[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] xen/console: do not drop serial output from the hardware domain
- To: Jan Beulich <jbeulich@xxxxxxxx>
- From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
- Date: Mon, 13 Jun 2022 11:04:01 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=aulyOgJ/83gI91Krg7GWsSZGCdYRXUdsEplI7xr1EYI=; b=XOjjFup8tQ8+6qMd4JV7Uxb3igf92E0IyB2c+cVZAnLI1rxt3VxaVOgCPCoVp9VRWbhqxCjA2z0VLFp8MQ4Qb+U40qFXB8dh9abbhm+rEKAnvtIajfs22aIyl0RuIMUXM/sIlNqlwTELmAfUeFcTS4FqB2kGgj/MZECfvL/uBbWFQy2aAFxlnsFmJazh9C3sk0Tn7asgIPX9sGSfoTDF9aL+BRKoSrQMv68pSbJfijcrPDI7B9RevpRvDYKe7fC1MvW2/0Cgch63DLQKMdNmiuI0v9kya7k9UczjmI+0fifbJnimCW1/NGs31z4dwEAokX5sElni9p//h0B8gtcCqg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QxJIN6Q6nHtVbW24UhkD5ACeuad+VSrbKVNJ+A1pGE574/rrLdpdozQuooMRKM1EPiACvj5pdvM2+DtWxH8icJjsiIVN3DLpjDCWBBw8JxDGWs0Hhc4dtb1EjFdrzBnG7OgM1wmzgKGImaJzmGyYo/7uyeaGVlNv8c1UI/bybaDsfs5arAoxCc6MpYWwgfSXx6J9iKjr+EvxUfl3flgjGLuwUY4pB3ZEHNt9ZzGFGCHcDJBjjvhsQ2wbWAk+6MrUlWfdfkDBaWIyB6jGygUn0OcA+UOjqaXc919FiLeoY6Qe5NLCOEITW76Og36TWbd8VfHix109p3ouAzEp+fe8sg==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
- Delivery-date: Mon, 13 Jun 2022 09:04:21 +0000
- Ironport-data: A9a23:8WobJKwE7lY2XerrDSV6t+crxyrEfRIJ4+MujC+fZmUNrF6WrkVRz jEYUT+BMqmPamTxctBxPY+/pE4PuMKDzNUxHFBv/yAxQypGp/SeCIXCJC8cHc8zwu4v7q5Dx 59DAjUVBJlsFhcwnj/0bv656yMUOZigHtIQMsadUsxKbVIiGX5JZS5LwbZj2NY22ILhWWthh PupyyHhEA79s9JLGjp8B5Kr8HuDa9yr5Vv0FnRnDRx6lAe2e0s9VfrzFonoR5fMeaFGH/bSe gr25OrRElU1XfsaIojNfr7TKiXmS1NJVOSEoiI+t6OK2nCuqsGuu0qS2TV1hUp/0l20c95NJ Npl7qGuGTYiD6fwkv0wbhAAPz85MZZH5+qSSZS/mZT7I0zuVVLJmq8rIGRoeIoS96BwHH1E8 uEeJHYVdBefiumqwbW9DO5xmsAkK8qtN4Qa0p1i5WiBUbB6HtaeEuOTuoMwMDQY36iiGd7EY MUUc3x3ZQnoaBxTIFYHTpk5mY9Eg1GgKGEF9A7E/cLb5UDewiFQ6Km0PeHQJMKLZ+AKn0mdl 0PvqjGR7hYycYb3JSC+2nCmi/LLnCj7cJkPD7D+/flv6HWR22gSBRs+RVa95/6jhSaWQMlDI kYZ/i4vq6ka90GxSNT5GRqirxasoRo0S9dWVeog52ml2qfSpgqUGGUAZjpAc8A98t87QyQw0 V2ElM+vAiZg2IB5UlqY/7aQ6D+3Zy4cKDZYYTdeFFRZpd7+vIs0kxTDCM55F7K4hcH0Hje2x C2WqC85hPMYistjO7iHwG0rSgmE/vDhJjPZLC2NNo55xmuVvLKYWrE=
- Ironport-hdrordr: A9a23:3TayZKHv4v4bEPBGpLqFepHXdLJyesId70hD6qkvc3Fom52j/f xGws5x6faVslkssb8b6LW90Y27MAvhHPlOkPIs1NaZLXDbUQ6TQL2KgrGD/9SNIVycygcZ79 YbT0EcMqyOMbEZt7ec3ODQKb9Jrri6GeKT9IHjJh9WPH1XgspbnmNE42igYy9LrF4sP+tFKH PQ3LsPmxOQPVAsKuirDHgMWObO4/XNiZLdeBYDQzoq8hOHgz+E4KPzV0Hw5GZUbxp/hZMZtU TVmQ3w4auu99m91x/nzmfWq7BbgsHoxNdvDNGFzuIVNjLvoAC1Y5kJYczLgBkF5MWUrHo6mt jFpBkte+x19nPqZ2mw5SDg3gHxuQxen0PK+Bu9uz/OsMb5TDU1B45qnoRCaCbU7EImoZVVzL 9L93jxjesZMTrw2ADGo/TYXRBjkUS55VA4l/QIsnBZWYwCLJdMsI0k+l9PGptoJlO31GkeKp guMCjg3ocXTbvDBEqp/VWHgebcE0jbJy32DHTr4aeuonprdHMQ9Tps+CVQpAZEyHsHceg02w 31CNUXqFhwdL5nUUtcPpZ3fSLlMB26ffrzWFjiUmjPJeUgB0/njaLRzfEc2NyKEaZ4vqfa3q 6xGm9liQ==
