From nobody Sun Apr 28 16:30:51 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1659101239; cv=none; d=zohomail.com; s=zohoarc; b=DXhAJ+B6RhrXtseJow3FsdXmp7AUBHD8uXtqRh+XP1NzKhx3bNhCd1miDXA8r9oDtAHM3gSUAXWe+K+UlTXtM/x8iQjstgO6V0A1R0f1OkCxTcS+1D75POK4v7jP1zkJnTjmfEBJWtnKJtbFFwWMt6/JLpz0BODc/ZHmpX505BA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1659101239; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ejI1x8qjdnZ1TnSdsqHiwRRjSNaI7AUNkR7+/Wad9B0=; b=TQol14T7BFtirfitovJmprdp70ewVqCrAYvkPSb4pVlauPUQp+utadA6Wt2AYzsdpmE+oqQHl/3YLxCYPZUl1fsbWPc23bG12oitg6LFz5nbFtR58U/6UYcmUEJJRPSZpjLR/+sOY+pZhHLjjdoWvTSbN9mFuJw2q4SwYLl+ddU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1659101239481618.9944750804387; Fri, 29 Jul 2022 06:27:19 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.377531.610766 (Exim 4.92) (envelope-from ) id 1oHQ10-000778-Tc; Fri, 29 Jul 2022 13:26:54 +0000 Received: by outflank-mailman (output) from mailman id 377531.610766; Fri, 29 Jul 2022 13:26:54 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1oHQ10-000771-QT; Fri, 29 Jul 2022 13:26:54 +0000 Received: by outflank-mailman (input) for mailman id 377531; Fri, 29 Jul 2022 13:26:53 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1oHQ0z-0006rA-9o for xen-devel@lists.xenproject.org; Fri, 29 Jul 2022 13:26:53 +0000 Received: from esa2.hc3370-68.iphmx.com (esa2.hc3370-68.iphmx.com [216.71.145.153]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 1a3a013f-0f42-11ed-924f-1f966e50362f; Fri, 29 Jul 2022 15:26:52 +0200 (CEST) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 1a3a013f-0f42-11ed-924f-1f966e50362f DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1659101212; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Xag00GhheHezUELouMZ36MTWxrrWM9y1zSsNJWcF1U8=; b=PQ8hzeZh5GHEJBYiE3fkrEmK+7IiqOP8NWM3nfe2x8W3DjPET7Y0tvL3 olhXRCx4tRJ0m6a1jORLy2E9OS9581JvCcxD7i9ZpV2T0O8urp7dUiflo N8hg4ib0UFdSn+gOOPpYnApB15VaUUlza2iEvZOgX65K6ZR8kbib/HfZm g=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none X-SBRS: 2.7 X-MesageID: 76933073 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.156.83 X-Policy: $RELAYED IronPort-Data: =?us-ascii?q?A9a23=3AdIrv+6KjlqATiKahFE//H55y3J0nRxNeGxL0i?= =?us-ascii?q?kilI80cnZWQUeEPdw9qPMoIMlI7Zkq1ybYU6pjk1CcKHzt1ght/QUK0NyA2K?= =?us-ascii?q?EpqG9lA2JNDUBPUje0YwoEHz3Ja7MxMpXWQ7QQlt0yKgMcZUAcEg5gMNkkTO?= =?us-ascii?q?fD2cQK/E294acydWC6odUkRQ/6V6RiSbpLfIHHDY9r0CF3pauzThPh+POmYy?= =?us-ascii?q?oL5TN3WsLCy6cAYIIKHz6GVwVC15dVudqtm3w1GOuFK3kxO7cBmMHg54luXF?= =?us-ascii?q?V7Ybo76rfLd8no1rUnRPXspg+z10KiapIFWAi5fHJfICtd2EfkNXlqk9PtEz?= =?us-ascii?q?fYLQWVg+OhkPAB2lHX2+aL8nJxcKBKR6GgactTX3VRAqOxZKHZrR6QVdzpFD?= =?us-ascii?q?Rn/JKV1m5zIWbSP98WdJHAtfibcOUOQRl9fYwSaGfCkXvD2yrfratdekFnU0?= =?us-ascii?q?O8CHrKJX+1AKbQfV5xc5zEAPeEVo3+EzPSUXqQWmFHVq8T8Ns5NcgNJbvRJp?= =?us-ascii?q?fUFvPmszQc/UAJV2d/2lFxnOcObWMif0f+Bo4QHBzC7sStI4rDC4VnjM/MsK?= =?us-ascii?q?uJbA/tgJd1YpwnBc+wrKnSh59QAtI0O6FbZ3qK8KGmsGfYcfbZa1VuR5Ddtn?= =?us-ascii?q?TcUqdxj1w9uvjGW1n92yrxiUGvwazgyzZsAaVXyvDHPRFRFL61iZx9Tht5Oy?= =?us-ascii?q?OS5Z0ou74xClZpfG7QOmMCZ5RYV7SICpP8yhG38HDEb3VGQfUXoPz0FuScGy?= =?us-ascii?q?OL59fJIM9294UyjKanKbcXkKxLKsTH2U5cq4zG0YaFFbGGQm8LJ0v/XSjPAV?= =?us-ascii?q?yb4Oo6gZp8DBnbKMlNjT2nZ5wU9AgxDgqmuTzcY53xsahir7vx9ckrR+k6Do?= =?us-ascii?q?xSMEcd1WJajeSI0XOso1rTnbKLGUIGvnCcBpkxuTuWTz0Wwn8qMQ6aiGZSw2?= =?us-ascii?q?0Qspq/kUOIzhsocWbx48lTc7V5hhFr7f6VeE4n3AAcmGNa/V3aqL0JO1sEfn?= =?us-ascii?q?uJrXhvUA6u8cOeQM5D4E0eCTnaLWEHJQ9mWK7VFcLtJsxrOg+0NmcXIQk+Tf?= =?us-ascii?q?7ZmSEvWqNKEqbe4RECbPbjU+NQhlQLKMX2YfRPnhS4LJZDflZP6PRy6JhfMa?= =?us-ascii?q?YwC1gO02R4F1m/7RBU+t1k+U1E2BnbmKmbclL1kwBA89KBgfypqeBKBDqumF?= =?us-ascii?q?Rh4VD5l46YK/ViFQTCd/muD0MVN10D8EbPplA2K4nsivseSBLpavASwH8N9t?= =?us-ascii?q?UevErGaZtBAAffwGDH7yQGiGigkfM3ZutesCbGoVapxdD9a2idmrpG7Lt1z5?= =?us-ascii?q?h8gAMpi+DkJhetLLMO1TEmtt7CuTt79v4xKqiZsdFL1LsQ1T28BRpZm39vhy?= =?us-ascii?q?O5Xh+yJN2Hdc7EiB7BT6WWwpBqtEKniOPGrgPFL9MUtmt3Y6VK2M29wRjJ4U?= =?us-ascii?q?0yd9Pefsdxe2+bTa5R6nvxL5AkIQWFGsIx/MwYNJRI5tPLoisZvWD8wcQXF6?= =?us-ascii?q?QcyJKwzBtCpdHp3RpyknTGV0UJW1WVCjQfyr2VSmZOgdAfZbiF30KkCyhZjN?= =?us-ascii?q?Vlj6GwhVRylNv43kswKnKhilLfwAsOvKd8FXKtx6mN9lj65kdA7exq9mSunp?= =?us-ascii?q?G5wNuaKRdu8aFe/UWTL9KIsc909Hko6HEUyBjB5pNEA0Z3ZQXH7sVNLJOGj5?= =?us-ascii?q?T8ryej2OmTH4IvXvdF3+lFnCxRFKZ0jU34GFlsg6FPP/2ghQy2ZeD+cl1L8v?= =?us-ascii?q?PDhbuj2haNwOfa6DfwW26tOiM4sv8sdCnaX/hg+///WiH7kz5cVNrD+xr9yK?= =?us-ascii?q?ZOxKg6n9fqAYbS25A6hYaNFP9Hk80jU/2zuZeVWwlg+gk1qED15RmPSlDEgs?= =?us-ascii?q?/yZQrIxcWU6Y1JdPt9jIldkiLxfW73q2U68prKLt3pa7YP3uIzB9USu+4Z0E?= =?us-ascii?q?66vQzq81+jtTsYcbyRdqXoX0gzNFNNJcdHJ2KA6CgHZNN+IETeHnCCrLmFJe?= =?us-ascii?q?5bQI+jWpJmpORQbU7NaHyxjYNlUA9IOVUBa/2G+DjaEQaFVJYVTAw2+xHuma?= =?us-ascii?q?4lh/Pl+/34+yZkvxRnUn6CDnYvpY9rb0+FkJb2THM6I7x/SYRbBl/Zk1w/bY?