WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-changelog

[Xen-changelog] Initialise the connection ID when a domain is introduced

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] Initialise the connection ID when a domain is introduced. This (re)enables
From: Xen patchbot -unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Sat, 03 Dec 2005 12:04:07 +0000
Delivery-date: Sat, 03 Dec 2005 12:04:24 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User emellor@xxxxxxxxxxxxxxxxxxxxxx
# Node ID 74b7a81e5eed8efd4ad3adcedc3933c1b6373415
# Parent  db6d667f5168aa419f38ef03a7d3c836834c287b
Initialise the connection ID when a domain is introduced.  This (re)enables
the permission checking in xenstored.

Default the store permissions to read/write nobody (apart from the privileged
domain).  Create a /local node with these permissions, ready for inheriting by
children.  In Xend, create a /vm node with these permissions too, for the same
reason, and set the permissions on /local/domain/<domid> and each device
backend path to allow the guest domain to access these paths appropriately.

Added xstransact.{set_permissions,SetPermissions,mkdir,Mkdir,complete} as
support facilities.

This closes bug #290.

Signed-off-by: Ewan Mellor <ewan@xxxxxxxxxxxxx>

diff -r db6d667f5168 -r 74b7a81e5eed tools/python/xen/xend/XendDomain.py
--- a/tools/python/xen/xend/XendDomain.py       Fri Dec  2 01:19:25 2005
+++ b/tools/python/xen/xend/XendDomain.py       Fri Dec  2 01:34:39 2005
@@ -36,6 +36,7 @@
 from xen.xend import XendCheckpoint
 from xen.xend.XendError import XendError
 from xen.xend.XendLogging import log
+from xen.xend.xenstore.xstransact import xstransact
 from xen.xend.xenstore.xswatch import xswatch
 
 
@@ -46,6 +47,8 @@
 __all__ = [ "XendDomain" ]
 
 PRIV_DOMAIN = 0
+VMROOT = '/vm/'
+
 
 class XendDomain:
     """Index of all domains. Singleton.
@@ -64,6 +67,9 @@
     # instance() must be able to return a valid instance of this class even
     # during this initialisation.
     def init(self):
+        xstransact.Mkdir(VMROOT)
+        xstransact.SetPermissions(VMROOT, { 'dom' : PRIV_DOMAIN })
+
         self.domains_lock.acquire()
         try:
             self._add_domain(
diff -r db6d667f5168 -r 74b7a81e5eed tools/python/xen/xend/XendDomainInfo.py
--- a/tools/python/xen/xend/XendDomainInfo.py   Fri Dec  2 01:19:25 2005
+++ b/tools/python/xen/xend/XendDomainInfo.py   Fri Dec  2 01:34:39 2005
@@ -43,7 +43,7 @@
 from xen.xend.XendBootloader import bootloader
 from xen.xend.XendError import XendError, VmError
 
-from xen.xend.xenstore.xstransact import xstransact
+from xen.xend.xenstore.xstransact import xstransact, complete
 from xen.xend.xenstore.xsutil import GetDomainPath, IntroduceDomain
 from xen.xend.xenstore.xswatch import xswatch
 
@@ -83,8 +83,6 @@
 STATE_DOM_SHUTDOWN = 2
 
 SHUTDOWN_TIMEOUT = 30
-
-VMROOT  = '/vm/'
 
 ZOMBIE_PREFIX = 'Zombie-'
 
@@ -234,7 +232,7 @@
             log.warn(str(exn))
 
         vm = XendDomainInfo(xeninfo, domid, dompath, True, priv)
-        vm.removeDom()
+        vm.recreateDom()
         vm.removeVm()
         vm.storeVmDetails()
         vm.storeDomDetails()
@@ -385,7 +383,7 @@
         else:
             self.domid = None
 
-        self.vmpath  = VMROOT + self.info['uuid']
+        self.vmpath  = XendDomain.VMROOT + self.info['uuid']
         self.dompath = dompath
 
         if augment:
@@ -569,6 +567,14 @@
 
     def removeDom(self, *args):
         return xstransact.Remove(self.dompath, *args)
+
+    def recreateDom(self):
+        complete(self.dompath, lambda t: self._recreateDom(t))
+
+    def _recreateDom(self, t):
+        t.remove()
+        t.mkdir()
+        t.set_permissions({ 'dom' : self.domid })
 
 
     ## private:
@@ -1084,7 +1090,7 @@
 
         self.dompath = GetDomainPath(self.domid)
 
-        self.removeDom()
+        self.recreateDom()
 
         # Set maximum number of vcpus in domain
         xc.domain_max_vcpus(self.domid, int(self.info['vcpus']))
@@ -1384,7 +1390,7 @@
         self.release_devices()
         self.info['name'] = new_name
         self.info['uuid'] = new_uuid
-        self.vmpath = VMROOT + new_uuid
+        self.vmpath = XendDomain.VMROOT + new_uuid
         self.storeVmDetails()
         self.preserve()
 
diff -r db6d667f5168 -r 74b7a81e5eed 
tools/python/xen/xend/server/DevController.py
--- a/tools/python/xen/xend/server/DevController.py     Fri Dec  2 01:19:25 2005
+++ b/tools/python/xen/xend/server/DevController.py     Fri Dec  2 01:34:39 2005
@@ -105,6 +105,13 @@
                 t.remove(frontpath)
                 t.remove(backpath)
 
+                t.mkdir(backpath)
+                import xen.xend.XendDomain
+                t.set_permissions(backpath,
+                                  {'dom': xen.xend.XendDomain.PRIV_DOMAIN },
+                                  {'dom'  : self.vm.getDomid(),
+                                   'read' : True })
+
                 t.write2(frontpath, front)
                 t.write2(backpath,  back)
 
diff -r db6d667f5168 -r 74b7a81e5eed 
tools/python/xen/xend/xenstore/xstransact.py
--- a/tools/python/xen/xend/xenstore/xstransact.py      Fri Dec  2 01:19:25 2005
+++ b/tools/python/xen/xend/xenstore/xstransact.py      Fri Dec  2 01:34:39 2005
@@ -213,6 +213,27 @@
                 self._write(key, fmt % val)
 
 
+    def mkdir(self, *args):
+        if len(args) == 0:
+            xshandle().mkdir(self.transaction, self.path)
+        else:
+            for key in args:
+                xshandle().mkdir(self.transaction, self.prependPath(key))
+
+
+    def set_permissions(self, *args):
+        if len(args) == 0:
+            raise TypeError
+        elif isinstance(args[0], str):
+            self.callRebased(args[0], self.set_permissions, *args[1:])
+        else:
+            if not self.path:
+                raise RuntimeError('Cannot set permissions on the root')
+
+            xshandle().set_permissions(self.transaction, self.path,
+                                       list(args))
+
+
     def remove2(self, middlePath, *args):
         self.callRebased(middlePath, self.remove, *args)
 
@@ -245,29 +266,11 @@
         given path, and return a list composed of the values at each of those
         instead.  This operation is performed inside a transaction.
         """
-        while True:
-            t = cls(path)
-            try:
-                v = t.read(*args)
-                t.abort()
-                return v
-            except:
-                t.abort()
-                raise
-
+        return complete(path, lambda t: t.read(*args))
     Read = classmethod(Read)
 
     def Write(cls, path, *args):
-        while True:
-            t = cls(path)
-            try:
-                t.write(*args)
-                if t.commit():
-                    return
-            except:
-                t.abort()
-                raise
-
+        complete(path, lambda t: t.write(*args))
     Write = classmethod(Write)
 
