Add VMCI RPC channel RIDs and allow messages to them from vSockets.

As part of the work to replace backdoor in the libRPC, we need two
additional VMCI channels in the VMX.  This change adds the resource IDs
for those channels.  One is privileged, meaning only admin/root guest
users can send to it.  The other allows messages from any user in the guest.

This change does not add handlers for the new channels, those will be added
in a future change.

This change also modifies vSockets to allow DGRAM sockets to send messages
over these new channels (we have explicit checks when sending to the VMX).

Signed-off-by: Marcelo Vanzin <mvanzin@vmware.com>

diff --git a/open-vm-tools/lib/include/vmci_defs.h b/open-vm-tools/lib/include/vmci_defs.h
index a0e702a09e4b3c9b73c74f05aba65085843a15f1..b641ba227e1dd59e3ca4c8bcec93e7c9aa472f2c 100644 (file)
--- a/open-vm-tools/lib/include/vmci_defs.h
+++ b/open-vm-tools/lib/include/vmci_defs.h
@@ -122,14 +122,20 @@ typedef uint32 VMCI_Resource;
 #define VMCI_EVENT_UNSUBSCRIBE    9
 #define VMCI_QUEUEPAIR_ALLOC      10
 #define VMCI_QUEUEPAIR_DETACH     11
-
 /*
  * VMCI_VSOCK_VMX_LOOKUP was assigned to 12 for Fusion 3.0/3.1,
  * WS 7.0/7.1 and ESX 4.1
  */
 #define VMCI_HGFS_TRANSPORT       13
 #define VMCI_UNITY_PBRPC_REGISTER 14
-#define VMCI_RESOURCE_MAX         15
+/*
+ * The next two resources are for RPC calls from guest Tools, to replace the
+ * backdoor calls we used previously.  Privileged is for admin/root RPCs,
+ * unprivileged is for RPCs from any user.
+ */
+#define VMCI_RPC_PRIVILEGED       15
+#define VMCI_RPC_UNPRIVILEGED     16
+#define VMCI_RESOURCE_MAX         17
 
 /* VMCI Ids. */
 typedef uint32 VMCIId;

diff --git a/open-vm-tools/modules/linux/shared/vmci_defs.h b/open-vm-tools/modules/linux/shared/vmci_defs.h
index 21daa90119a46ab3a6e166027eb8bb763df2ec70..d4f2b6177b2389eed4132168bafb471eb43ba49f 100644 (file)
--- a/open-vm-tools/modules/linux/shared/vmci_defs.h
+++ b/open-vm-tools/modules/linux/shared/vmci_defs.h
@@ -122,14 +122,20 @@ typedef uint32 VMCI_Resource;
 #define VMCI_EVENT_UNSUBSCRIBE    9
 #define VMCI_QUEUEPAIR_ALLOC      10
 #define VMCI_QUEUEPAIR_DETACH     11
-
 /*
  * VMCI_VSOCK_VMX_LOOKUP was assigned to 12 for Fusion 3.0/3.1,
  * WS 7.0/7.1 and ESX 4.1
  */
 #define VMCI_HGFS_TRANSPORT       13
 #define VMCI_UNITY_PBRPC_REGISTER 14
-#define VMCI_RESOURCE_MAX         15
+/*
+ * The next two resources are for RPC calls from guest Tools, to replace the
+ * backdoor calls we used previously.  Privileged is for admin/root RPCs,
+ * unprivileged is for RPCs from any user.
+ */
+#define VMCI_RPC_PRIVILEGED       15
+#define VMCI_RPC_UNPRIVILEGED     16
+#define VMCI_RESOURCE_MAX         17
 
 /* VMCI Ids. */
 typedef uint32 VMCIId;

diff --git a/open-vm-tools/modules/linux/vsock/linux/vsockAddr.c b/open-vm-tools/modules/linux/vsock/linux/vsockAddr.c
index 6d7e090217f67d46bcebfb8dd3ff10e01eb96b72..c3c2abd7d78712ed3ebb1039628ffc64314e02a0 100644 (file)
--- a/open-vm-tools/modules/linux/vsock/linux/vsockAddr.c
+++ b/open-vm-tools/modules/linux/vsock/linux/vsockAddr.c
@@ -448,9 +448,14 @@ VSockAddr_SocketContextDgram(uint32 cid,  // IN
    if (cid == VMCI_HYPERVISOR_CONTEXT_ID) {
       /*
        * Registrations of PBRPC Servers do not modify VMX/Hypervisor state and
-       * are allowed.
+       * are allowed.  We also allow messages on the two RPC channels.
+       *
+       * XXX, we should disallow messages to the privileged channel for
+       * sockets that are not owned by admin/root.  See PR 794652.
        */
-      if (rid == VMCI_UNITY_PBRPC_REGISTER) {
+      if (rid == VMCI_UNITY_PBRPC_REGISTER ||
+          rid == VMCI_RPC_PRIVILEGED ||
+          rid == VMCI_RPC_UNPRIVILEGED) {
          return TRUE;
       } else {
          return FALSE;