= =?us-ascii?q?CzgT7oVGTxXjJICPpXalL7m5hralhYWTPFnJu7bgsL3fLGiOSoy3B3oQiQuZ?= =?us-ascii?q?J5VJ3ZkGHWswnvyC1rn/y8vv2M+LTVr21iN/IwO5r3exsI527WoTfJW/p15+?= =?us-ascii?q?IB0FshXe+ihMs+UxL+PLiBkDLBS8BncdqpGuty37+z4HJ+myPAXA78qeAAHx?= =?us-ascii?q?m0/HRwzKD4y+3pKGI4d7GWL+hQ6ceiM4jBFuCpU2ClleDCtn/sn/0/78W/IO?= =?us-ascii?q?8XPE3KhW895dGRhS8XSa/Ou97UJBV4WC1TJxWIT/+vzEVFwkUHtW4bgH45so?= =?us-ascii?q?EDTBbZrVAtGW7qe3ycGbH7bdWFGZYTAJmbu3AH1pN2gAMRCVT1/+vcQf0tKS?= =?us-ascii?q?aEw7W/iJcOFVX09jTARq6alGE2nLZKKTKpV6ATwm+hJMzV/DMEMwwWF/w6N7?= =?us-ascii?q?OFP6MbejZV3KimGzhK78tuuOZaiJ3oHbeuINMqpsT8jnewG6NbAedGINA5BN?= =?us-ascii?q?ueqWz5S0FAjEfuJ4nl1ybLsrCUoHppPAbZy/zbiVkefFGGdWacQD4wZOtdIv?= =?us-ascii?q?ClT5LlJlKh8xnFeL/FPFJ7oaxRtE/do8lO+RArqI5YsEesVKmTaOOMGpWi6o?= =?us-ascii?q?n0q3YOnuaShQcll50ExwUqKzl9gQL2bIXGNBEPJ5kH1f4S5yPJRzz196EUGo?= =?us-ascii?q?X0knfh0yfU6k3FepGO0Nh6fsdTD4nvUlirBTFVf4NoU/M2L1w=3D=3D?= X-IronPort-AV: E=Sophos;i="5.93,201,1654574400"; d="scan'208";a="76933073" From: Anthony PERARD To: CC: Juergen Gross , Wei Liu , Jan Beulich , Andrew Cooper , "Roger Pau Monne" , Anthony PERARD Subject: [XEN PATCH stable-4.16] tools/libxl: env variable to signal whether disk/nic backend is trusted Date: Fri, 29 Jul 2022 14:26:40 +0100 Message-ID: <20220729132641.21221-2-anthony.perard@citrix.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220729132641.21221-1-anthony.perard@citrix.com> References: <20220729132641.21221-1-anthony.perard@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1659101240760100003 From: Roger Pau Monne Introduce support in libxl for fetching the default backend trusted option for disk and nic devices. Users can set LIBXL_{DISK,NIC}_BACKEND_UNTRUSTED environment variable to notify libxl of whether the backends for disk and nic devices should be trusted. Such information is passed into the frontend so it can take the appropriate measures. This is part of XSA-403. Signed-off-by: Roger Pau Monn=C3=A9 Signed-off-by: Anthony PERARD --- changes: - envvar now upper case - documentation in xl man page - value "0" also mean "trusted" --- docs/man/xl.1.pod.in | 18 ++++++++++++++++++ tools/libs/light/libxl_disk.c | 5 +++++ tools/libs/light/libxl_nic.c | 7 +++++++ 3 files changed, 30 insertions(+) diff --git a/docs/man/xl.1.pod.in b/docs/man/xl.1.pod.in index e2176bd696..45e1430aeb 100644 --- a/docs/man/xl.1.pod.in +++ b/docs/man/xl.1.pod.in @@ -1946,6 +1946,24 @@ shows the decimal value. For non-linear