[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 09/20] tools/xenstore: introduce dummy nodes for special watch paths

To: Juergen Gross <jgross@xxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
From: Julien Grall <julien@xxxxxxx>
Date: Sun, 6 Nov 2022 21:38:19 +0000
Cc: Wei Liu <wl@xxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>
Delivery-date: Sun, 06 Nov 2022 21:38:31 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi Juergen,

On 01/11/2022 15:28, Juergen Gross wrote:

Instead of special casing the permission handling and watch event
firing for the special watch paths "@introduceDomain" and
"@releaseDomain", use static dummy nodes added to the data base when
starting Xenstore.


A few questions I think needs to be answered in the commit message:
  - Does this means we could write data in "@..."  node?
  - How about creating sub nodes?

- What does it mean for the accounting? Before, it was accounted tono-one but now it seems to be accounted to the owner (which may not bedom0).


This allows to simplify quite some code.

The diff is quite nice to have, but I am not entirely convinced this ismaking the code easier to understand.


Is this patch helping you for another goal?


Note that this requires to rework the calls of fire_watches() for the
special events in order to avoid leaking memory.

Signed-off-by: Juergen Gross <jgross@xxxxxxxx>
---
  tools/xenstore/xenstored_control.c |   3 -
  tools/xenstore/xenstored_core.c    |  67 +++++++-----
  tools/xenstore/xenstored_domain.c  | 162 ++++-------------------------
  tools/xenstore/xenstored_domain.h  |   6 --
  tools/xenstore/xenstored_watch.c   |  17 +--
  5 files changed, 63 insertions(+), 192 deletions(-)

diff --git a/tools/xenstore/xenstored_control.c 
b/tools/xenstore/xenstored_control.c
index d1aaa00bf4..41e6992591 100644
--- a/tools/xenstore/xenstored_control.c
+++ b/tools/xenstore/xenstored_control.c
@@ -676,9 +676,6 @@ static const char *lu_dump_state(const void *ctx, struct 
connection *conn)
        if (ret)
                goto out;
        ret = dump_state_connections(fp);
-       if (ret)
-               goto out;
-       ret = dump_state_special_nodes(fp);
        if (ret)
                goto out;
        ret = dump_state_nodes(fp, ctx);
diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c
index 1650821922..cadb339486 100644
--- a/tools/xenstore/xenstored_core.c
+++ b/tools/xenstore/xenstored_core.c
@@ -616,7 +616,8 @@ static void get_acc_data(TDB_DATA *key, struct 
node_account_data *acc)
  static unsigned int get_acc_domid(struct connection *conn, TDB_DATA *key,
                                  unsigned int domid)
  {
-       return (!conn || key->dptr[0] == '/') ? domid : conn->id;
+       return (!conn || key->dptr[0] == '/' || key->dptr[0] == '@')

The comment above says it is sufficient to check for '/'. But now, youare also checking for '@'.

+              ? domid : conn->id;
  }

int do_tdb_write(struct connection *conn, TDB_DATA *key, TDB_DATA *data,

@@ -1780,14 +1781,6 @@ static int do_set_perms(const void *ctx, struct 
connection *conn,
        if (perms.p[0].perms & XS_PERM_IGNORE)
                return ENOENT;

- /* First arg is node name. */

-       if (strstarts(in->buffer, "@")) {
-               if (set_perms_special(conn, in->buffer, &perms))
-                       return errno;
-               send_ack(conn, XS_SET_PERMS);
-               return 0;
-       }

So there are a slight change in behavior here. Before, the permissionwould be directly set even if we are in a transaction. Now, this willonly be set if the transaction has been committed.

I am split on whether this would be considered as an ABI breakage. Thenew behavior seems better, but anyone rely on the (bogus?) previousbehavior would have a surprise. At minimum, the change should at leastbe pointed out in the commit message.


[...]

  static int domain_tree_remove_sub(const void *ctx, struct connection *conn,
                                  struct node *node, void *arg)
  {
@@ -297,8 +273,24 @@ static void domain_tree_remove(struct domain *domain)
                               "error when looking for orphaned nodes\n");
        }

- remove_domid_from_perm(&dom_release_perms, domain);

-       remove_domid_from_perm(&dom_introduce_perms, domain);
+       walk_node_tree(domain, NULL, "@releaseDomain", &walkfuncs, domain);
+       walk_node_tree(domain, NULL, "@introduceDomain", &walkfuncs, domain);
+}
+
+static void fire_special_watches(const char *name)
+{
+       void *ctx = talloc_new(NULL);
+       struct node *node;

I can foresee how one may want to abuse for this function. So I wouldadd an assert(name[0] == '@') to match clear this should only forwatches starting with '@'.

+
+       if (!ctx)
+               return;
+
+       node = read_node(NULL, ctx, name);
+
+       if (node)
+               fire_watches(NULL, ctx, name, node, true, NULL);


Shouldn't we throw a message if we can't retrieve @...?

Cheers,

--
Julien Grall

Follow-Ups:
- Re: [PATCH 09/20] tools/xenstore: introduce dummy nodes for special watch paths
  - From: Juergen Gross

References:
- [PATCH 00/20] tools/xenstore: do some cleanup and fixes
  - From: Juergen Gross
- [PATCH 09/20] tools/xenstore: introduce dummy nodes for special watch paths
  - From: Juergen Gross

Prev by Date: Re: [PATCH 06/20] tools/xenstore: remove all watches when a domain has stopped
Next by Date: Re: [PATCH 13/20] tools/xenstore: don't allow creating too many nodes in a transaction
Previous by thread: [PATCH 09/20] tools/xenstore: introduce dummy nodes for special watch paths
Next by thread: Re: [PATCH 09/20] tools/xenstore: introduce dummy nodes for special watch paths
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.