Yosuke Iwamatsu
2009-Jan-19 07:00 UTC
[Xen-devel] [PATCH] ioemu: Get guest uuid from xenstore
xenstore_get_guess_uuid() retrieves the guest uuid by using a sysctl hypercall through libxc now, but when we use the ioemu-stubdom, the hcall is not allowed to be invoked. This patch makes ioemu get the guest uuid from xenstore, instead of using libxc. Regards, ----------------------- Yosuke Iwamatsu NEC Corporation Signed-off-by: Yosuke Iwamatsu <y-iwamatsu@ab.jp.nec.com> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Ian Jackson
2009-Jan-19 18:02 UTC
Re: [Xen-devel] [PATCH] ioemu: Get guest uuid from xenstore
Yosuke Iwamatsu writes ("[Xen-devel] [PATCH] ioemu: Get guest uuid from xenstore"):> xenstore_get_guess_uuid() retrieves the guest uuid by using a sysctl > hypercall through libxc now, but when we use the ioemu-stubdom, the > hcall is not allowed to be invoked. > This patch makes ioemu get the guest uuid from xenstore, instead of > using libxc.I don''t think this patch is safe. /local/domain/<domid>/vm is owned by (and thus writeable by) the domain in question. We need a trustworthy copy of this information. Ian. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2009-Jan-19 18:16 UTC
Re: [Xen-devel] [PATCH] ioemu: Get guest uuid from xenstore
On 19/01/2009 18:02, "Ian Jackson" <Ian.Jackson@eu.citrix.com> wrote:> I don''t think this patch is safe. /local/domain/<domid>/vm is > owned by (and thus writeable by) the domain in question. We need a > trustworthy copy of this information.Perhaps worth checking with a xenstore-ls -p, or a xenstore-write attempt within a domU, but the vm node should be owned by dom0 and read-only by the domU. The recent xenstore permissions fixes should ensure that. So the patch should be safe and if it''s not it''s a xend bug that needs fixing. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Yosuke Iwamatsu
2009-Jan-20 02:12 UTC
[Xen-devel] [PATCH] ioemu: Get guest uuid from xenstore
Keir Fraser wrote:> On 19/01/2009 18:02, "Ian Jackson" <Ian.Jackson@eu.citrix.com> wrote: > >> I don''t think this patch is safe. /local/domain/<domid>/vm is >> owned by (and thus writeable by) the domain in question. We need a >> trustworthy copy of this information. > > Perhaps worth checking with a xenstore-ls -p, or a xenstore-write attempt > within a domU, but the vm node should be owned by dom0 and read-only by the > domU. The recent xenstore permissions fixes should ensure that. > > So the patch should be safe and if it''s not it''s a xend bug that needs > fixing.I checked with ''xenstore-ls -p'' on my system and could confirm that the permission of /local/domain/<domid>/vm was set properly (owned by dom0 and set read-only by domU), apparently since cs 18933. Thanks, Yosuke _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Ian Jackson
2009-Jan-20 10:32 UTC
Re: [Xen-devel] [PATCH] ioemu: Get guest uuid from xenstore
Yosuke Iwamatsu writes ("[Xen-devel] [PATCH] ioemu: Get guest uuid from xenstore"):> Keir Fraser wrote: > > Perhaps worth checking with a xenstore-ls -p, or a xenstore-write attempt > > within a domU, but the vm node should be owned by dom0 and read-only by the > > domU. The recent xenstore permissions fixes should ensure that.I looked with xenstore-ls -p but perhaps my test box is out of date. I''ll update it and see what it does then ... Ian. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Yosuke Iwamatsu
2009-Jan-27 11:04 UTC
[Xen-devel] [PATCH] ioemu: Get guest uuid from xenstore
Ian Jackson wrote:> Yosuke Iwamatsu writes ("[Xen-devel] [PATCH] ioemu: Get guest uuid from xenstore"): >> Keir Fraser wrote: >>> Perhaps worth checking with a xenstore-ls -p, or a xenstore-write attempt >>> within a domU, but the vm node should be owned by dom0 and read-only by the >>> domU. The recent xenstore permissions fixes should ensure that. > > I looked with xenstore-ls -p but perhaps my test box is out of date. > I''ll update it and see what it does then ... >Any progress on this? Please note that there is a real problem with the current implementation (xenstore_get_guest_uuid() returns NULL in stub-dom mode) that sometime the ioemu-domain crashes while running a Linux HVM domain, So we should fix it somehow. Thank you, Yosuke _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Ian Jackson
2009-Jan-27 11:40 UTC
Re: [Xen-devel] [PATCH] ioemu: Get guest uuid from xenstore
Yosuke Iwamatsu writes ("[Xen-devel] [PATCH] ioemu: Get guest uuid from xenstore"):> Ian Jackson wrote: > > I looked with xenstore-ls -p but perhaps my test box is out of date. > > I''ll update it and see what it does then ...... what it did was break utterly and after I''d fixed it I''m afraid I forgot about your patch. I''ve checked now and it''s fine so I have applied your patch. Thanks for the reminder. Ian. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel