 100644
--- a/hw/i386/xen/xen-hvm.c
+++ b/hw/i386/xen/xen-hvm.c
@@ -1386,9 +1386,18 @@ void destroy_hvm_domain(bool reboot)
 {
     xc_interface *xc_handle;
     int sts;
+    int rc;
=20
     unsigned int reason =3D reboot ? SHUTDOWN_reboot : SHUTDOWN_poweroff;
=20
+    if (xen_dmod) {
+        rc =3D xendevicemodel_shutdown(xen_dmod, xen_domid, reason);
+        if (!rc)
+            return;
+        perror("xendevicemodel_shutdown failed");
+        /* well, try the old thing then */
+    }
+
     xc_handle =3D xc_interface_open(0, 0, 0);
     if (xc_handle =3D=3D NULL) {
         fprintf(stderr, "Cannot acquire xenctrl handle\n");
--=20
2.1.4


From nobody Tue Apr 30 08:51:52 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as
 permitted sender) client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted
 sender)  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 1505499265445147.3629926467553;
 Fri, 15 Sep 2017 11:14:25 -0700 (PDT)
Received: from localhost ([::1]:54510 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1dsv8A-0004wB-O3
	for importer@patchew.org; Fri, 15 Sep 2017 14:14:22 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:39152)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv49-0000lX-Nc
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:14 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv47-0006t2-R9
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:13 -0400
Received: from smtp02.citrix.com ([66.165.176.63]:59995)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71)
	(envelope-from <prvs=4248f5c51=Ian.Jackson@citrix.com>)
	id 1dsv47-0006gP-LL
	for qemu-devel@nongnu.org; Fri, 15 Sep 2017 14:10:11 -0400
X-IronPort-AV: E=Sophos;i="5.42,398,1500940800"; d="scan'208";a="448014541"
From: Ian Jackson <ian.jackson@eu.citrix.com>
To: <qemu-devel@nongnu.org>
Date: Fri, 15 Sep 2017 19:09:59 +0100
Message-ID: <1505498999-17427-7-git-send-email-ian.jackson@eu.citrix.com>
X-Mailer: git-send-email 2.1.4
In-Reply-To: <1505498999-17427-1-git-send-email-ian.jackson@eu.citrix.com>
References: <1505498999-17427-1-git-send-email-ian.jackson@eu.citrix.com>
MIME-Version: 1.0
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 66.165.176.63
Subject: [Qemu-devel] [PATCH RFC 6/6] os-posix: Provide new -runasid option
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Juergen Gross <jgross@suse.com>,
	Stefano Stabellini <sstabellini@kernel.org>,
	Ian Jackson <Ian.Jackson@eu.citrix.com>, xen-devel@nongnu.org
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

This allows the caller to specify a uid and gid to use, even if there
is no corresponding password entry.  This will be useful in certain
Xen configurations.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
---
 os-posix.c      | 30 ++++++++++++++++++++++++++----
 qemu-options.hx | 12 ++++++++++++
 2 files changed, 38 insertions(+), 4 deletions(-)

diff --git a/os-posix.c b/os-posix.c
index 92e9d85..b88995e 100644
--- a/os-posix.c
+++ b/os-posix.c
@@ -43,6 +43,8 @@
 #endif
=20
 static struct passwd *user_pwd;
+static uid_t user_uid =3D (uid_t)-1;
+static gid_t user_gid =3D (gid_t)-1;
 static const char *chroot_dir;
 static int daemonize;
 static int daemon_pipe;
@@ -134,6 +136,8 @@ void os_set_proc_name(const char *s)
  */
 void os_parse_cmd_args(int index, const char *optarg)
 {
+    unsigned long lv;
+    char *ep;
     switch (index) {
 #ifdef CONFIG_SLIRP
     case QEMU_OPTION_smb:
@@ -150,6 +154,22 @@ void os_parse_cmd_args(int index, const char *optarg)
             exit(1);
         }
         break;
+    case QEMU_OPTION_runasid:
+        errno =3D 0;
+        lv =3D strtoul(optarg, &ep, 0);
+        if (errno || *ep !=3D '.' || (user_uid =3D lv) !=3D lv
+            || (user_uid =3D=3D (uid_t)-1)) {
+            fprintf(stderr, "Could not obtain uid from \"%s\"", optarg);
+            exit(1);
+        }
+        errno =3D 0;
+        lv =3D strtoul(ep+1, &ep, 0);
+        if (errno || *ep || (user_gid =3D lv) !=3D lv
+            || (user_gid =3D=3D (gid_t)-1)) {
+            fprintf(stderr ,"Could not obtain gid from \"%s\"", optarg);
+            exit(1);
+        }
+        break;
     case QEMU_OPTION_chroot:
         chroot_dir =3D optarg;
         break;
@@ -166,17 +186,19 @@ void os_parse_cmd_args(int index, const char *optarg)
=20
 static void change_process_uid(void)
 {
-    if (user_pwd) {
-        if (setgid(user_pwd->pw_gid) < 0) {
+    if (user_pwd || user_uid !=3D (uid_t)-1) {
+        if (setgid(user_pwd ? user_pwd->pw_gid : user_gid) < 0) {
             fprintf(stderr, "Failed to setgid(%d)\n", user_pwd->pw_gid);
             exit(1);
         }
-        if (initgroups(user_pwd->pw_name, user_pwd->pw_gid) < 0) {
+        if ((user_pwd
+             ? initgroups(user_pwd->pw_name, user_pwd->pw_gid)
+             : setgroups(1, &user_gid)) < 0) {
             fprintf(stderr, "Failed to initgroups(\"%s\", %d)\n",
                     user_pwd->pw_name, user_pwd->pw_gid);
             exit(1);
         }
-        if (setuid(user_pwd->pw_uid) < 0) {
+        if (setuid(user_pwd ? user_pwd->pw_uid : user_gid) < 0) {
             fprintf(stderr, "Failed to setuid(%d)\n", user_pwd->pw_uid);
             exit(1);
         }
diff --git a/qemu-options.hx b/qemu-options.hx
index 9f6e2ad..34a5329 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -3968,6 +3968,18 @@ Immediately before starting guest execution, drop ro=
ot privileges, switching
 to the specified user.
 ETEXI
=20
+#ifndef _WIN32
+DEF("runasid", HAS_ARG, QEMU_OPTION_runasid, \
+    "-runasid uid.gid     change to numeric uid and gid just before starti=
ng the VM\n",
+    QEMU_ARCH_ALL)
+#endif
+STEXI
+@item -runasid @var{uid}.@var{gid}
+@findex -runasid
+Immediately before starting guest execution, drop root privileges, switchi=
ng
+to the specified uid and gid.
+ETEXI
+
 DEF("prom-env", HAS_ARG, QEMU_OPTION_prom_env,
     "-prom-env variable=3Dvalue\n"
     "                set OpenBIOS nvram variables\n",
--=20
2.1.4