[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 5/6] tools/xenstored: partially handle domains without a shared ring


  • To: Julien Grall <julien@xxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Wed, 22 Sep 2021 11:58:03 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=iOweIw6GDgJGrSJfIfCc3qcy8BGDuRSYU6DmWE4tBrg=; b=hCve4hT35pE5scLUtLBHQ0ecfBhSdNec6PqedYKZGTLhlh1kReopuz410utedyTYBB1+2WkM0y/gh9P8vMoBgFv3j804IyWnc7WPIztzJUNz8rtmgnMIEmFxDEpRueFMiAOF1+mtA5IxXmykckSaCZuMDlkPW8rhTwbVkymHVF3cKAtLCkTY3C6uRYr8S3WCvM+tb0ksLFYSND5PeaKgnW2j7xttGUBdpFjuTaaKSuWqnjvkKq3yN0skWI77Kk4sMyWw6oYvVCwqWmGDQg7dEUlaSKQc7H7DZm1TlbIFMGyXNeTgsMKHXtogRYqd3Z9uWqGXD5mnASuVkh/v7tSDsg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Wvrf4ja4K8Dubs5Mniqt7EAlltXf7wexR9fasCOjBksLJvTwalMuTq9kPpp5r4HhPsiw34L0nRBeWMFExKFU3gPVoM3A/X5xqSS0SoYpDuMfJccqtAuo223Ex7R8bfaA6mNYrm7YzjhhuzHTIN2mrAGTYMnj7n0+i7PhhA/kBQ0WiH538H4KrKJ1XX7Ss9jdeNxmKILaHVdtzzLMuHaKOgpDO4+TyCtAR02k6VOXkNtpTsltq3tof/m34aEXPQKEW9nnmAk+OaUCr9fvi3I1JEbEEV9+95JRKpVUJ7yinEu4MvsDG5J8UycBUFeif5lJ+q6N3fvsySnexK+3GI0NIA==
  • Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, "Wei Liu" <wl@xxxxxxx>, Juergen Gross <jgross@xxxxxxxx>
  • Delivery-date: Wed, 22 Sep 2021 09:58:32 +0000
  • Ironport-data: A9a23:4PATpq07erMgiyz30fbD5et2kn2cJEfYwER7XKvMYLTBsI5bpzJSy TccCmzUOfqPMDP2Ltt/PYW0/UwHvpXUy4IwSVRvpC1hF35El5HIVI+TRqvS04J+DSFhoGZPt Zh2hgzodZhsJpPkS5PE3oHJ9RGQ74nRLlbHILOCan0ZqTNMEn970EoywbRh2OaEvPDia++zk YKqyyHgEAfNNw5cagr4PIra9XuDFNyr0N8plgRWicJj5TcypFFMZH4rHomjLmOQf2VhNrXSq 9Avbl2O1jixEx8FUrtJm1tgG6EAaua60QOm0hK6V0U+6/TrS+NbPqsTbZIhhUlrZzqhnI1/+ ehQr5GLFiwCIKvMgMI6VyVWOnQrVUFG0OevzXmXtMWSywvNcmf2wuUoB0YzVWEa0r8pWycUr 6VecW1TKEDY7w616OvTpu1EnMMsIdOtJIoCknph0SvYHbAtRpWrr6DiuIQDhG9s1pkm8fD2f PA/bBxvQDX8SARfMGgYAqslv8qpiSyqG9FfgA3M/vdmi4TJ9yRu1JD9PdyTfcaFLe1XkVyfv Xnu5HniD1cRM9n34Tua8Fq8i+nXhyT5VYkOUrqi+ZZCgkCXx2EVIA0bUx28u/bRol6zXZdTJ lIZ/gIqrLMu7wq7Q9/lRRq6rXWY+BkGVLJt//YSsV/XjPCOukDAWzZCHmUphMEaWNEeRmEk5 2KUhd7SWhdErruVUVS68ouahGbnUcQKFlPudRPoXCNcvYK5+dFt0kqWJjpwOPXq1YyuQFkc1 xjP9XJn1utJ1abnwo3mpQivvt66mnTeoufZDC3sV2S550tSYIe/buREAnCKsK4dcO51orSH1 UXoevRyDshVVvlhdwTXGY3h+Y1FAN7fa1XhbaZHRcVJythU0yfLkXpsDNRCGauUGpxcJW+Bj LDvVfN5u8YIYSrCgV5fSIOtEcU6pZXd+SDefqmMNLJmO8EpHCfepX0GTRPAjgjFzRl3+Ylia MjzTCpZJStDYUiR5GHtHLl1PH5C7n1W+F4/srihnkz7juLBNCDKIVrHWXPXBt0EAGq/iFy92 /5UNteQygUZV+v7YyLN9pUUI0xMJn8+ba0aYeQNHgJaCgY5SmwnFdHLxrYtJ95sk6hPz7+a9 XChQE5IjlH4gCSfewmNb3libpLpXIp+8i1nbXB9Yw7w1ihxe5ur4Ycea4AzIest+tt8wKMmV PICYciBXKhCE2yV5zQHYJDhh4V+bxD31xmWNi+obWFnLZ5tTgDE4PH+eQ7r+HVcBya7r5Jm8 bahyhnaUdwIQAE7VJTab/emzlWQu3kBmb0tAxuUc4cLIEi1qdpkMS38iPMzMvogExSby2vIz RuSDDcZufLJ/90//u7WiP3WtIyuCeZ/QBZXRjGJ8basOCDG1WO/2oscAv2QdDXQWW6oqqWvY eJZk6P1PPEdxQsYtoN9F/BgzL4k5suprLhfl1w2EHLOZlWtK7VhPnjZgpUf6vwTnudU6VmsR 0aC2thGIrHYasrqHWkYKBchcuneh+ofnSPf7KhtLUj3jMOtEGFrjamG08GwtRFg
  • Ironport-hdrordr: A9a23:yR2iRaF++gSehrmYpLqFdJHXdLJyesId70hD6qkvc3Jom52j+P xGws526faVslYssHFJo6HnBEClewKgyXcT2/hsAV7CZnidhILMFuBfBOTZsljd8kHFh4pgPO JbAtdD4b7LfChHZKTBkXGF+r8bqbHtms3Y5pa9vgRQpENRGtpdBm9Ce3em+yZNNXB77PQCZf 2hDp0tnUvfRZ1bVLX3OlA1G8z44/HbnpPvZhALQzYh9Qm1lDutrJr3CQKR0BsyWy5Ghe5Kyx mLryXJooGY992rwB7V0GHeq7xQhdva09NGQOiBkNIcJDnAghuhIK5hR7qBljYop/zH0idnrP D85zMbe+hj4XLYeW+45TPrxgnbyT4rr0TvzFeJ6EGT6fDRdXYfMY5slIhZehzW5w4Lp9dnyp 9G2Gqfqt5+EQ7AtD6V3amJazha0m6P5VYym+8aiHJSFaEEbqVKkIAZ9ERJVL8dASPB7pw9Gu UGNrCc2B9vSyLZU5nlhBgr/DT1NU5DWituA3Jy9PB96gIm30yQlCAjtYsidnRpzuN1d3AL3Z WDDk1SrsA6ciYhV9MKOA4we7rENoXze2O5DIuzGyWtKEhVAQOGl3bIiI9Fk91CPqZ4lacPpA ==
  • Ironport-sdr: 5T8Zr5SU7sMpWSQnJVtxeJK7T/IGxN8mI2WYdPJ7uhTBmqroHO7Sf8ACna9xZlfxVRw2q7T8uL OPdmtMTzZX9Wowd3PRuOB1rvuRTRA/mvLKi5SQEI//6zGJ9outfphwqC9sEAP1OLv3KzbYkx1k X0VaIiWaivEYu+Fo6xSQqmWC/IWzkVqyyQB1WAZ+7u48JoOQmyoY0zbwRZ8ZmqUfTEiK1q7D7n vUZYw7juOA+qQQGDDDFtEXvtJFGbqblI9xJ2/pd5t090Awa03+kinaJixLmSunNjPGxucgzMnC KzYzs4UOe+aUA73DAbMIohF9
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Wed, Sep 22, 2021 at 02:07:44PM +0500, Julien Grall wrote:
> Hi Roger,
> 
> On 22/09/2021 13:21, Roger Pau Monne wrote:
> > Failure to map the shared ring and thus establish a xenstore
> > connection with a domain shouldn't prevent the "@introduceDomain"
> > watch from firing, likewise with "@releaseDomain".
> > 
> > In order to handle such events properly xenstored should keep track of
> > the domains even if the shared communication ring cannot be mapped.
> > This was partially the case due to the restore mode, which needs to
> > handle domains that have been destroyed between the save and restore
> > period. This patch extends on the previous limited support of
> > temporary adding a domain without a valid interface ring, and modifies
> > check_domains to keep domains without an interface on the list.
> > 
> > Handling domains without a valid shared ring is required in order to
> > support domain without a grant table, since the lack of grant table
> > will prevent the mapping of the xenstore ring grant reference.
> > 
> > Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
> > ---
> > oxenstored will need a similar treatment once grant mapping is used
> > there. For the time being it still works correctly because it uses
> > foreign memory to map the shared ring, and that will work in the
> > absence of grant tables on the domain.
> > ---
> > Changes since v1:
> >   - New in this version.
> > ---
> >   tools/xenstore/xenstored_domain.c | 30 ++++++++++++++++++------------
> >   1 file changed, 18 insertions(+), 12 deletions(-)
> > 
> > diff --git a/tools/xenstore/xenstored_domain.c 
> > b/tools/xenstore/xenstored_domain.c
> > index 9fb78d5772..150c6f082e 100644
> > --- a/tools/xenstore/xenstored_domain.c
> > +++ b/tools/xenstore/xenstored_domain.c
> > @@ -119,6 +119,11 @@ static int writechn(struct connection *conn,
> >     struct xenstore_domain_interface *intf = conn->domain->interface;
> >     XENSTORE_RING_IDX cons, prod;
> > +   if (!intf) {
> > +           errno = ENODEV;
> > +           return -1;
> > +   }
> > +
> >     /* Must read indexes once, and before anything else, and verified. */
> >     cons = intf->rsp_cons;
> >     prod = intf->rsp_prod;
> > @@ -149,6 +154,11 @@ static int readchn(struct connection *conn, void 
> > *data, unsigned int len)
> >     struct xenstore_domain_interface *intf = conn->domain->interface;
> >     XENSTORE_RING_IDX cons, prod;
> > +   if (!intf) {
> > +           errno = ENODEV;
> > +           return -1;
> > +   }
> > +
> >     /* Must read indexes once, and before anything else, and verified. */
> >     cons = intf->req_cons;
> >     prod = intf->req_prod;
> > @@ -176,6 +186,9 @@ static bool domain_can_write(struct connection *conn)
> >   {
> >     struct xenstore_domain_interface *intf = conn->domain->interface;
> > +   if (!intf)
> > +           return false;
> > +
> 
> Rather than adding an extra check, how about taking advantage of is_ignore?

Right, I just need to change the order in conn_can_read and
conn_can_write so that the is_ignored check is performed before the
can_{read,write} handler is called.

> >     return ((intf->rsp_prod - intf->rsp_cons) != XENSTORE_RING_SIZE);
> >   }
> > @@ -183,7 +196,8 @@ static bool domain_can_read(struct connection *conn)
> >   {
> >     struct xenstore_domain_interface *intf = conn->domain->interface;
> > -   if (domain_is_unprivileged(conn) && conn->domain->wrl_credit < 0)
> > +   if ((domain_is_unprivileged(conn) && conn->domain->wrl_credit < 0) ||
> > +       !intf)
> >             return false;
> >     return (intf->req_cons != intf->req_prod);
> > @@ -268,14 +282,7 @@ void check_domains(void)
> >                             domain->shutdown = true;
> >                             notify = 1;
> >                     }
> > -                   /*
> > -                    * On Restore, we may have been unable to remap the
> > -                    * interface and the port. As we don't know whether
> > -                    * this was because of a dying domain, we need to
> > -                    * check if the interface and port are still valid.
> > -                    */
> > -                   if (!dominfo.dying && domain->port &&
> > -                       domain->interface)
> > +                   if (!dominfo.dying)
> >                             continue;
> 
> This is mostly a revert on "tools/xenstore: handle dying domains in live
> update". However, IIRC, this check was necessary to release the connection
> if the domain has died in the middle of Live-Update.

But if the domain has died in the middle of live update
get_domain_info will return false, and thus the code won't get here.

If the domain is in the process of being removed (ie: dominfo.shutdown
being set for example), it would eventually get into dominfo.dying and
thus be removed normally.

I assumed those checks where needed in order to prevent having a
domain without a valid interface on the tracked list while it was on
the process of being removed. With the other changes on this patch
tracking a domain without a valid interface should be fine, and it
will eventually be removed as part of the normal flow.

Thanks, Roger.



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.