[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] fs-backend: do not expose file descriptors to frontend

fs-backend: do not expose file descriptors to frontend

Signed-off-by: Samuel Thibault <samuel.thibault@xxxxxxxxxxxxx>

diff -r 4e17922324d3 tools/fs-back/fs-backend.c
--- a/tools/fs-back/fs-backend.c        Tue Jul 15 18:20:10 2008 +0100
+++ b/tools/fs-back/fs-backend.c        Tue Jul 15 19:31:44 2008 +0100
@@ -200,6 +200,7 @@
     int evt_port;
     pthread_t handling_thread;
     struct fsif_sring *sring;
+    int i;
 
     printf("Handling connection from dom=%d, for export=%d\n", 
             frontend_dom_id, export_id);
@@ -242,6 +243,8 @@
                                     PROT_READ | PROT_WRITE);
     BACK_RING_INIT(&mount->ring, sring, PAGE_SIZE);
     mount->nr_entries = mount->ring.nr_ents; 
+    for (i = 0; i < MAX_FDS; i++)
+        mount->fds[i] = -1;
     xenbus_write_backend_ready(mount);
 
     pthread_create(&handling_thread, NULL, &handle_mount, mount);
diff -r 4e17922324d3 tools/fs-back/fs-backend.h
--- a/tools/fs-back/fs-backend.h        Tue Jul 15 18:20:10 2008 +0100
+++ b/tools/fs-back/fs-backend.h        Tue Jul 15 19:31:44 2008 +0100
@@ -12,6 +12,7 @@
 #define EXPORTS_SUBNODE     "exports"
 #define EXPORTS_NODE        ROOT_NODE"/"EXPORTS_SUBNODE
 #define WATCH_NODE          EXPORTS_NODE"/requests"
+#define MAX_FDS             16
 
 struct fs_export
 {
@@ -45,6 +46,7 @@
     int nr_entries;
     struct fs_request *requests;
     unsigned short *freelist;
+    int fds[MAX_FDS];
 };
 
 
diff -r 4e17922324d3 tools/fs-back/fs-ops.c
--- a/tools/fs-back/fs-ops.c    Tue Jul 15 18:20:10 2008 +0100
+++ b/tools/fs-back/fs-ops.c    Tue Jul 15 19:31:44 2008 +0100
@@ -34,6 +34,16 @@
     mount->requests[id].active = 1;
 
     return id;
+}
+
+int get_fd(struct mount *mount)
+{
+    int i;
+
+    for (i = 0; i < MAX_FDS; i++)
+        if (mount->fds[i] == -1)
+            return i;
+    return -1;
 }
 
 
@@ -61,8 +71,17 @@
            mount->export->export_path, file_name);
     assert(xc_gnttab_munmap(mount->gnth, file_name, 1) == 0);
     printf("Issuing open for %s\n", full_path);
-    fd = open(full_path, O_RDWR);
-    printf("Got FD: %d\n", fd);
+    fd = get_fd(mount);
+    if (fd >= 0) {
+        int real_fd = open(full_path, O_RDWR);
+        if (real_fd < 0)
+            fd = -1;
+        else
+        {
+            mount->fds[fd] = real_fd;
+            printf("Got FD: %d for real %d\n", fd, real_fd);
+        }
+    }
     /* We can advance the request consumer index, from here on, the request
      * should not be used (it may be overrinden by a response) */
     mount->ring.req_cons++;
@@ -86,7 +105,12 @@
     printf("Dispatching file close operation (fd=%d).\n", req->u.fclose.fd);
    
     req_id = req->id;
-    ret = close(req->u.fclose.fd);
+    if (req->u.fclose.fd < MAX_FDS) {
+        int fd = mount->fds[req->u.fclose.fd];
+        ret = close(fd);
+        mount->fds[req->u.fclose.fd] = -1;
+    } else
+        ret = -1;
     printf("Got ret: %d\n", ret);
     /* We can advance the request consumer index, from here on, the request
      * should not be used (it may be overrinden by a response) */
@@ -117,7 +141,12 @@
     req_id = req->id;
     printf("File read issued for FD=%d (len=%"PRIu64", offest=%"PRIu64")\n", 
             req->u.fread.fd, req->u.fread.len, req->u.fread.offset); 
-   
+
+    if (req->u.fread.fd < MAX_FDS)
+        fd = mount->fds[req->u.fread.fd];
+    else
+        fd = -1;
+
     priv_id = get_request(mount, req);
     printf("Private id is: %d\n", priv_id);
     priv_req = &mount->requests[priv_id];
@@ -125,13 +154,13 @@
 
     /* Dispatch AIO read request */
     bzero(&priv_req->aiocb, sizeof(struct aiocb));
-    priv_req->aiocb.aio_fildes = req->u.fread.fd;
+    priv_req->aiocb.aio_fildes = fd;
     priv_req->aiocb.aio_nbytes = req->u.fread.len;
     priv_req->aiocb.aio_offset = req->u.fread.offset;
     priv_req->aiocb.aio_buf = buf;
     assert(aio_read(&priv_req->aiocb) >= 0);
 
-     
+out: 
     /* We can advance the request consumer index, from here on, the request
      * should not be used (it may be overrinden by a response) */
     mount->ring.req_cons++;
@@ -173,6 +202,11 @@
     printf("File write issued for FD=%d (len=%"PRIu64", offest=%"PRIu64")\n", 
             req->u.fwrite.fd, req->u.fwrite.len, req->u.fwrite.offset); 
    
+    if (req->u.fwrite.fd < MAX_FDS)
+        fd = mount->fds[req->u.fwrite.fd];
+    else
+        fd = -1;
+
     priv_id = get_request(mount, req);
     printf("Private id is: %d\n", priv_id);
     priv_req = &mount->requests[priv_id];
@@ -180,7 +214,7 @@
 
     /* Dispatch AIO write request */
     bzero(&priv_req->aiocb, sizeof(struct aiocb));
-    priv_req->aiocb.aio_fildes = req->u.fwrite.fd;
+    priv_req->aiocb.aio_fildes = fd;
     priv_req->aiocb.aio_nbytes = req->u.fwrite.len;
     priv_req->aiocb.aio_offset = req->u.fwrite.offset;
     priv_req->aiocb.aio_buf = buf;
@@ -226,8 +260,12 @@
                                   PROT_WRITE);
    
     req_id = req->id;
-    fd = req->u.fstat.fd;
-    printf("File stat issued for FD=%d\n", fd); 
+    if (req->u.fstat.fd < MAX_FDS)
+        fd = mount->fds[req->u.fstat.fd];
+    else
+        fd = -1;
+
+    printf("File stat issued for FD=%d\n", req->u.fstat.fd); 
    
     /* We can advance the request consumer index, from here on, the request
      * should not be used (it may be overrinden by a response) */
@@ -276,10 +314,14 @@
     int64_t length;
 
     req_id = req->id;
-    fd = req->u.ftruncate.fd;
     length = req->u.ftruncate.length;
-    printf("File truncate issued for FD=%d, length=%"PRId64"\n", fd, length); 
+    printf("File truncate issued for FD=%d, length=%"PRId64"\n", 
req->u.ftruncate.fd, length); 
    
+    if (req->u.ftruncate.fd < MAX_FDS)
+        fd = mount->fds[req->u.ftruncate.fd];
+    else
+        fd = -1;
+
     /* We can advance the request consumer index, from here on, the request
      * should not be used (it may be overrinden by a response) */
     mount->ring.req_cons++;
@@ -512,7 +554,11 @@
     printf("Dispatching file chmod operation (fd=%d, mode=%o).\n", 
             req->u.fchmod.fd, req->u.fchmod.mode);
     req_id = req->id;
-    fd = req->u.fchmod.fd;
+    if (req->u.fchmod.fd < MAX_FDS)
+        fd = mount->fds[req->u.fchmod.fd];
+    else
+        fd = -1;
+
     mode = req->u.fchmod.mode;
     /* We can advance the request consumer index, from here on, the request
      * should not be used (it may be overrinden by a response) */
@@ -577,8 +623,12 @@
     struct fs_request *priv_req;
 
     req_id = req->id;
-    fd = req->u.fsync.fd;
-    printf("File sync issued for FD=%d\n", fd); 
+    if (req->u.fsync.fd < MAX_FDS)
+        fd = mount->fds[req->u.fsync.fd];
+    else
+        fd = -1;
+
+    printf("File sync issued for FD=%d\n", req->u.fsync.fd); 
    
     priv_id = get_request(mount, req);
     printf("Private id is: %d\n", priv_id);

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.