[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/5] libxl: drop dead assignments to "ret" from libxl__domain_config_setdefault()

To: Jan Beulich <jbeulich@xxxxxxxx>
From: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
Date: Tue, 13 Jun 2023 05:21:18 -0400
Arc-authentication-results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@xxxxxxxxxxxxxxxxxxxx; dmarc=pass header.from=<dpsmith@xxxxxxxxxxxxxxxxxxxx>
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1686648083; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=CweT3I7UqT+XzBLwuOD1Q2n/WYxcdW+nDoO6dCHuOm0=; b=ajxf6irlARZRk8SnUs70ABGJoWTwimM80ca/DZTqZrBSl1vlEY95KzZXThIRPXcsq6N/Hx46OI9gOwpE+h7s6PsptjZj6jjBaex+AuxRwy1UL6asdemUACLf1jdZOHLbPmLS3SsU5r9xjct4n3vZue+I+vvwnzVFtNVIMPJmxhU=
Arc-seal: i=1; a=rsa-sha256; t=1686648083; cv=none; d=zohomail.com; s=zohoarc; b=AqlZ2Q5WcaqUgPKNneglOOrnGXcprpHmQACMne2W9F1nL2s4EudLphr+xoHy3jh7zqLyaDZuRPcrKKHXZvJzK9jhGHe28lqYw0WE47YBwDgqy1eeQiqSze5RvEahjtyVMvt7kC+yvRZ9620DAkyvg/Wa7oDmH1T5be1RNmHU6bc=
Cc: Anthony Perard <anthony.perard@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Tue, 13 Jun 2023 09:21:49 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>



On 6/13/23 02:33, Jan Beulich wrote:

On 12.06.2023 22:21, Daniel P. Smith wrote:



On 6/12/23 15:44, Daniel P. Smith wrote:

On 6/12/23 07:46, Jan Beulich wrote:

The variable needs to be properly set only on the error paths.

Coverity ID: 1532311
Fixes: ab4440112bec ("xl / libxl: push parsing of SSID and CPU pool ID
down to libxl")
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>


Reviewed-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxx>


Thanks.


My pleasure.

---
If XSM is disabled, is it really useful to issue the 2nd and 3rd calls
if the 1st yielded ENOSYS?


Would you be okay with the calls staying if instead on the first
invocation of any libxl_flask_* method, flask status was checked and
stored in a variable that would then be checked by any subsequent calls
and immediately returned if flask was not enabled?


I'm wary of global variables in shared libraries.

I agree with that sentiment, but I would distinguish global state from aglobal variable. I would take the approach of,


static boot is_flask_enabled(void)
{
    /* 0 unchecked, 1 checked but disabled, 2 enabled */
    static int state = 0;

    if ( state == 0 )
        state = check_flask_state(); /* pseudo call for real logic */

    return (state < 2 ? false : true);
}

Then all the libxl_flask_* methods would is_flask_enabled(). This wouldnot expose a global variable that could be manipulated by users of thelibrary.

Looking closer I realized there is a slight flaw in the logic here. The
first call is accomplished via an xsm_op call and then assumes that
FLASK is the only XSM that has implemented the xsm hook, xsm_op, and
that the result will be an ENOSYS. If someone decides to implement an
xsm_op hook for any of the existing XSM modules or introduces a new XSM
module that has an xsm_op hook, the return likely would not be ENOSYS. I
have often debated if there should be a way to query which XSM module
was loaded for instances just like this. The question is what mechanism
would be best to do so.


Well, this is what results from abusing ENOSYS. The default case of a
switch() in a handler shouldn't return that value. Only if the entire
hypercall is outright unimplemented, returning ENOSYS is appropriate.
In fact I wonder whether dummy.h's xsm_do_xsm_op() is validly doing so,
when that function also serves as the fallback for XSM modules
choosing to not implement any of the op-s (like SILO does).

I understand your point, but if ENOSYS (Not Implemented) is not correct,what is the appropriate return value for this module does not supportthis op?

Since in the specific case here it looks like the intention really is
to carry out Flask-specific operations, a means to check for Flask
specifically might indeed be appropriate. If not a new sub-op of
xsm_op, a new sysctl might be another option.

I am actually split on whether this should be an sub-op of xsm op or ifthis should be exposed via hyperfs. I did not consider a sysctl, thoughI guess an argument could be constructed for it.


v/r,
dps

Follow-Ups:
- Re: [PATCH 2/5] libxl: drop dead assignments to "ret" from libxl__domain_config_setdefault()
  - From: Jan Beulich

References:
- [PATCH 0/5] tools: address Coverity UNUSED issues
  - From: Jan Beulich
- [PATCH 2/5] libxl: drop dead assignments to "ret" from libxl__domain_config_setdefault()
  - From: Jan Beulich
- Re: [PATCH 2/5] libxl: drop dead assignments to "ret" from libxl__domain_config_setdefault()
  - From: Daniel P. Smith
- Re: [PATCH 2/5] libxl: drop dead assignments to "ret" from libxl__domain_config_setdefault()
  - From: Daniel P. Smith
- Re: [PATCH 2/5] libxl: drop dead assignments to "ret" from libxl__domain_config_setdefault()
  - From: Jan Beulich

Prev by Date: Re: [PATCH v2 2/4] x86: Read MSR_ARCH_CAPS after early_microcode_init()
Next by Date: Re: [PATCH v3 3/4] x86/spec-ctrl: Fix up the RSBA/RRSBA bits as appropriate
Previous by thread: Re: [PATCH 2/5] libxl: drop dead assignments to "ret" from libxl__domain_config_setdefault()
Next by thread: Re: [PATCH 2/5] libxl: drop dead assignments to "ret" from libxl__domain_config_setdefault()
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.