[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] Prevent xl save from segfaulting when control/shutdown key is removed



On Wed, 2011-11-23 at 11:19 +0000, Paul Durrant wrote:
> what is the reason for creating control ro to the guest?

In general libxl prefers to whitelist paths which the guest can write
too, just to prevent a complete free for all, keep things somewhat under
control and to help avoid situations where tools might inadvertently
rely on a guest-writeable key in an unsafe way..

>  In XenServer we allow the guest to write the control key to advertise
> feature-shutdown, feature-suspend etc. so that the tools know what
> values of control/shutdown the guest will respond to.

The libxl way would be to create these at build time (perhaps empty)
with the appropriate permissions.

It's not clear how that functionality can be added in a way which is
compatible with existing guests though, e.g. no Linux guest writes those
but many can be suspended etc.

Ian.

> 
>   Paul
> 
> > My concern is that while the first time the round the node will be
> > rw the second time round the write will actually re-create the node
> > (without setting the permissions) which might result in the node
> > being ro for the guest (xenstore perms confuse me, but I think new
> > nodes inherit the parent permissions).
> > 
> > That's assuming there's any chance of a second operation. I'm
> > thinking of a wedged reboot followed by an attempt to shutdown
> > instead or something like that. Perhaps in practice that wouldn't
> > work anyway.
> > 
> > Apart form the above this change improves the robustness of the code
> > so:
> > 
> > > Signed-off-by: Paul Durrant <paul.durrant@xxxxxxxxxx>
> > Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
> > 
> > 
> > 
> > >
> > > diff -r 0a0c02a61676 -r 3341e3e99056 tools/libxl/libxl_dom.c
> > > --- a/tools/libxl/libxl_dom.c     Mon Nov 21 21:28:34 2011 +0000
> > > +++ b/tools/libxl/libxl_dom.c     Wed Nov 23 09:45:30 2011 +0000
> > > @@ -444,6 +444,7 @@ static int libxl__domain_suspend_common_
> > >              usleep(100000);
> > >
> > >              state = libxl__xs_read(si->gc, XBT_NULL, path);
> > > +            if (!state) state = "";
> > >
> > >              watchdog--;
> > >          }
> > > @@ -463,6 +464,7 @@ static int libxl__domain_suspend_common_
> > >              t = xs_transaction_start(ctx->xsh);
> > >
> > >              state = libxl__xs_read(si->gc, t, path);
> > > +            if (!state) state = "";
> > >
> > >              if (!strcmp(state, "suspend"))
> > >                  libxl__xs_write(si->gc, t, path, "");
> > >
> > > _______________________________________________
> > > Xen-devel mailing list
> > > Xen-devel@xxxxxxxxxxxxxxxxxxx
> > > http://lists.xensource.com/xen-devel
> > 
> 



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.