WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-changelog

[Xen-changelog] [xen-unstable] fs-backend: do not expose file descriptor

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] fs-backend: do not expose file descriptors to frontend
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 16 Jul 2008 07:30:08 -0700
Delivery-date: Wed, 16 Jul 2008 07:30:07 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1216203201 -3600
# Node ID 649c975b72f00eff06659d683b9999dffec1063a
# Parent  45787d746db410deaa4cb7249e35d42cd8d01a9c
fs-backend: do not expose file descriptors to frontend

Signed-off-by: Samuel Thibault <samuel.thibault@xxxxxxxxxxxxx>
---
 tools/fs-back/fs-backend.c |    3 +
 tools/fs-back/fs-backend.h |    2 +
 tools/fs-back/fs-ops.c     |   80 ++++++++++++++++++++++++++++++++++++---------
 3 files changed, 70 insertions(+), 15 deletions(-)

diff -r 45787d746db4 -r 649c975b72f0 tools/fs-back/fs-backend.c
--- a/tools/fs-back/fs-backend.c        Wed Jul 16 11:12:36 2008 +0100
+++ b/tools/fs-back/fs-backend.c        Wed Jul 16 11:13:21 2008 +0100
@@ -198,6 +198,7 @@ static void handle_connection(int fronte
     int evt_port;
     pthread_t handling_thread;
     struct fsif_sring *sring;
+    int i;
 
     printf("Handling connection from dom=%d, for export=%d\n", 
             frontend_dom_id, export_id);
@@ -240,6 +241,8 @@ static void handle_connection(int fronte
                                     PROT_READ | PROT_WRITE);
     BACK_RING_INIT(&mount->ring, sring, PAGE_SIZE);
     mount->nr_entries = mount->ring.nr_ents; 
+    for (i = 0; i < MAX_FDS; i++)
+        mount->fds[i] = -1;
     xenbus_write_backend_ready(mount);
 
     pthread_create(&handling_thread, NULL, &handle_mount, mount);
diff -r 45787d746db4 -r 649c975b72f0 tools/fs-back/fs-backend.h
--- a/tools/fs-back/fs-backend.h        Wed Jul 16 11:12:36 2008 +0100
+++ b/tools/fs-back/fs-backend.h        Wed Jul 16 11:13:21 2008 +0100
@@ -12,6 +12,7 @@
 #define EXPORTS_SUBNODE     "exports"
 #define EXPORTS_NODE        ROOT_NODE"/"EXPORTS_SUBNODE
 #define WATCH_NODE          EXPORTS_NODE"/requests"
+#define MAX_FDS             16
 
 struct fs_export
 {
@@ -45,6 +46,7 @@ struct mount
     int nr_entries;
     struct fs_request *requests;
     unsigned short *freelist;
+    int fds[MAX_FDS];
 };
 
 
diff -r 45787d746db4 -r 649c975b72f0 tools/fs-back/fs-ops.c
--- a/tools/fs-back/fs-ops.c    Wed Jul 16 11:12:36 2008 +0100
+++ b/tools/fs-back/fs-ops.c    Wed Jul 16 11:13:21 2008 +0100
@@ -34,6 +34,16 @@ unsigned short get_request(struct mount 
     return id;
 }
 
+int get_fd(struct mount *mount)
+{
+    int i;
+
+    for (i = 0; i < MAX_FDS; i++)
+        if (mount->fds[i] == -1)
+            return i;
+    return -1;
+}
+
 
 void dispatch_file_open(struct mount *mount, struct fsif_request *req)
 {
@@ -59,8 +69,17 @@ void dispatch_file_open(struct mount *mo
            mount->export->export_path, file_name);
     assert(xc_gnttab_munmap(mount->gnth, file_name, 1) == 0);
     printf("Issuing open for %s\n", full_path);
-    fd = open(full_path, O_RDWR);
-    printf("Got FD: %d\n", fd);
+    fd = get_fd(mount);
+    if (fd >= 0) {
+        int real_fd = open(full_path, O_RDWR);
+        if (real_fd < 0)
+            fd = -1;
+        else
+        {
+            mount->fds[fd] = real_fd;
+            printf("Got FD: %d for real %d\n", fd, real_fd);
+        }
+    }
     /* We can advance the request consumer index, from here on, the request
      * should not be used (it may be overrinden by a response) */
     mount->ring.req_cons++;
@@ -84,7 +103,12 @@ void dispatch_file_close(struct mount *m
     printf("Dispatching file close operation (fd=%d).\n", req->u.fclose.fd);
    
     req_id = req->id;
-    ret = close(req->u.fclose.fd);
+    if (req->u.fclose.fd < MAX_FDS) {
+        int fd = mount->fds[req->u.fclose.fd];
+        ret = close(fd);
+        mount->fds[req->u.fclose.fd] = -1;
+    } else
+        ret = -1;
     printf("Got ret: %d\n", ret);
     /* We can advance the request consumer index, from here on, the request
      * should not be used (it may be overrinden by a response) */
@@ -115,7 +139,12 @@ void dispatch_file_read(struct mount *mo
     req_id = req->id;
     printf("File read issued for FD=%d (len=%"PRIu64", offest=%"PRIu64")\n", 
             req->u.fread.fd, req->u.fread.len, req->u.fread.offset); 
-   
+
+    if (req->u.fread.fd < MAX_FDS)
+        fd = mount->fds[req->u.fread.fd];
+    else
+        fd = -1;
+
     priv_id = get_request(mount, req);
     printf("Private id is: %d\n", priv_id);
     priv_req = &mount->requests[priv_id];
@@ -123,13 +152,13 @@ void dispatch_file_read(struct mount *mo
 
