[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] sysctl: XSM hook should not cause XEN_SYSCTL_getdomaininfolist to (appear to) fail
- To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
- Date: Tue, 2 May 2023 11:33:43 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YUuP+RCufEMSUbnrdI5OJ9jcsu8ig30o9+L3OWAOM7A=; b=YSPvJzlE0s+Fl8UQ3xg+wo+p6/0lmcovkxuEPwGW9UGY/6GZ0YfWraoASzSiW72sEOZcTyBdLZbslrclDMcikp56P3tNvVT+1IjE8wkWE9S88UILh5pY/lsDf7y+t4y/zZegSIqrSHaETM8sgctOvzJeWQoRq7ObD0Cte1HzvSjFrAz+l9tiAuB+Ba0WPDx1HFBm3ybMQtTcYmeTjPU4SgWCQ/VZd+ELeQP4Nb77js7822CwC+cFFHr1UE9ZNvAkMQxPR6lOx/Qu3yP19lOG3BWtL+EyD4Ebo1eOvMZjuLjH2xEZaY0tMSBRgm3UDCG4Qr6xNz7WAtydYKkALOLrcA==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BKsJ/lwyG/cnje+UkX+EaqMpAqUk47BzH7r0qc+CaPRmUnoQkJcowC/jxLG7R41dUHkpjvIAwfrFaskj06niaZgXgAlHwAR0h+zN4sC2VWFKhlc0COIMEUpuZMYZfcdGZem56ze7m5mwWNeMqESmVLN0mzZt/uDD1vT8jDb+OhgFAgYO/46+WVoWti7P4sOB/og93cyngNrS1cI8ZmXDzXZDtQ2ivmZKCQW2ugKeYSlFi1xpqp+72Z8Jjws+sfU0AujIPyRo7cUCNttgKR6oKKgwky0FobzU3ldq8BzLkQJ0dXgo4nJFe15bX02hq+sqyeb4uhgRveu+A5oLYghJ/g==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Jan Beulich <jbeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Daniel Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Alejandro Vallejo <alejandro.vallejo@xxxxxxxxx>, Jason Andryuk <jandryuk@xxxxxxxxx>
- Delivery-date: Tue, 02 May 2023 09:34:18 +0000
- Ironport-data: A9a23:NFR6KKtMPNC8Jxl52KHjje4gwOfnVMhfMUV32f8akzHdYApBsoF/q tZmKW7UPPyNYmSgfdsga42//RsC6pXXyd9hTANprnpjFywV+JbJXdiXEBz9bniYRiHhoOCLz O1FM4Wdc5pkJpP4jk3wWlQ0hSAkjclkfpKlVKiffHg3HVQ+IMsYoUoLs/YjhYJ1isSODQqIu Nfjy+XSI1bg0DNvWo4uw/vrRChH4bKj6Vv0gnRkPaoQ5AKGzSFMZH4iDfrZw0XQE9E88tGSH 44v/JnhlkvF8hEkDM+Sk7qTWiXmlZaLYGBiIlIPM0STqkAqSh4ai87XB9JFAatjsB2bnsgZ9 Tl4ncfYpTHFnEH7sL91vxFwS0mSNEDdkVPNCSDXXce7lyUqf5ZwqhnH4Y5f0YAwo45K7W9yG fMwIhENQgC6ltCMwbu6ZvFDvPYqM+/AM9ZK0p1g5Wmx4fcOZ7nmGv2Pz/kHmTA6i4ZJAOrUY NcfZXx3dhPcbhZTO1ARTpUjgOOvgXq5eDpdwL6XjfNvvy6Pk0ouiP60aIW9lt+iHK25mm6Co W3L5SLhCwwyP92D0zuVtHmrg4cjmAuiANxCS+PipqcCbFu7gW85LhBOan6AjPSHkGjuWPYHL WIZw397xUQ13AnxJjXnZDW6qnOZuh8XW/JLDvY3rgqKz8L88wufQ2QJUDNFQNgnr9MtAywn0 EeTmNHkDiApt6eaIVqf67OVoDWaKSUTa2gYakcsVhAZ6tPupIUyiBPnTdt5FqOxyNrvFlnY3 DSivCU4wbIJgqYj272g+FHbgxqlvpXTUhMu/QLTQ36k6QViIoWiYuSA4FzW7/9GIJyeCEeIu HwJmc+25+QJEJ3LnyuIKM0PFbel/eeYMxXThFduG98q8DHFxpK4VYVZ4TU7LkE2NM8BIGfte BWK4VwX44JPNny3a6Mxe5i2F8kh0annE5LiS+zQad1NJJN2cWdr4R1TWKJZ5Ei1+GBErE31E czFGSpwJR720Zha8Qc=
- Ironport-hdrordr: A9a23:2dq8gqnZ5yTu4rDB8A7xG4tKd27pDfNLiWdD5ihNYBxZY6Wkfp +V8cjzhCWftN9OYhodcLC7V5Voj0mskKKdxbNhRYtKOzOWw1dATbsSlLcKpgeNJ8SQzI5gPM tbAstD4ZjLfCJHZKXBkXaF+rQbsb66GcmT7I+xrkuFDzsaDZ2Ihz0JdjpzeXcGIDWua6BJdq Z1saF81kedkDksH42G7j5vZZmxm/T70LbdJTIWDR8u7weDyRuu9b7BChCdmjsOTj9Vxr8m0G 7d1yj0/L+qvf2XwgLVkza71eUapPLRjv94QOCcgMkcLTvhzi6ueYRaQrWH+Bwlve21714usd /U5zMtJd565X/9dny85THtxw7j+jAz7GKK8y7TvVLT5ejCAB4qActIgoxUNjPf9kobpdl5lI ZGxXiQuZZ7BQ7J2H2V3amCazha0m6P5VYym+8aiHJSFaMYdb9qtIQauGdYCo0JEi7W4J0uVM NuEMbfzvBLdk7yVQGQgkBfhPiXGlgjFBaPRUYP/uSTzjhthXh8i3AVwcQO901wgK4Vet1h3a DpI65onLZBQos9dqRmHtoMRsOxFyjkXQ/MGHj6GyWnKIg3f1b277Ln6rQ84++nPLYSyoEppZ jHWFRE8UYvZkPVD9GU1pEjyGGCfIyEZ0Wv9ihi3ek6hlWlL4CbdBFrCWpe3PdIms9vQvEyAJ 2ISdZr6/yKFxqaJW8G5Xy4Z3BoEwhvbCQkgKdEZ7uwmLO7FmTLjJ2tTB+BHsuaLR8UHkXCP1 AkYB/fYO1902HDYA6LvPGWYQKgRnDC
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Tue, May 02, 2023 at 10:27:39AM +0100, Andrew Cooper wrote:
> On 02/05/2023 8:17 am, Jan Beulich wrote:
> > The hook being able to deny access to data for certain domains means
> > that no caller can assume to have a system-wide picture when holding the
> > results.
> >
> > Wouldn't it make sense to permit the function to merely "count" domains?
> > While racy in general (including in its present, "normal" mode of
> > operation), within a tool stack this could be used as long as creation
> > of new domains is suppressed between obtaining the count and then using
> > it.
>
> This would not be the first example of the XSM hooks being tantamount to
> useless. I doubt it will be the last either.
>
> With the rest of Alejandro's series in place, all requests for a single
> domid's worth of info use the domctl, and all requests for all domains
> use the systctl.
>
>
> As a result, we can retrofit some sanity and change the meaning of the
> XSM hook here for the sysctl, to mean "can see a systemwide view" (or
> not). This moves the check out of the loop, and fixes the behaviour.
Don't we still need some kind of loop, as the current getdomaininfo()
XSM hook expects a domain parameter in order to check whether the
caller has permissions over it?
Or we plan to introduce a new hook that reports whether a caller has
permissions over all domains?
Thanks, Roger.
|