     def Remove(cls, path, *args):
@@ -275,16 +278,7 @@
         each further argument as a subpath to the given path, and remove each
         of those instead.  This operation is performed inside a transaction.
         """
-        while True:
-            t = cls(path)
-            try:
-                t.remove(*args)
-                if t.commit():
-                    return
-            except:
-                t.abort()
-                raise
-
+        complete(path, lambda t: t.remove(*args))
     Remove = classmethod(Remove)
 
     def List(cls, path, *args):
@@ -294,16 +288,7 @@
         and return the cumulative listing of each of those instead.  This
         operation is performed inside a transaction.
         """
-        while True:
-            t = cls(path)
-            try:
-                v = t.list(*args)
-                if t.commit():
-                    return v
-            except:
-                t.abort()
-                raise
-
+        return complete(path, lambda t: t.list(*args))
     List = classmethod(List)
 
     def ListRecursive(cls, path, *args):
@@ -313,40 +298,33 @@
         subpath to the given path, and return the cumulative listing of each
         of those instead.  This operation is performed inside a transaction.
         """
-        while True:
-            t = cls(path)
-            try:
-                v = t.list_recursive(*args)
-                if t.commit():
-                    return v
-            except:
-                t.abort()
-                raise
-
+        return complete(path, lambda t: t.list_recursive(*args))
     ListRecursive = classmethod(ListRecursive)
 
     def Gather(cls, path, *args):
-        while True:
-            t = cls(path)
-            try:
-                v = t.gather(*args)
-                if t.commit():
-                    return v
-            except:
-                t.abort()
-                raise
-
+        return complete(path, lambda t: t.gather(*args))
     Gather = classmethod(Gather)
 
     def Store(cls, path, *args):
-        while True:
-            t = cls(path)
-            try:
-                v = t.store(*args)
-                if t.commit():
-                    return v
-            except:
-                t.abort()
-                raise
-
+        complete(path, lambda t: t.store(*args))
     Store = classmethod(Store)
+
+    def SetPermissions(cls, path, *args):
+        complete(path, lambda t: t.set_permissions(*args))
+    SetPermissions = classmethod(SetPermissions)
+
+    def Mkdir(cls, path, *args):
+        complete(path, lambda t: t.mkdir(*args))
+    Mkdir = classmethod(Mkdir)
+
+
+def complete(path, f):
+    while True:
+        t = xstransact(path)
+        try:
+            result = f(t)
+            if t.commit():
+                return result
+        except:
+            t.abort()
+            raise
diff -r db6d667f5168 -r 74b7a81e5eed tools/xenstore/xenstored_core.c
--- a/tools/xenstore/xenstored_core.c   Fri Dec  2 01:19:25 2005
+++ b/tools/xenstore/xenstored_core.c   Fri Dec  2 01:34:39 2005
@@ -1401,7 +1401,7 @@
 static void manual_node(const char *name, const char *child)
 {
        struct node *node;
-       struct xs_permissions perms = { .id = 0, .perms = XS_PERM_READ };
+       struct xs_permissions perms = { .id = 0, .perms = XS_PERM_NONE };
 
        node = talloc(NULL, struct node);
        node->name = name;
@@ -1442,6 +1442,7 @@
                   the balloon driver, this can be fatal.
                */
                internal_rm("/local");
+               manual_node("/", "local");
        }
        else {
                tdb_ctx = tdb_open(tdbname, 7919, TDB_FLAGS, O_RDWR|O_CREAT,
diff -r db6d667f5168 -r 74b7a81e5eed tools/xenstore/xenstored_domain.c
--- a/tools/xenstore/xenstored_domain.c Fri Dec  2 01:19:25 2005
+++ b/tools/xenstore/xenstored_domain.c Fri Dec  2 01:34:39 2005
@@ -287,6 +287,7 @@
 
        domain->conn = new_connection(writechn, readchn);
        domain->conn->domain = domain;
+       domain->conn->id = domid;
 
        domain->remote_port = port;
        domain->mfn = mfn;

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] Initialise the connection ID when a domain is introduced. This (re)enables, Xen patchbot -unstable <=