WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-changelog

[Xen-changelog] [xen-unstable] xend: Make only selected subdirs of /loca

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] xend: Make only selected subdirs of /local/domain/<domid> writable by the guest.
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 08 Oct 2008 18:50:11 -0700
Delivery-date: Wed, 08 Oct 2008 18:50:12 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1222940248 -3600
# Node ID 60937c4c5a673d3b2179255e0f9b2e17bfd8f8be
# Parent  ab19284c5070b8603a89bb757eff77b4420d1925
xend: Make only selected subdirs of /local/domain/<domid> writable by the guest.

This protects critical data like
/local/domain/<domid>/console/{tty,limit}. It also means we can trust
.../vm, and hence do not need /vm_path. Various parts of the previous
two changesets disappear.

Signed-off-by: Keir Fraser <keir.fraser@xxxxxxxxxx>
---
 tools/python/xen/xend/XendDomainInfo.py |   57 ++++++++++++++++++++++----------
 tools/python/xen/xend/image.py          |    4 +-
 2 files changed, 42 insertions(+), 19 deletions(-)

diff -r ab19284c5070 -r 60937c4c5a67 tools/python/xen/xend/XendDomainInfo.py
--- a/tools/python/xen/xend/XendDomainInfo.py   Wed Oct 01 14:07:17 2008 +0100
+++ b/tools/python/xen/xend/XendDomainInfo.py   Thu Oct 02 10:37:28 2008 +0100
@@ -142,7 +142,9 @@ def recreate(info, priv):
     xeninfo['is_control_domain'] = priv
     xeninfo['is_a_template'] = False
     domid = xeninfo['domid']
-
+    uuid1 = uuid.fromString(xeninfo['uuid'])
+    needs_reinitialising = False
+    
     dompath = GetDomainPath(domid)
     if not dompath:
         raise XendError('No domain path in store for existing '
@@ -151,12 +153,42 @@ def recreate(info, priv):
     log.info("Recreating domain %d, UUID %s. at %s" %
              (domid, xeninfo['uuid'], dompath))
 
-    vmpath = xstransact.Read("/vm_path", str(domid))
+    # need to verify the path and uuid if not Domain-0
+    # if the required uuid and vm aren't set, then that means
+    # we need to recreate the dom with our own values
+    #
+    # NOTE: this is probably not desirable, really we should just
+    #       abort or ignore, but there may be cases where xenstore's
+    #       entry disappears (eg. xenstore-rm /)
+    #
+    try:
+        vmpath = xstransact.Read(dompath, "vm")
+        if not vmpath:
+            if not priv:
+                log.warn('/local/domain/%d/vm is missing. recreate is '
+                         'confused, trying our best to recover' % domid)
+            needs_reinitialising = True
+            raise XendError('reinit')
+        
+        uuid2_str = xstransact.Read(vmpath, "uuid")
+        if not uuid2_str:
+            log.warn('%s/uuid/ is missing. recreate is confused, '
+                     'trying our best to recover' % vmpath)
+            needs_reinitialising = True
+            raise XendError('reinit')
+        
+        uuid2 = uuid.fromString(uuid2_str)
+        if uuid1 != uuid2:
+            log.warn('UUID in /vm does not match the UUID in /dom/%d.'
+                     'Trying out best to recover' % domid)
+            needs_reinitialising = True
+    except XendError:
+        pass # our best shot at 'goto' in python :)
 
     vm = XendDomainInfo(xeninfo, domid, dompath, augment = True, priv = priv,
                         vmpath = vmpath)
-
-    if not vmpath:
+    
+    if needs_reinitialising:
         vm._recreateDom()
         vm._removeVm()
         vm._storeVmDetails()
@@ -1269,8 +1301,11 @@ class XendDomainInfo:
     def _recreateDomFunc(self, t):
         t.remove()
         t.mkdir()
-        t.set_permissions({'dom' : self.domid})
+        t.set_permissions({'dom' : self.domid, 'read' : True})
         t.write('vm', self.vmpath)
+        for i in [ 'device', 'control', 'error' ]:
+            t.mkdir(i)
+            t.set_permissions(i, {'dom' : self.domid})
 
     def _storeDomDetails(self):
         to_store = {
@@ -1776,7 +1811,6 @@ class XendDomainInfo:
         self._releaseDevices()
         # Remove existing vm node in xenstore
         self._removeVm()
-        self._removeVmPath()
         new_dom_info = self.info.copy()
         new_dom_info['name_label'] = self.info['name_label']
         new_dom_info['uuid'] = self.info['uuid']
@@ -2357,7 +2391,6 @@ class XendDomainInfo:
 
         paths = self._prepare_phantom_paths()
 
-        self._removeVmPath()
         if self.dompath is not None:
             try:
                 xc.domain_destroy_hook(self.domid)
@@ -2660,15 +2693,6 @@ class XendDomainInfo:
                 log.info("Dev still active but hit max loop timeout")
                 break
 
-    def _storeVmPath(self):
-        log.info("storeVmPath(%s) => %s", self.domid, self.vmpath)
-        if self.domid is not None:
-            xstransact.Write('/vm_path', str(self.domid), self.vmpath)
-
-    def _removeVmPath(self):
-        if self.domid is not None:
-            xstransact.Remove('/vm_path/%s' % str(self.domid))
-
     def _storeVmDetails(self):
         to_store = {}
 
@@ -2693,7 +2717,6 @@ class XendDomainInfo:
 
         self._writeVm(to_store)
         self._setVmPermissions()
-        self._storeVmPath()
 
     def _setVmPermissions(self):
         """Allow the guest domain to read its UUID.  We don't allow it to
diff -r ab19284c5070 -r 60937c4c5a67 tools/python/xen/xend/image.py
--- a/tools/python/xen/xend/image.py    Wed Oct 01 14:07:17 2008 +0100
+++ b/tools/python/xen/xend/image.py    Thu Oct 02 10:37:28 2008 +0100
@@ -418,7 +418,7 @@ class ImageHandler:
             os.close(null)
             os.close(logfd)
         sentinel_write.close()
-        self.vm.storeVm("image/device-model-pid", self.pid)
+        self.vm.storeDom("image/device-model-pid", self.pid)
         log.info("device model pid: %d", self.pid)
         # we would very much prefer not to have a thread here and instead
         #  have a callback but sadly we don't have Twisted in xend
@@ -502,7 +502,7 @@ class ImageHandler:
         if fifo_fd >= 0:
             self._openSentinel(sentinel_path_fifo)
             os.close(fifo_fd)
-            self.pid = self.vm._gatherVm(('image/device-model-pid', int))
+            self.pid = self.vm._gatherDom(('image/device-model-pid', int))
             log.debug("%s device model rediscovered, pid %s sentinel fifo %s",
                     name, self.pid, sentinel_path_fifo)
             self.sentinel_thread = 
thread.start_new_thread(self._sentinel_watch,())

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] xend: Make only selected subdirs of /local/domain/<domid> writable by the guest., Xen patchbot-unstable <=