     /* Dispatch AIO read request */
     bzero(&priv_req->aiocb, sizeof(struct aiocb));
-    priv_req->aiocb.aio_fildes = req->u.fread.fd;
+    priv_req->aiocb.aio_fildes = fd;
     priv_req->aiocb.aio_nbytes = req->u.fread.len;
     priv_req->aiocb.aio_offset = req->u.fread.offset;
     priv_req->aiocb.aio_buf = buf;
     assert(aio_read(&priv_req->aiocb) >= 0);
 
-     
+out: 
     /* We can advance the request consumer index, from here on, the request
      * should not be used (it may be overrinden by a response) */
     mount->ring.req_cons++;
@@ -171,6 +200,11 @@ void dispatch_file_write(struct mount *m
     printf("File write issued for FD=%d (len=%"PRIu64", offest=%"PRIu64")\n", 
             req->u.fwrite.fd, req->u.fwrite.len, req->u.fwrite.offset); 
    
+    if (req->u.fwrite.fd < MAX_FDS)
+        fd = mount->fds[req->u.fwrite.fd];
+    else
+        fd = -1;
+
     priv_id = get_request(mount, req);
     printf("Private id is: %d\n", priv_id);
     priv_req = &mount->requests[priv_id];
@@ -178,7 +212,7 @@ void dispatch_file_write(struct mount *m
 
     /* Dispatch AIO write request */
     bzero(&priv_req->aiocb, sizeof(struct aiocb));
-    priv_req->aiocb.aio_fildes = req->u.fwrite.fd;
+    priv_req->aiocb.aio_fildes = fd;
     priv_req->aiocb.aio_nbytes = req->u.fwrite.len;
     priv_req->aiocb.aio_offset = req->u.fwrite.offset;
     priv_req->aiocb.aio_buf = buf;
@@ -224,8 +258,12 @@ void dispatch_stat(struct mount *mount, 
                                   PROT_WRITE);
    
     req_id = req->id;
-    fd = req->u.fstat.fd;
-    printf("File stat issued for FD=%d\n", fd); 
+    if (req->u.fstat.fd < MAX_FDS)
+        fd = mount->fds[req->u.fstat.fd];
+    else
+        fd = -1;
+
+    printf("File stat issued for FD=%d\n", req->u.fstat.fd); 
    
     /* We can advance the request consumer index, from here on, the request
      * should not be used (it may be overrinden by a response) */
@@ -274,10 +312,14 @@ void dispatch_truncate(struct mount *mou
     int64_t length;
 
     req_id = req->id;
-    fd = req->u.ftruncate.fd;
     length = req->u.ftruncate.length;
-    printf("File truncate issued for FD=%d, length=%"PRId64"\n", fd, length); 
-   
+    printf("File truncate issued for FD=%d, length=%"PRId64"\n", 
req->u.ftruncate.fd, length); 
+   
+    if (req->u.ftruncate.fd < MAX_FDS)
+        fd = mount->fds[req->u.ftruncate.fd];
+    else
+        fd = -1;
+
     /* We can advance the request consumer index, from here on, the request
      * should not be used (it may be overrinden by a response) */
     mount->ring.req_cons++;
@@ -510,7 +552,11 @@ void dispatch_chmod(struct mount *mount,
     printf("Dispatching file chmod operation (fd=%d, mode=%o).\n", 
             req->u.fchmod.fd, req->u.fchmod.mode);
     req_id = req->id;
-    fd = req->u.fchmod.fd;
+    if (req->u.fchmod.fd < MAX_FDS)
+        fd = mount->fds[req->u.fchmod.fd];
+    else
+        fd = -1;
+
     mode = req->u.fchmod.mode;
     /* We can advance the request consumer index, from here on, the request
      * should not be used (it may be overrinden by a response) */
@@ -575,8 +621,12 @@ void dispatch_file_sync(struct mount *mo
     struct fs_request *priv_req;
 
     req_id = req->id;
-    fd = req->u.fsync.fd;
-    printf("File sync issued for FD=%d\n", fd); 
+    if (req->u.fsync.fd < MAX_FDS)
+        fd = mount->fds[req->u.fsync.fd];
+    else
+        fd = -1;
+
+    printf("File sync issued for FD=%d\n", req->u.fsync.fd); 
    
     priv_id = get_request(mount, req);
     printf("Private id is: %d\n", priv_id);

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] fs-backend: do not expose file descriptors to frontend, Xen patchbot-unstable <=