mode, it sho= ws hexadecimal value. =20 =3Dback =20 +=3Dhead1 ENVIRONMENT + +=3Dover 4 + +=3Ditem B + +Set this environment variable to "1" to suggest to the guest that the disk +backend shouldn't be trusted. If the variable is absent or set to "0", the +backend will be trusted. + +=3Ditem B + +Set this environment variable to "1" to suggest to the guest that the netw= ork +backend shouldn't be trusted. If the variable is absent or set to "0", the +backend will be trusted. + +=3Dback + =3Dhead1 IGNORED FOR COMPATIBILITY WITH XM =20 xl is mostly command-line compatible with the old xm utility used with diff --git a/tools/libs/light/libxl_disk.c b/tools/libs/light/libxl_disk.c index 93936d0dd0..67d1cc1857 100644 --- a/tools/libs/light/libxl_disk.c +++ b/tools/libs/light/libxl_disk.c @@ -246,6 +246,7 @@ static void device_disk_add(libxl__egc *egc, uint32_t d= omid, libxl_domain_config d_config; libxl_device_disk disk_saved; libxl__flock *lock =3D NULL; + const char *envvar; =20 libxl_domain_config_init(&d_config); libxl_device_disk_init(&disk_saved); @@ -395,6 +396,10 @@ static void device_disk_add(libxl__egc *egc, uint32_t = domid, flexarray_append(front, GCSPRINTF("%d", device->devid)); flexarray_append(front, "device-type"); flexarray_append(front, disk->is_cdrom ? "cdrom" : "disk"); + flexarray_append(front, "trusted"); + envvar =3D getenv("LIBXL_DISK_BACKEND_UNTRUSTED"); + /* Set "trusted=3D1" if envvar missing or is "0". */ + flexarray_append(front, !envvar || !strcmp("0", envvar) ? "1" : "0= "); =20 /* * Old PV kernel disk frontends before 2.6.26 rely on tool stack to diff --git a/tools/libs/light/libxl_nic.c b/tools/libs/light/libxl_nic.c index 0b9e70c9d1..f87890d1d6 100644 --- a/tools/libs/light/libxl_nic.c +++ b/tools/libs/light/libxl_nic.c @@ -132,6 +132,8 @@ static int libxl__set_xenstore_nic(libxl__gc *gc, uint3= 2_t domid, flexarray_t *back, flexarray_t *front, flexarray_t *ro_front) { + const char *envvar; + flexarray_grow(back, 2); =20 if (nic->script) @@ -255,6 +257,11 @@ static int libxl__set_xenstore_nic(libxl__gc *gc, uint= 32_t domid, flexarray_append(back, "hotplug-status"); flexarray_append(back, ""); =20 + flexarray_append(front, "trusted"); + envvar =3D getenv("LIBXL_NIC_BACKEND_UNTRUSTED"); + /* Set "trusted=3D1" if envvar missing or is "0". */ + flexarray_append(front, !envvar || !strcmp("0", envvar) ? "1" : "0"); + return 0; } =20 --=20 Anthony PERARD