xenstored: add --priv-domid parameter

This parameter identifies an alternative service domain which has superuser access to the xenstore database, which is currently required to set up a new domain's xenstore entries. Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Acked-by: Ian Campbell <ian.campbell@citrix.com> Cc: Ian Jackson <ian.jackson@eu.citrix.com> Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Committed-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
author: Daniel De Graaf <dgdegra@tycho.nsa.gov> 2012-02-09 18:33:36 +0000
committer: Daniel De Graaf <dgdegra@tycho.nsa.gov> 2012-02-09 18:33:36 +0000
commit: 062c8ffe82563c0bbb3f5b52dcad0a72d22bf670 (patch)
tree: 9b240c3f842f8703ff0ff8974337b0cd7d11a812 /tools/xenstore
parent: d0b276ee3bd33e42e03d8150c80146f893bb7f71 (diff)
download: xen-062c8ffe82563c0bbb3f5b52dcad0a72d22bf670.tar.gz
xen-062c8ffe82563c0bbb3f5b52dcad0a72d22bf670.tar.bz2
xen-062c8ffe82563c0bbb3f5b52dcad0a72d22bf670.zip
3 files changed, 7 insertions, 1 deletions
diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c
index 66584f51d2..a42f55291d 100644
--- a/tools/xenstore/xenstored_core.c
+++ b/tools/xenstore/xenstored_core.c
@@ -1752,6 +1752,7 @@ static struct option options[] = {
 	{ "event", 1, NULL, 'e' },
 	{ "help", 0, NULL, 'H' },
 	{ "no-fork", 0, NULL, 'N' },
+	{ "priv-domid", 1, NULL, 'p' },
 	{ "output-pid", 0, NULL, 'P' },
 	{ "entry-size", 1, NULL, 'S' },
 	{ "trace-file", 1, NULL, 'T' },
@@ -1765,6 +1766,7 @@ static struct option options[] = {
 
 extern void dump_conn(struct connection *conn); 
 int dom0_event = 0;
+int priv_domid = 0;
 
 int main(int argc, char *argv[])
 {
@@ -1825,6 +1827,9 @@ int main(int argc, char *argv[])
 		case 'e':
 			dom0_event = strtol(optarg, NULL, 10);
 			break;
+		case 'p':
+			priv_domid = strtol(optarg, NULL, 10);
+			break;
 		}
 	}
 	if (optind != argc)
diff --git a/tools/xenstore/xenstored_core.h b/tools/xenstore/xenstored_core.h
index e1c2be7a48..92c27ba92f 100644
--- a/tools/xenstore/xenstored_core.h
+++ b/tools/xenstore/xenstored_core.h
@@ -169,6 +169,7 @@ void dtrace_io(const struct connection *conn, const struct buffered_data *data,
 
 extern int event_fd;
 extern int dom0_event;
+extern int priv_domid;
 
 /* Map the kernel's xenstore page. */
 void *xenbus_map(void);
diff --git a/tools/xenstore/xenstored_domain.c b/tools/xenstore/xenstored_domain.c
index fa9c8fe984..f8c822f46e 100644
--- a/tools/xenstore/xenstored_domain.c
+++ b/tools/xenstore/xenstored_domain.c
@@ -259,7 +259,7 @@ bool domain_can_read(struct connection *conn)
 
 bool domain_is_unprivileged(struct connection *conn)
 {
-	return (conn && conn->domain && conn->domain->domid != 0);
+	return (conn && conn->domain && conn->domain->domid != 0 && conn->domain->domid != priv_domid);
 }
 
 bool domain_can_write(struct connection *conn)
author	Daniel De Graaf <dgdegra@tycho.nsa.gov>	2012-02-09 18:33:36 +0000
committer	Daniel De Graaf <dgdegra@tycho.nsa.gov>	2012-02-09 18:33:36 +0000
commit	062c8ffe82563c0bbb3f5b52dcad0a72d22bf670 (patch)
tree	9b240c3f842f8703ff0ff8974337b0cd7d11a812 /tools/xenstore
parent	d0b276ee3bd33e42e03d8150c80146f893bb7f71 (diff)
download	xen-062c8ffe82563c0bbb3f5b52dcad0a72d22bf670.tar.gz xen-062c8ffe82563c0bbb3f5b52dcad0a72d22bf670.tar.bz2 xen-062c8ffe82563c0bbb3f5b52dcad0a72d22bf670.zip