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Mon, Jun 13, 2022 at 10:29:43AM +0200, Jan Beulich wrote:
> On 13.06.2022 10:21, Roger Pau Monné wrote:
> > On Mon, Jun 13, 2022 at 09:30:06AM +0200, Jan Beulich wrote:
> >> On 10.06.2022 17:06, Roger Pau Monne wrote:
> >>> Prevent dropping console output from the hardware domain, since it's
> >>> likely important to have all the output if the boot fails without
> >>> having to resort to sync_console (which also affects the output from
> >>> other guests).
> >>>
> >>> Do so by pairing the console_serial_puts() with
> >>> serial_{start,end}_log_everything(), so that no output is dropped.
> >>
> >> While I can see the goal, why would Dom0 output be (effectively) more
> >> important than Xen's own one (which isn't "forced")? And with this
> >> aiming at boot output only, wouldn't you want to stop the overriding
> >> once boot has completed (of which, if I'm not mistaken, we don't
> >> really have any signal coming from Dom0)? And even during boot I'm
> >> not convinced we'd want to let through everything, but perhaps just
> >> Dom0's kernel messages?
> >
> > I normally use sync_console on all the boxes I'm doing dev work, so
> > this request is something that come up internally.
> >
> > Didn't realize Xen output wasn't forced, since we already have rate
> > limiting based on log levels I was assuming that non-ratelimited
> > messages wouldn't be dropped. But yes, I agree that Xen (non-guest
> > triggered) output shouldn't be rate limited either.
>
> Which would raise the question of why we have log levels for non-guest
> messages.
Hm, maybe I'm confused, but I don't see a direct relation between log
levels and rate limiting. If I set log level to WARNING I would
expect to not loose _any_ non-guest log messages with level WARNING or
above. It's still useful to have log levels for non-guest messages,
since user might want to filter out DEBUG non-guest messages for
example.
> > Also that would give the xenstore domain a way to trigger
> > DoS attacks.
>
> I guess a Xenstore domain can do so anyway, by simply refusing to
> fulfill its job.
Right, but that's IMO a DoS strictly related to the purpose of the
domain.
Thanks, Roger.
|
