 Home |
Products |
Support |
Community |
News |
xen-devel
Re: [Xen-devel] [PATCH] [Xend] Grab common lock during domain restore op
| To: | Keir Fraser <keir.fraser@xxxxxxxxxxxxx> |
|---|---|
| Subject: | Re: [Xen-devel] [PATCH] [Xend] Grab common lock during domain restore op and security op |
| From: | Stefan Berger <stefanb@xxxxxxxxxx> |
| Date: | Mon, 10 Mar 2008 21:52:10 -0400 |
| Cc: | xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx> |
| Delivery-date: | Mon, 10 Mar 2008 18:52:42 -0700 |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxx |
| In-reply-to: | <C3FB616E.1DC62%keir.fraser@xxxxxxxxxxxxx> |
| List-help: | <mailto:xen-devel-request@lists.xensource.com?subject=help> |
| List-id: | Xen developer discussion <xen-devel.lists.xensource.com> |
| List-post: | <mailto:xen-devel@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
| Sender: | xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
|
xen-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 03/10/2008 06:06:38 PM: > It seems odd to me that of all update operations that can be performed on a > domain by xend, only label-setting needs explicit serialisation against > domain restore. What's the underlying problem that this is solving? If it's not serialized, one could otherwise change the policy while a migration is happening. In the worst case this would lead to the new VM running on a system that it otherwise would not be allowed to run (due to the modified policy). I would have grabbed the domains_lock lock otherwise, but then I found this here in the XendCheckpoint.restore() method which is called with the domains_lock() held: # # We shouldn't hold the domains_lock over a waitForDevices # As this function sometime gets called holding this lock, # we must release it and re-acquire it appropriately # from xen.xend import XendDomain lock = True; try: XendDomain.instance().domains_lock.release() except: lock = False; try: dominfo.waitForDevices() # Wait for backends to set up except Exception, exn: log.exception(exn) if lock: XendDomain.instance().domains_lock.acquire() To me it looks like introducing another lock is necessary. Stefan > > -- Keir > > On 10/3/08 21:59, "Stefan Berger" <stefanb@xxxxxxxxxx> wrote: > > > I am introducing a lock in the path of the domain restore operation. > > This lock is acquired when a domain is restored or migrated into a > > system. The lock is also acquired during policy operation, i.e., setting > > of a domain's label, which prevents changes to the policy during restore > > operations. > > > > Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx> > > > > _______________________________________________ > > Xen-devel mailing list > > Xen-devel@xxxxxxxxxxxxxxxxxxx > > http://lists.xensource.com/xen-devel > > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@xxxxxxxxxxxxxxxxxxx > http://lists.xensource.com/xen-devel _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [Xen-devel] how page faults are handled in paravirtualized xenguests?, tgh |
|---|---|
| Next by Date: | [Xen-devel] [PATCH] Each TAP/TUN device name for a HVM guest includes its domain ID., MIYAJIMA Mitsuharu |
| Previous by Thread: | Re: [Xen-devel] [PATCH] [Xend] Grab common lock during domain restore op and security op, Keir Fraser |
| Next by Thread: | [Xen-devel] [PATCH] Fix methods in SrvDomain class for inactive managed domains, Masaki Kanno |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
