WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] [PATCH] Require that xenstored writes to a domain comple

To: David Edmondson <dme@xxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Xen-devel] [PATCH] Require that xenstored writes to a domain complete in a single chunk
From: Keir Fraser <keir@xxxxxxxxxxxxx>
Date: Mon, 26 Feb 2007 17:20:34 +0000
Delivery-date: Mon, 26 Feb 2007 09:19:55 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <871wkcyjig.fsf@xxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcdZymxiqv/X9MW9Edu1UwAX8io7RQ==
Thread-topic: [Xen-devel] [PATCH] Require that xenstored writes to a domain complete in a single chunk
User-agent: Microsoft-Entourage/11.2.5.060620
On 26/2/07 16:24, "David Edmondson" <dme@xxxxxxx> wrote:

> If xenstored is part-way through writing a header+payload into the
> buffer shared with a guest domain when the guest domain decides to
> suspend, the buffer is corrupted, as xenstored doesn't know that it
> has a partial write to complete when the domain revives.  The domain
> is expecting proper completion of the partial header+payload and is
> disappointed.
> 
> The attached patch modifies xenstored such that it checks for
> sufficient space for header+payload before making any changes to the
> shared buffer.
> 
> It is against 3.0.4-1, but the code in unstable looks the same.

This seems dubious. There's no reason we might not have payloads bigger than
the ring size (which is only 1kB).

The right fix would be in the guest, which should already be stopping any
transactions or commands across save/restore. Does this problem occur when
xenstored sends an asynchronous watch-fired message? Probably the
packet-reading thread should be interrupted and put to sleep before
suspending.

For older guest compatibility perhaps we can take a variant of your patch
that only waits for enough space is the entire message fits in the ring in
one go. This would be 'best-effort' at compatibility while not precluding
use of larger messages in general.

 -- Keir


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel