WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [PATCH] libxl: Use xenbus to communicate with xenstore i

from [Ian Campbell] [Permanent Link][Original]
To: Mihir Nanavati <mihirn@xxxxxxxxx>
Subject: Re: [Xen-devel] [PATCH] libxl: Use xenbus to communicate with xenstore if the socket fails
From: Ian Campbell <Ian.Campbell@xxxxxxxxxxxxx>
Date: Thu, 9 Dec 2010 10:37:22 +0000
Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Thu, 09 Dec 2010 02:39:15 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <AANLkTikitoG+FA1+xAw0ZySRHNbJw4dqBpW33C+HO0bG@xxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Organization: Citrix Systems, Inc.
References: <AANLkTiketBP-qtBE6su=Wkob8FEvvcht+KZDEVm6iDKS@xxxxxxxxxxxxxx> <1291886276.13966.4612.camel@xxxxxxxxxxxxxxxxxxxxxx> <AANLkTikitoG+FA1+xAw0ZySRHNbJw4dqBpW33C+HO0bG@xxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
On Thu, 2010-12-09 at 09:59 +0000, Mihir Nanavati wrote:
> Sure, that sounds doable. 
> 
> I'm not sure what the behaviour of the readonly should be though - I
> don't see any way of opening the xenbus client as readonly, or at
> least nothing quite as simple as a xs_domain_open_readonly.

What are readonly connections actually used for? Are they actually
enforcing some part of the security model or just preventing casual
accidents?

The only user I can see is libxenstat which immediately beforehand
opened the privcmd interface so it's already privileged enough to get a
rw connection if it wants. The python bindings provide the functionality
but I can't see it being used anywhere.

Perhaps just open /proc/xen/xenbus with O_RDONLY and if the kernel
driver doesn't enforce that then it's a bug in the driver, but not a
critical one since we don't actually rely on it for security?

>  How should a xs_open(1) behave in the case that
> xs_daemon_open_readonly fails? A null or a xs_handle using
> xs_domain_open?

I don't think there is any harm in trying to open the rw handle -- if
that succeeds then the calling process is privileged enough in the first
place.

> Is there a way to constrain the xenbus handle using some other
> mechanism?
> 
> ~M
> 
> On Thu, Dec 9, 2010 at 1:17 AM, Ian Campbell <Ian.Campbell@xxxxxxxxxx>
> wrote:
>         On Wed, 2010-12-08 at 20:47 +0000, Mihir Nanavati wrote:
>         > Adds an open xenstore connection function which tries to use
>         the
>         > xenbus interface (xs_domain_open) when the socket interface
>         > (xs_daemon_opn) fails.
>         
>         
>         I like the concept of this patch.
>         
>         I can't think of any reason why the callers of libxenstore
>         should need
>         to care about how which communication channel gets used so
>         there's no
>         reason for the library to defer that choice to the caller. So
>         perhaps we
>         should go one step further push this behaviour down into
>         libxenstore
>         itself? i.e. add "xs_open(int ro)" and make
>         xs_{daemon,domain}_open{,_readonly} compatibility aliases to
>         that
>         function.
>         
>         
>         > Signed-off-by: Mihir Nanavati <mihirn@xxxxxxxxx>
>         
>         
>         
> 



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] [PATCH] libxl: Use xenbus to communicate with xenstore if the socket fails, Ian Campbell
Next by Date:  Re: [Xen-users] Re: [Xen-devel] Re: HVM DomU, msi_translate=0, MSI/MSI-X PCI passthrough fails., Mark Adams
Previous by Thread:  Re: [Xen-devel] [PATCH] libxl: Use xenbus to communicate with xenstore if the socket fails, Mihir Nanavati
Next by Thread:  Re: [Xen-devel] [PATCH] libxl: Use xenbus to communicate with xenstore if the socket fails, Vincent Hanquez
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy