From patchwork Fri Jan 15 22:28:40 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= X-Patchwork-Id: 12024253 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id A2B34C433E0 for ; Fri, 15 Jan 2021 22:29:58 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 6B80E20DD4 for ; Fri, 15 Jan 2021 22:29:58 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6B80E20DD4 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.68655.122924 (Exim 4.92) (envelope-from ) id 1l0XbA-0005xg-NO; Fri, 15 Jan 2021 22:29:40 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 68655.122924; Fri, 15 Jan 2021 22:29:40 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0XbA-0005xZ-Jn; Fri, 15 Jan 2021 22:29:40 +0000 Received: by outflank-mailman (input) for mailman id 68655; Fri, 15 Jan 2021 22:29:39 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0Xb9-0005xU-Ad for xen-devel@lists.xenproject.org; Fri, 15 Jan 2021 22:29:39 +0000 Received: from esa1.hc3370-68.iphmx.com (unknown [216.71.145.142]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 8ce1b3db-d953-436e-bf8f-8b1765b1fc98; Fri, 15 Jan 2021 22:29:37 +0000 (UTC) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 8ce1b3db-d953-436e-bf8f-8b1765b1fc98 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1610749777; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=MRMXAAKCznyCgSXYTb+3ZlgjJBpHTfYOk0OXr6qFO7Y=; b=E2TTAMqWwbPocunA5yNxuEgTpf8fLBsqvXl/i79qNC/KDVkfoKFzyzX8 J4An7SlAOl9S+p+UvF/XCmsTAa6WLDthWzLKomXu6K6n32Zf1fjSr6wKZ J8JbFMdMCYZLIm4RfGIMSa/c8Y90Q9Dc8WRlr0JxVL1m4Tb6HxyBIhaiz 0=; Authentication-Results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: 1lKwyqH+GPZE8/aqrvXeJpMTjLDHobceXdarvyMZcQUZSpFc7J+fDsqqO3qKJHvyeXoDI6GUEK bIISUC2e4qjKyFqKO3CNWCdV7xRoAJApaN4GkYYEIGu+lTf1wm3uVCfGt2hnnsB8LuNwGYXBU/ g22/3UyZE79YprhgO8gGjTM5CmICHfnVei3y+B4j6PORGagVg2Xf3ZqhBFyg2pYgYW7rqv3Crg nRs8qVNRVfnTkSA1eyhZ6Z7JvhyAJO26BsvIXziY+44+lMF9oayFAfsxaphzsZFqhuajIWtj9Y Oro= X-SBRS: 5.1 X-MesageID: 35590778 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.79,350,1602561600"; d="scan'208";a="35590778" From: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= To: CC: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= , "Doug Goldstein" Subject: [PATCH v2 1/2] automation/: add Ubuntu:focal container Date: Fri, 15 Jan 2021 22:28:40 +0000 Message-ID: <63bf3ced2500eb9be579674ff2f0016ac9d73e70.1610748224.git.edvin.torok@citrix.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: References: MIME-Version: 1.0 Signed-off-by: Edwin Török Acked-by: Doug Goldstein --- Changed since v1: * dropped python-dev and markdown --- automation/build/ubuntu/focal.dockerfile | 48 ++++++++++++++++++++++++ automation/scripts/containerize | 1 + 2 files changed, 49 insertions(+) create mode 100644 automation/build/ubuntu/focal.dockerfile diff --git a/automation/build/ubuntu/focal.dockerfile b/automation/build/ubuntu/focal.dockerfile new file mode 100644 index 0000000000..c1c1f8d58f --- /dev/null +++ b/automation/build/ubuntu/focal.dockerfile @@ -0,0 +1,48 @@ +FROM ubuntu:20.04 +LABEL maintainer.name="The Xen Project " \ + maintainer.email="xen-devel@lists.xenproject.org" + +ENV DEBIAN_FRONTEND=noninteractive +ENV USER root + +RUN mkdir /build +WORKDIR /build + +# build depends +RUN apt-get update && \ + apt-get --quiet --yes install \ + build-essential \ + zlib1g-dev \ + libncurses5-dev \ + libssl-dev \ + python3-dev \ + xorg-dev \ + uuid-dev \ + libyajl-dev \ + libaio-dev \ + libglib2.0-dev \ + clang \ + libpixman-1-dev \ + pkg-config \ + flex \ + bison \ + gettext \ + acpica-tools \ + bin86 \ + bcc \ + liblzma-dev \ + libc6-dev-i386 \ + libnl-3-dev \ + ocaml-nox \ + libfindlib-ocaml-dev \ + libsystemd-dev \ + transfig \ + pandoc \ + checkpolicy \ + wget \ + git \ + nasm \ + && \ + apt-get autoremove -y && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists* /tmp/* /var/tmp/* diff --git a/automation/scripts/containerize b/automation/scripts/containerize index c8c3c20fa2..da45baed4e 100755 --- a/automation/scripts/containerize +++ b/automation/scripts/containerize @@ -28,6 +28,7 @@ case "_${CONTAINER}" in _centos7) CONTAINER="${BASE}/centos:7" ;; _centos72) CONTAINER="${BASE}/centos:7.2" ;; _fedora) CONTAINER="${BASE}/fedora:29";; + _focal) CONTAINER="${BASE}/ubuntu:focal" ;; _jessie) CONTAINER="${BASE}/debian:jessie" ;; _stretch|_) CONTAINER="${BASE}/debian:stretch" ;; _unstable|_) CONTAINER="${BASE}/debian:unstable" ;; From patchwork Fri Jan 15 22:28:41 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= X-Patchwork-Id: 12024255 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6DD54C433E0 for ; Fri, 15 Jan 2021 22:30:01 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 2FA6820DD4 for ; Fri, 15 Jan 2021 22:30:01 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 2FA6820DD4 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.68659.122948 (Exim 4.92) (envelope-from ) id 1l0XbL-00063E-7e; Fri, 15 Jan 2021 22:29:51 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 68659.122948; Fri, 15 Jan 2021 22:29:51 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0XbL-000636-4b; Fri, 15 Jan 2021 22:29:51 +0000 Received: by outflank-mailman (input) for mailman id 68659; Fri, 15 Jan 2021 22:29:49 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0XbJ-00062b-RB for xen-devel@lists.xenproject.org; Fri, 15 Jan 2021 22:29:49 +0000 Received: from esa3.hc3370-68.iphmx.com (unknown [216.71.145.155]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id fcbc4171-777d-4f1f-899b-05b569a5d2ce; Fri, 15 Jan 2021 22:29:48 +0000 (UTC) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: fcbc4171-777d-4f1f-899b-05b569a5d2ce DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1610749788; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=7FtxhcFGXeixISaf1MY+GwKw/DMXVUnwabrQqvgoO5Q=; b=JWykYM3BmBX5IBiuz56DqPvpLrKLT+EzNXwo46XlMeX0j5gRjs7hGWD5 7u0YWVK+TILlIx0w8/VQ/u/p5ej8cZe0Bys65kIIB11D+JEWypWmjTOCE eT6tuFi3gusno1Re0h/Rn7FJtFzfPiyeP1lEcCKSIsB2AKqf2FJL+w6Sk g=; Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: 6PkBYPMIMklNQNl7Ds1iT2gy7F+DBMRbPnrr4njv5lnHg56aoXgovURdpyVmdROMbTHKoVUHzb RKzFV9/teGPcCKMwRaUig7/jO8HBGhleNCc77DTfpZ13oex8t2Aot2YH0f9xut16Ft4qG5l8V0 3KBXcHKUkVryQoF2LjYIpuMObqa9hl0wBuH34RNh/xv/utNKLIIwlUoWhgQavVIWlfkP3/Fz1D j0UwlTIe1F8dhytXFt6Vq87PJbqrQeEcXO4yxWJN3FWT1jeXSHjO7kCOlMMKltH/hVnap4doXZ xT0= X-SBRS: 5.1 X-MesageID: 35216600 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.79,350,1602561600"; d="scan'208";a="35216600" From: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= To: CC: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= , "Andrew Cooper" , George Dunlap , Ian Jackson , Jan Beulich , "Julien Grall" , Stefano Stabellini , Wei Liu , Christian Lindig , David Scott Subject: [PATCH v2 2/2] Makefile: add build-tools-oxenstored Date: Fri, 15 Jan 2021 22:28:41 +0000 Message-ID: <5805ac238f841a18e86e5a396ce7446f4914cf04.1610748224.git.edvin.torok@citrix.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: References: MIME-Version: 1.0 As a convenience so that oxenstored patches can be compile-tested using upstream's build-system before submitting upstream. Signed-off-by: Edwin Török --- Changed since V1: * repost after XSA to avoid conflicts --- Makefile | 6 ++++++ tools/ocaml/Makefile | 8 ++++++++ 2 files changed, 14 insertions(+) diff --git a/Makefile b/Makefile index 9ad2602f63..96d32cfd50 100644 --- a/Makefile +++ b/Makefile @@ -62,6 +62,12 @@ build-xen: build-tools: build-tools-public-headers $(MAKE) -C tools build +.PHONY: build-tools-oxenstored +build-tools-oxenstored: build-tools-public-headers + $(MAKE) -s -C tools/ocaml clean + $(MAKE) -s -C tools/libs + $(MAKE) -C tools/ocaml build-tools-oxenstored + .PHONY: build-stubdom build-stubdom: mini-os-dir build-tools-public-headers $(MAKE) -C stubdom build diff --git a/tools/ocaml/Makefile b/tools/ocaml/Makefile index 66f2d6b131..a7c04b6546 100644 --- a/tools/ocaml/Makefile +++ b/tools/ocaml/Makefile @@ -26,3 +26,11 @@ clean: subdirs-clean .PHONY: distclean distclean: subdirs-distclean + +.PHONY: build-tools-oxenstored +build-tools-oxenstored: + $(MAKE) -s -C libs/eventchn + $(MAKE) -s -C libs/mmap + $(MAKE) -s -C libs/xb + $(MAKE) -s -C libs/xc + $(MAKE) -C xenstored From patchwork Fri Jan 15 22:28:45 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= X-Patchwork-Id: 12024257 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 927BCC433DB for ; Fri, 15 Jan 2021 22:30:03 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 4AABA20DD4 for ; Fri, 15 Jan 2021 22:30:03 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 4AABA20DD4 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.68661.122959 (Exim 4.92) (envelope-from ) id 1l0XbP-00067m-IM; Fri, 15 Jan 2021 22:29:55 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 68661.122959; Fri, 15 Jan 2021 22:29:55 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0XbP-00067W-Eg; Fri, 15 Jan 2021 22:29:55 +0000 Received: by outflank-mailman (input) for mailman id 68661; Fri, 15 Jan 2021 22:29:54 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0XbO-00062b-7z for xen-devel@lists.xenproject.org; Fri, 15 Jan 2021 22:29:54 +0000 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id baa3299e-2f51-4b81-8b79-0bcd3ff41003; Fri, 15 Jan 2021 22:29:49 +0000 (UTC) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: baa3299e-2f51-4b81-8b79-0bcd3ff41003 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1610749789; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=NHqTfTuH/ZE50yfbzAZKh31IXsGU89p4AdJLcN9tjb0=; b=bBB0TI/EpCW2h9OIlINjoJxd7NsDmRVd2+p/uwKR/QnOW/soMLFoVMtu A19hBsvL8j0RaZDxNK6FcU6/ZBzkF1eqxxAs6On9YpynnoA2L+sfNs4mc sN2a5zGNFc4bBEG6BkUh/51fM7c7s3RgeAprnVdc4mUkv+slQnrtKF10C M=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: Wo0p2h268fOq2mvPfOhvZ6ygDMuZtg6OFRmvbqMszVyh23LaMimvh9i2eRntArErmyZWK2orkQ 7jkLcwQGs89rczUZgR/Zu1TXzRFUcwkTVXElzRFvS5hxbAQS1CFTOE/fYmI6R97udzMKst4jtf Py2UODmWIaTJ1JsQ5zBtn3jEiKOSUywK5sH1p70NF4fKolFKLKFNmUogdqJhui/KqH3ZjNYIRo n232mpYy/ZubG6MwqauNBrIbTABJ6tnm6soONt12PmZ8jXRf8aB06DmHXl4KjlmKvkJsqPusPM jpU= X-SBRS: 5.1 X-MesageID: 35262766 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.79,350,1602561600"; d="scan'208";a="35262766" From: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= To: CC: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= , "Andrew Cooper" , George Dunlap , Ian Jackson , Jan Beulich , "Julien Grall" , Stefano Stabellini , Wei Liu Subject: [PATCH v2 3/8] docs/designs/xenstore-migration.md: clarify that deletes are recursive Date: Fri, 15 Jan 2021 22:28:45 +0000 Message-ID: <9f3823a494bd512348812355fbfecf6be447aca0.1610748224.git.edvin.torok@citrix.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: References: MIME-Version: 1.0 Signed-off-by: Edwin Török --- Changed since V1: * post publicly now that the XSA is out --- docs/designs/xenstore-migration.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/designs/xenstore-migration.md b/docs/designs/xenstore-migration.md index 2ce2c836f5..f44bc0c61d 100644 --- a/docs/designs/xenstore-migration.md +++ b/docs/designs/xenstore-migration.md @@ -365,7 +365,8 @@ record previously present). | | 0x0001: read | | | 0x0002: written | | | | -| | The value will be zero for a deleted node | +| | The value will be zero for a recursively | +| | deleted node | | | | | `perm-count` | The number (N) of node permission specifiers | | | (which will be 0 for a node deleted in a | From patchwork Fri Jan 15 22:28:46 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= X-Patchwork-Id: 12024265 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 87A33C433DB for ; Fri, 15 Jan 2021 22:30:26 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 4E74A20DD4 for ; Fri, 15 Jan 2021 22:30:26 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 4E74A20DD4 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.68672.123020 (Exim 4.92) (envelope-from ) id 1l0Xbj-0007Ef-NN; Fri, 15 Jan 2021 22:30:15 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 68672.123020; Fri, 15 Jan 2021 22:30:15 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0Xbj-0007EV-Jq; Fri, 15 Jan 2021 22:30:15 +0000 Received: by outflank-mailman (input) for mailman id 68672; Fri, 15 Jan 2021 22:30:14 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0Xbi-00062b-8V for xen-devel@lists.xenproject.org; Fri, 15 Jan 2021 22:30:14 +0000 Received: from esa3.hc3370-68.iphmx.com (unknown [216.71.145.155]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 1c25cd1b-d022-4c55-b81e-1987ddc0eda6; Fri, 15 Jan 2021 22:29:51 +0000 (UTC) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 1c25cd1b-d022-4c55-b81e-1987ddc0eda6 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1610749791; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=tcW6aJFjdLYT7/rMoBR/lbzSOmMTuN1isJgOl/8Ingw=; b=akKWxwMIyITjsxNgoj6lcnUZVcd/siduO90sC/CSM2/QCLoXCdAhcEN0 ERwqdwpTRhMFj0gJQEMVhDjvV0eLeWKtYXO8O+FYa3QeC6+6mbMjey2L0 X38yUJbYWqYSjzFWOf1XHstjkfdBU89EWX6JvrRduSSzSZfh8QGQLDVbt A=; Authentication-Results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: QSb8iFPrZC3nCgPcKdjmYn5SsNfAh0MxCe+2gLLmR50bxDKGKv0z2ojfYb16wVO5I7tys1TMcv l9nOggz0RQr4H77k/lBFmtA2yvZkNOBj7/iWFsfsX+p6P8DrYq3u6zzqWoAVXNg8jgUrQU3wrV +8SsQRMlgnT5gsxYtlrYjBY5id7DBotUbLqNt9Mu0SIW4NTa4CJoHHrI7aOgFqBwGBuPSmmyj2 UWGL2dimOLlBdaYa0UKkQiAva54vIff2xsl2/JzZ+v742yeK1U7ho6FNHEtg99gDSj4ZhXdWDk 85U= X-SBRS: 5.1 X-MesageID: 35216601 X-Ironport-Server: esa3.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.79,350,1602561600"; d="scan'208";a="35216601" From: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= To: CC: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= , "Christian Lindig" , David Scott , "Ian Jackson" , Wei Liu , Juergen Gross , Pau Ruiz Safont Subject: [PATCH v2 4/8] tools/ocaml/xenstored: only quit on SIGTERM when a reload is possible Date: Fri, 15 Jan 2021 22:28:46 +0000 Message-ID: <023574503750d06132e3ca260848c364ff439001.1610748224.git.edvin.torok@citrix.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: References: MIME-Version: 1.0 Currently when oxenstored receives SIGTERM it dumps its state and quits. It is possible to then restart it if --restart is given, however that is not always safe: * domains could have active transactions, and after a restart they would either reuse transaction IDs of already open transactions, or get an error back that the transaction doesn't exist * there could be pending data to send to a VM still in oxenstored's queue which would be lost * there could be pending input to be processed from a VM in oxenstored's queue which would be lost Prevent shutting down oxenstored via SIGTERM in the above situations. Also ignore domains marked as bad because oxenstored would never talk to them again. Signed-off-by: Edwin Török Reviewed-by: Pau Ruiz Safont Reviewed-by: Christian Lindig --- Changed since V1: * post publicly now that the XSA is out --- tools/ocaml/xenstored/connection.ml | 35 ++++++++++++++++++++++++++++ tools/ocaml/xenstored/connections.ml | 8 +++++++ tools/ocaml/xenstored/xenstored.ml | 13 +++++++++-- tools/xenstore/xenstored_core.c | 7 +++++- 4 files changed, 60 insertions(+), 3 deletions(-) diff --git a/tools/ocaml/xenstored/connection.ml b/tools/ocaml/xenstored/connection.ml index fa0d3c4d92..bd02060cd0 100644 --- a/tools/ocaml/xenstored/connection.ml +++ b/tools/ocaml/xenstored/connection.ml @@ -290,6 +290,41 @@ let has_new_output con = Xenbus.Xb.has_new_output con.xb let peek_output con = Xenbus.Xb.peek_output con.xb let do_output con = Xenbus.Xb.output con.xb +let is_bad con = match con.dom with None -> false | Some dom -> Domain.is_bad_domain dom + +(* oxenstored currently only dumps limited information about its state. + A live update is only possible if any of the state that is not dumped would be empty. + Compared to https://xenbits.xen.org/docs/unstable/designs/xenstore-migration.html: + * GLOBAL_DATA: not strictly needed, systemd is giving the socket FDs to us + * CONNECTION_DATA: PARTIAL + * for domains: PARTIAL, see Connection.dump -> Domain.dump, only if data and tdomid is empty + * for sockets (Dom0 toolstack): NO + * WATCH_DATA: OK, see Connection.dump + * TRANSACTION_DATA: NO + * NODE_DATA: OK (except for transactions), see Store.dump_fct and DB.to_channel + + Also xenstored will never talk to a Domain once it is marked as bad, + so treat it as idle for live-update. + + Restrictions below can be relaxed once xenstored learns to dump more + of its live state in a safe way *) +let has_extra_connection_data con = + let has_in = has_input con in + let has_out = has_output con in + let has_socket = con.dom = None in + let has_nondefault_perms = make_perm con.dom <> con.perm in + has_in || has_out + || has_socket (* dom0 sockets not dumped yet *) + || has_nondefault_perms (* set_target not dumped yet *) + +let has_transaction_data con = + let n = number_of_transactions con in + dbg "%s: number of transactions = %d" (get_domstr con) n; + n > 0 + +let prevents_live_update con = not (is_bad con) + && (has_extra_connection_data con || has_transaction_data con) + let has_more_work con = has_more_input con || not (has_old_output con) && has_new_output con diff --git a/tools/ocaml/xenstored/connections.ml b/tools/ocaml/xenstored/connections.ml index 6ee3552ec2..82988f7e8d 100644 --- a/tools/ocaml/xenstored/connections.ml +++ b/tools/ocaml/xenstored/connections.ml @@ -194,3 +194,11 @@ let debug cons = let anonymous = Hashtbl.fold (fun _ con accu -> Connection.debug con :: accu) cons.anonymous [] in let domains = Hashtbl.fold (fun _ con accu -> Connection.debug con :: accu) cons.domains [] in String.concat "" (domains @ anonymous) + +let filter ~f cons = + let fold _ v acc = if f v then v :: acc else acc in + [] + |> Hashtbl.fold fold cons.anonymous + |> Hashtbl.fold fold cons.domains + +let prevents_quit cons = filter ~f:Connection.prevents_live_update cons diff --git a/tools/ocaml/xenstored/xenstored.ml b/tools/ocaml/xenstored/xenstored.ml index 39d6d767e4..6b5381962b 100644 --- a/tools/ocaml/xenstored/xenstored.ml +++ b/tools/ocaml/xenstored/xenstored.ml @@ -20,6 +20,7 @@ open Parse_arg open Stdext let error fmt = Logging.error "xenstored" fmt +let warn fmt = Logging.warn "xenstored" fmt let debug fmt = Logging.debug "xenstored" fmt let info fmt = Logging.info "xenstored" fmt @@ -312,7 +313,9 @@ let _ = ); Sys.set_signal Sys.sighup (Sys.Signal_handle sighup_handler); - Sys.set_signal Sys.sigterm (Sys.Signal_handle (fun _ -> quit := true)); + Sys.set_signal Sys.sigterm (Sys.Signal_handle (fun _ -> + info "Received SIGTERM"; + quit := true)); Sys.set_signal Sys.sigusr1 (Sys.Signal_handle (fun _ -> sigusr1_handler store)); Sys.set_signal Sys.sigpipe Sys.Signal_ignore; @@ -424,6 +427,12 @@ let _ = ); let elapsed = Unix.gettimeofday () -. now in debug "periodic_ops took %F seconds." elapsed; + if !quit then + (match Connections.prevents_quit cons with + | [] -> () + | domains -> + List.iter (fun con -> warn "%s prevents live update" (Connection.get_domstr con)) domains + ); delay_next_frequent_ops_by elapsed in @@ -475,7 +484,7 @@ let _ = in Systemd.sd_notify_ready (); - while not !quit + while not (!quit && Connections.prevents_quit cons = []) do try main_loop () diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c index 50986f8b29..b9495365c4 100644 --- a/tools/xenstore/xenstored_core.c +++ b/tools/xenstore/xenstored_core.c @@ -1970,6 +1970,7 @@ static struct option options[] = { { "internal-db", 0, NULL, 'I' }, { "verbose", 0, NULL, 'V' }, { "watch-nb", 1, NULL, 'W' }, + { "live-update", 0, NULL, 'U' }, { NULL, 0, NULL, 0 } }; extern void dump_conn(struct connection *conn); @@ -1984,11 +1985,12 @@ int main(int argc, char *argv[]) bool dofork = true; bool outputpid = false; bool no_domain_init = false; + bool live_update = false; const char *pidfile = NULL; int timeout; - while ((opt = getopt_long(argc, argv, "DE:F:HNPS:t:A:M:T:RVW:", options, + while ((opt = getopt_long(argc, argv, "DE:F:HNPS:t:A:M:T:RVW:U", options, NULL)) != -1) { switch (opt) { case 'D': @@ -2046,6 +2048,9 @@ int main(int argc, char *argv[]) case 'p': priv_domid = strtol(optarg, NULL, 10); break; + case 'U': + live_update = true; + break; } } if (optind != argc) From patchwork Fri Jan 15 22:28:47 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= X-Patchwork-Id: 12024261 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8E02CC433E9 for ; Fri, 15 Jan 2021 22:30:09 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 5793F20DD4 for ; Fri, 15 Jan 2021 22:30:09 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5793F20DD4 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.68662.122972 (Exim 4.92) (envelope-from ) id 1l0XbT-0006CZ-Sf; Fri, 15 Jan 2021 22:29:59 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 68662.122972; Fri, 15 Jan 2021 22:29:59 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0XbT-0006CP-PL; Fri, 15 Jan 2021 22:29:59 +0000 Received: by outflank-mailman (input) for mailman id 68662; Fri, 15 Jan 2021 22:29:59 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0XbT-00061Y-5d for xen-devel@lists.xenproject.org; Fri, 15 Jan 2021 22:29:59 +0000 Received: from esa4.hc3370-68.iphmx.com (unknown [216.71.155.144]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id d3aabfd2-998e-4de8-9ee5-2441aabbaaf3; Fri, 15 Jan 2021 22:29:50 +0000 (UTC) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: d3aabfd2-998e-4de8-9ee5-2441aabbaaf3 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1610749790; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=6dNoOpxPMfbkvAFQKGVZg+g4DArUnz6wcJHSzYnlKes=; b=gms080TbWYlCG2O3cgCyEhdn2zxvN8BlmqiDjZVJd79c+b5VKVGEZYLN Iw0gCpkFNQWL8xbmgIBO2AxvWYmwXHDjuhkCHExbN9+CWUEI2LV/c1L1i uOoGfNs/0p12R+cfpz07XZ3PdezQ7212siISe55V4zGcqcD08aftMy9cm g=; Authentication-Results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: 8JIRRQ/vTnM8hZE8q0nckRqCFDUqGtRyZFzsPEFzkfGMNg4c5LceWHyUP9Jxq7zq2wErry/YY6 p8azCp7mDxtfmHPk5pnN0E8LDinNV9HZm7OYn6Nn1wfrJiWO8n4HQMpkv3v6JsML2mAC/G/nkF R7HdRGjbgRQV46p7co/hjVDRB/mieTIbLw2y/Q7LIRfsOmMwVCRzSS8cl9P8ZheLCpbdcU1orK Vp8BlpFnAS9hMgrqkDIaa+gTHCb07n3Ot13bPjyGuR4SfgwmnyX8ZWFg2/XvL5M8zqeHQIJOdE his= X-SBRS: 5.1 X-MesageID: 36511519 X-Ironport-Server: esa4.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.79,350,1602561600"; d="scan'208";a="36511519" From: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= To: CC: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= , "Christian Lindig" , David Scott , "Ian Jackson" , Wei Liu , Pau Ruiz Safont Subject: [PATCH v2 5/8] tools/ocaml/xenstored: Automatically resume when possible Date: Fri, 15 Jan 2021 22:28:47 +0000 Message-ID: X-Mailer: git-send-email 2.27.0 In-Reply-To: References: MIME-Version: 1.0 When a `db` file exists use it to resume oxenstored. It will contains a xenstore tree, domain reconnection info, and watches. It is currently missing data about all active socket connections, so a toolstack should ideally be stopped and restarted too. Tell systemd about oxenstored's PID and allow it to restart on success. This should make updating oxenstored as easy as: `systemctl stop -s SIGTERM xenstored` on a suitable xenstored version. Signed-off-by: Edwin Török Reviewed-by: Pau Ruiz Safont Reviewed-by: Christian Lindig --- Changed since V1: * post publicly now that the XSA is out --- tools/ocaml/xenstored/xenstored.ml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/tools/ocaml/xenstored/xenstored.ml b/tools/ocaml/xenstored/xenstored.ml index 6b5381962b..500d96753b 100644 --- a/tools/ocaml/xenstored/xenstored.ml +++ b/tools/ocaml/xenstored/xenstored.ml @@ -292,9 +292,8 @@ let _ = List.iter (fun path -> Store.write store Perms.Connection.full_rights path "") Store.Path.specials; - let filename = Paths.xen_run_stored ^ "/db" in - if cf.restart && Sys.file_exists filename then ( - DB.from_file store domains cons filename; + if cf.restart && Sys.file_exists Disk.xs_daemon_database then ( + DB.from_file store domains cons Disk.xs_daemon_database; Event.bind_dom_exc_virq eventchn ) else ( if !Disk.enable then ( @@ -320,7 +319,7 @@ let _ = Sys.set_signal Sys.sigpipe Sys.Signal_ignore; if cf.activate_access_log then begin - let post_rotate () = DB.to_file store cons (Paths.xen_run_stored ^ "/db") in + let post_rotate () = DB.to_file store cons Disk.xs_daemon_database in Logging.init_access_log post_rotate end; @@ -494,5 +493,8 @@ let _ = raise exc done; info "stopping xenstored"; - DB.to_file store cons (Paths.xen_run_stored ^ "/db"); + DB.to_file store cons Disk.xs_daemon_database; + (* unlink pidfile so that launch-xenstore works again *) + Unixext.unlink_safe pidfile; + (match cf.pidfile with Some pidfile -> Unixext.unlink_safe pidfile | None -> ()); () From patchwork Fri Jan 15 22:28:48 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= X-Patchwork-Id: 12024267 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D6C9AC433E0 for ; Fri, 15 Jan 2021 22:30:33 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 93F3320DD4 for ; Fri, 15 Jan 2021 22:30:33 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 93F3320DD4 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.68679.123032 (Exim 4.92) (envelope-from ) id 1l0Xbt-0007OG-8N; Fri, 15 Jan 2021 22:30:25 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 68679.123032; Fri, 15 Jan 2021 22:30:25 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0Xbt-0007O8-4P; Fri, 15 Jan 2021 22:30:25 +0000 Received: by outflank-mailman (input) for mailman id 68679; Fri, 15 Jan 2021 22:30:24 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0Xbs-00062b-8r for xen-devel@lists.xenproject.org; Fri, 15 Jan 2021 22:30:24 +0000 Received: from esa6.hc3370-68.iphmx.com (unknown [216.71.155.175]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id ef7b5529-d612-4839-bc0f-62c474490687; Fri, 15 Jan 2021 22:29:59 +0000 (UTC) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: ef7b5529-d612-4839-bc0f-62c474490687 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1610749799; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ChX2rsVn5ssD/dNJKc5/y7eY+C7iouZky4Y2USpFMDg=; b=H6sUoNR2i7+FwKh1s7RElUORLN1i5UTL7SXUSmU8OMyW7NLHrAUo9pI9 9N9vYG6l9WEgmhNLKHK51QOMHMWU5L3GMPWDlUtfGfDs2rqQ/GW7wIy5U KESqckmy5KrKdmgSf7s0yoKt2FKuTYg4aUVPVFkvhQjmLqhm7Zd6Ju2f3 Q=; Authentication-Results: esa6.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: mHx+RKLkQwzT3oeD7dsMnyR42Pl540jrfqcz7L7sfXLrey9EYa01zjmVv4vetuOp0N8lNlWXUG UczC7I/oZuEu7xb9VYVO9QS9+nyEy89N9W1YJGoC1vp/IDoQwxAN3g+u4eYnFv5FQW+8GE4Bw2 iEZ7VTKFerwgBtIkj4y2c/gyoAnhia0FmkOdnZHkk/iOO/FVAqVf9U5Ca+CJOett8qdCSdiz3V D0b5qENmEU3sBb+AZGYy3neH6v5o9rtq4VmTZRNnco8te6VujdIjgUTu/oNUCMHpnPZzoDURY/ lDw= X-SBRS: 5.1 X-MesageID: 35434458 X-Ironport-Server: esa6.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.79,350,1602561600"; d="scan'208";a="35434458" From: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= To: CC: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= , "Christian Lindig" , David Scott , "Ian Jackson" , Wei Liu , Pau Ruiz Safont Subject: [PATCH v2 6/8] tools/ocaml/xenstored: add cooperative live-update command Date: Fri, 15 Jan 2021 22:28:48 +0000 Message-ID: <0ed42a4cb25f53620c31594de9949f150c4833cc.1610748224.git.edvin.torok@citrix.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: References: MIME-Version: 1.0 See docs/misc/xenstore.txt for documentation on live-update command. Validate that the binary exists and that the cmdline is valid, to prevent typos from taking down xenstore (if live-update fails there is no way back due to the use of execve). Live update only proceeds if there are no active transactions, and no unprocess input or unflushed output. It is not yet possible to force the live-update. Signed-off-by: Edwin Török Reviewed-by: Pau Ruiz Safont Reviewed-by: Christian Lindig --- Changed since V1: * post publicly now that the XSA is out --- tools/ocaml/xenstored/process.ml | 112 +++++++++++++++++++++++++++++++ tools/ocaml/xenstored/stdext.ml | 6 ++ 2 files changed, 118 insertions(+) diff --git a/tools/ocaml/xenstored/process.ml b/tools/ocaml/xenstored/process.ml index 437d2dcf9e..c3c5dc58c0 100644 --- a/tools/ocaml/xenstored/process.ml +++ b/tools/ocaml/xenstored/process.ml @@ -15,6 +15,7 @@ *) let error fmt = Logging.error "process" fmt +let warn fmt = Logging.warn "process" fmt let info fmt = Logging.info "process" fmt let debug fmt = Logging.debug "process" fmt @@ -84,11 +85,122 @@ let create_implicit_path t perm path = List.iter (fun s -> Transaction.mkdir ~with_watch:false t perm s) ret ) +module LiveUpdate = struct +type t = + { binary: string + ; cmdline: string list + ; deadline: float + ; force: bool + ; pending: bool } + +let state = + ref + { binary= Sys.executable_name + ; cmdline= [] + ; deadline= 0. + ; force= false + ; pending= false } + +let debug = Printf.eprintf + +let args_of_t t = (t.binary, "--restart" :: t.cmdline) + +let string_of_t t = + let executable, rest = args_of_t t in + Filename.quote_command executable rest + +let launch_exn t = + let executable, rest = args_of_t t in + let args = Array.of_list (executable :: rest) in + Unix.execv args.(0) args + +let validate_exn t = + (* --help must be last to check validity of earlier arguments *) + let t = {t with cmdline= t.cmdline @ ["--help"]} in + let cmd = string_of_t t in + debug "Executing %s" cmd ; + match Unix.fork () with + | 0 -> + ( try launch_exn t with _ -> exit 2 ) + | pid -> ( + match Unix.waitpid [] pid with + | _, Unix.WEXITED 0 -> + debug "Live update validated cmdline %s" cmd; + t + | _, Unix.WEXITED n -> + invalid_arg (Printf.sprintf "Command %s exited with code %d" cmd n) + | _, Unix.WSIGNALED n -> + invalid_arg + (Printf.sprintf "Command %s killed by ocaml signal number %d" cmd n) + | _, Unix.WSTOPPED n -> + invalid_arg + (Printf.sprintf "Command %s stopped by ocaml signal number %d" cmd n) + ) + +let parse_live_update args = + try + (state := + match args with + | ["-f"; file] -> + validate_exn {!state with binary= file} + | ["-a"] -> + debug "Live update aborted" ; + {!state with pending= false} + | "-c" :: cmdline -> + validate_exn {!state with cmdline} + | "-s" :: _ -> + let timeout = ref 60 in + let force = ref false in + Arg.parse_argv ~current:(ref 1) (Array.of_list args) + [ ( "-t" + , Arg.Set_int timeout + , "timeout in seconds to wait for active transactions to finish" + ) + (*; ( "-F" + , Arg.Set force + , "force live update to happen even with running transactions \ + after timeout elapsed" )*) ] + (fun x -> raise (Arg.Bad x)) + "live-update -s" ; + debug "Live update process queued" ; + {!state with deadline = Unix.gettimeofday () +. float !timeout + ; force= !force; pending= true} + | _ -> + invalid_arg ("Unknown arguments: " ^ String.concat " " args)) ; + None + with + | Arg.Bad s | Arg.Help s | Invalid_argument s -> + Some s + | Unix.Unix_error (e, fn, args) -> + Some (Printf.sprintf "%s(%s): %s" fn args (Unix.error_message e)) + + let should_run cons = + let t = !state in + if t.pending then begin + match Connections.prevents_quit cons with + | [] -> true + | _ when Unix.gettimeofday () < t.deadline -> false + | l -> + info "Live update timeout reached: %d active connections" (List.length l); + List.iter (fun con -> warn "%s prevents live update" (Connection.get_domstr con)) l; + if t.force then begin + warn "Live update forced, some domain connections may break!"; + true + end else begin + warn "Live update aborted, try migrating or shutting down the domains/toolstack"; + state := { t with pending = false }; + false + end + end else false +end + (* packets *) let do_debug con t _domains cons data = if not (Connection.is_dom0 con) && not !allow_debug then None else try match split None '\000' data with + | "live-update" :: params -> + LiveUpdate.parse_live_update params | "print" :: msg :: _ -> Logging.xb_op ~tid:0 ~ty:Xenbus.Xb.Op.Debug ~con:"=======>" msg; None diff --git a/tools/ocaml/xenstored/stdext.ml b/tools/ocaml/xenstored/stdext.ml index 4f2f3a2c8c..e1567c4dfa 100644 --- a/tools/ocaml/xenstored/stdext.ml +++ b/tools/ocaml/xenstored/stdext.ml @@ -44,6 +44,12 @@ let default d v = let maybe f v = match v with None -> () | Some x -> f x +module Filename = struct + include Filename + let quote_command cmd args = + cmd :: args |> List.map quote |> String.concat " " +end + module String = struct include String let of_char c = String.make 1 c From patchwork Fri Jan 15 22:28:49 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= X-Patchwork-Id: 12024309 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6D7A8C433DB for ; Fri, 15 Jan 2021 22:52:53 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 26B1923128 for ; Fri, 15 Jan 2021 22:52:53 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 26B1923128 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.68726.123128 (Exim 4.92) (envelope-from ) id 1l0XxT-0001lA-3M; Fri, 15 Jan 2021 22:52:43 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 68726.123128; Fri, 15 Jan 2021 22:52:43 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0XxS-0001kz-Uo; Fri, 15 Jan 2021 22:52:42 +0000 Received: by outflank-mailman (input) for mailman id 68726; Fri, 15 Jan 2021 22:52:41 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0XxR-0001jt-Kb for xen-devel@lists.xenproject.org; Fri, 15 Jan 2021 22:52:41 +0000 Received: from esa1.hc3370-68.iphmx.com (unknown [216.71.145.142]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 112507ef-6449-4931-bcc5-a9048cea50c8; Fri, 15 Jan 2021 22:52:39 +0000 (UTC) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 112507ef-6449-4931-bcc5-a9048cea50c8 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1610751159; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=augisCiDAmdzwz8nZWWTgE5LegS6N8R0zEPLsBzdOTA=; b=QU82e0qSt4lI3Ao8lVEuiiPLnqwWAyZVE+kGvSHmjVhtUi8iOZTOEUD8 FmZE8afXaiKiOnVQMhvoZFAg/bwM9TMWTTyAJCi4aG8mTm6XYjD9xF+6i k7kYbpx9Pg6G6IZpZxJhSIpNhbdjMsELUy1rhqABmpDGna9wonCnS81jo g=; Authentication-Results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: 9jlr/S+Fg0jA0mFFaWVtVhO82mWeFmb6c+xVOZz+81qBhs4FkeJTYRq6spJHCsiWM1cK55DYHL WRSoJgQMfx11TpkCHZSPiFdSzsmotWCTXbVaavv60by8Rvav/4guc9rGgJmseVkUomN9iGQKSS blw9ALxKH5V2Uh4jKQ14AVEfhkzg/6+J9ivkDpBYUs23WTwSWRPW54IvvjTacDdTMXdKh4ET+8 YVN/ZYJKYdyb+4DqlIFZpkhnV14y8xW2CRItXbVGE8wJGBXue775uCwBSgNmOktwnMvdzakZ49 6LA= X-SBRS: 5.1 X-MesageID: 35591688 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.79,350,1602561600"; d="scan'208";a="35591688" From: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= To: CC: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= , "Christian Lindig" , David Scott , "Ian Jackson" , Wei Liu , Pau Ruiz Safont Subject: [PATCH v2 7/8] tools/ocaml/xenstored: start live update process Date: Fri, 15 Jan 2021 22:28:49 +0000 Message-ID: <4164cb728313c3b9fc38cf5e9ecb790ac93a9600.1610748224.git.edvin.torok@citrix.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: References: MIME-Version: 1.0 Signed-off-by: Edwin Török Reviewed-by: Pau Ruiz Safont Reviewed-by: Christian Lindig --- Changed since V1: * post publicly now that the XSA is out --- tools/ocaml/xenstored/logging.ml | 3 +++ tools/ocaml/xenstored/process.ml | 8 +++++--- tools/ocaml/xenstored/xenstored.ml | 29 ++++++++++++++++++++++------- 3 files changed, 30 insertions(+), 10 deletions(-) diff --git a/tools/ocaml/xenstored/logging.ml b/tools/ocaml/xenstored/logging.ml index 1ede131329..39c3036155 100644 --- a/tools/ocaml/xenstored/logging.ml +++ b/tools/ocaml/xenstored/logging.ml @@ -327,6 +327,9 @@ let end_transaction ~tid ~con = if !access_log_transaction_ops && tid <> 0 then access_logging ~tid ~con (XbOp Xenbus.Xb.Op.Transaction_end) ~level:Debug +let live_update () = + xb_op ~tid:0 ~con:"" ~ty:Xenbus.Xb.Op.Debug "Live update begin" + let xb_answer ~tid ~con ~ty data = let print, level = match ty with | Xenbus.Xb.Op.Error when String.startswith "ENOENT" data -> !access_log_read_ops , Warn diff --git a/tools/ocaml/xenstored/process.ml b/tools/ocaml/xenstored/process.ml index c3c5dc58c0..3174d8ede5 100644 --- a/tools/ocaml/xenstored/process.ml +++ b/tools/ocaml/xenstored/process.ml @@ -112,6 +112,7 @@ let string_of_t t = let launch_exn t = let executable, rest = args_of_t t in let args = Array.of_list (executable :: rest) in + info "Launching %s, args: %s" executable (String.concat " " rest); Unix.execv args.(0) args let validate_exn t = @@ -151,7 +152,7 @@ let parse_live_update args = | "-s" :: _ -> let timeout = ref 60 in let force = ref false in - Arg.parse_argv ~current:(ref 1) (Array.of_list args) + Arg.parse_argv ~current:(ref 0) (Array.of_list args) [ ( "-t" , Arg.Set_int timeout , "timeout in seconds to wait for active transactions to finish" @@ -166,7 +167,7 @@ let parse_live_update args = {!state with deadline = Unix.gettimeofday () +. float !timeout ; force= !force; pending= true} | _ -> - invalid_arg ("Unknown arguments: " ^ String.concat " " args)) ; + invalid_arg ("Unknown arguments: " ^ String.concat "," args)) ; None with | Arg.Bad s | Arg.Help s | Invalid_argument s -> @@ -200,7 +201,8 @@ let do_debug con t _domains cons data = then None else try match split None '\000' data with | "live-update" :: params -> - LiveUpdate.parse_live_update params + let dropped_trailing_nul = params |> List.rev |> List.tl |> List.rev in + LiveUpdate.parse_live_update dropped_trailing_nul | "print" :: msg :: _ -> Logging.xb_op ~tid:0 ~ty:Xenbus.Xb.Op.Debug ~con:"=======>" msg; None diff --git a/tools/ocaml/xenstored/xenstored.ml b/tools/ocaml/xenstored/xenstored.ml index 500d96753b..22413271fb 100644 --- a/tools/ocaml/xenstored/xenstored.ml +++ b/tools/ocaml/xenstored/xenstored.ml @@ -311,6 +311,11 @@ let _ = ); ); + (* required for xenstore-control to detect availability of live-update *) + Store.mkdir store Perms.Connection.full_rights (Store.Path.of_string "/tool"); + Store.write store Perms.Connection.full_rights + (Store.Path.of_string "/tool/xenstored") Sys.executable_name; + Sys.set_signal Sys.sighup (Sys.Signal_handle sighup_handler); Sys.set_signal Sys.sigterm (Sys.Signal_handle (fun _ -> info "Received SIGTERM"; @@ -483,18 +488,28 @@ let _ = in Systemd.sd_notify_ready (); + let live_update = ref false in while not (!quit && Connections.prevents_quit cons = []) do try - main_loop () + main_loop (); + live_update := Process.LiveUpdate.should_run cons; + if !live_update || !quit then begin + (* don't initiate live update if saving state fails *) + DB.to_file store cons Disk.xs_daemon_database; + quit := true; + end with exc -> - error "caught exception %s" (Printexc.to_string exc); + let bt = Printexc.get_backtrace () in + error "caught exception %s: %s" (Printexc.to_string exc) bt; if cf.reraise_top_level then raise exc done; info "stopping xenstored"; - DB.to_file store cons Disk.xs_daemon_database; - (* unlink pidfile so that launch-xenstore works again *) - Unixext.unlink_safe pidfile; - (match cf.pidfile with Some pidfile -> Unixext.unlink_safe pidfile | None -> ()); - () + (* unlink pidfile so that launch-xenstore works again *) + Unixext.unlink_safe pidfile; + (match cf.pidfile with Some pidfile -> Unixext.unlink_safe pidfile | None -> ()); + if !live_update then begin + Logging.live_update (); + Process.LiveUpdate.launch_exn !Process.LiveUpdate.state + end From patchwork Fri Jan 15 22:28:50 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= X-Patchwork-Id: 12024343 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.0 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9B551C43381 for ; Fri, 15 Jan 2021 22:59:12 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 4700D23128 for ; Fri, 15 Jan 2021 22:59:12 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 4700D23128 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=citrix.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.68784.123284 (Exim 4.92) (envelope-from ) id 1l0Y3a-0003QK-UA; Fri, 15 Jan 2021 22:59:02 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 68784.123284; Fri, 15 Jan 2021 22:59:02 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0Y3a-0003Q2-PU; Fri, 15 Jan 2021 22:59:02 +0000 Received: by outflank-mailman (input) for mailman id 68784; Fri, 15 Jan 2021 22:59:01 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0Xyb-0001Wj-20 for xen-devel@lists.xenproject.org; Fri, 15 Jan 2021 22:53:53 +0000 Received: from esa5.hc3370-68.iphmx.com (unknown [216.71.155.168]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id f837a99d-1af1-4c1c-824d-9255f0634186; Fri, 15 Jan 2021 22:52:44 +0000 (UTC) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: f837a99d-1af1-4c1c-824d-9255f0634186 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1610751164; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Ebh7/z6kphJEF6Rxb6nhmacurC8cMZYuwIblENECTxE=; b=HX1tPbTGN6I3xHzCspGXnEklPWoBBEfLzpMdFWA0fPPc/aizW3hs8KjK 8RDTLwNHHOwj0e8kFWipA2O1RI6d2dIQpeKfvEJm7YJqAOTs9dZWPj+sI 7zJYeQXXMZVK5aVWdV33JWQonM50avau3n8XUBtM2sPuiG5mmEXQP6sSg M=; Authentication-Results: esa5.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none IronPort-SDR: ibHTxdOY10XEerFTAmHhhTKCDnAU/J5U4ykkAT7G1ZY/lwi+3HCbrMkFW9GkFslX2WHb7qNtsP IfErVuBdk3msIjTdzmpgrUltAr64mWnFQDvbvgF/L6C7K1egWRQE7iDwW3RTtkcHcYeOD5LR6X cRl6RRMH5EIM0ZFdpv2X0PrKDSw214iyu1/AOMX0lDPRAEmeJk1KiwVBhBmymCBfSJQvNIuOna c26aNuz/oxLAKRYRwKBuuZJ353DuVKpyiusj1oPh3UZFOdAr5bIuvTspxEB2A7BKHueJjPTEaZ g2s= X-SBRS: 5.1 X-MesageID: 35206335 X-Ironport-Server: esa5.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.79,350,1602561600"; d="scan'208";a="35206335" From: =?utf-8?b?RWR3aW4gVMO2csO2aw==?= To: CC: Edvin Torok , Christian Lindig , David Scott , Ian Jackson , Wei Liu , =?utf-8?b?RWR3aW4gVMO2csO2aw==?= , Pau Ruiz Safont Subject: [PATCH v2 8/8] tools/ocaml/xenstored: Implement live update for socket connections Date: Fri, 15 Jan 2021 22:28:50 +0000 Message-ID: <07cb0ca9b2d48c74bc499cd92d61ac9313bbbbf0.1610748224.git.edvin.torok@citrix.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: References: MIME-Version: 1.0 From: Edvin Torok Signed-off-by: Edwin Török Reviewed-by: Pau Ruiz Safont Reviewed-by: Christian Lindig --- Changed since V1 * post publicly now that the XSA is out --- tools/ocaml/xenstored/connection.ml | 25 +++++--- tools/ocaml/xenstored/parse_arg.ml | 4 ++ tools/ocaml/xenstored/process.ml | 51 ++++++++++++----- tools/ocaml/xenstored/store.ml | 2 +- tools/ocaml/xenstored/utils.ml | 12 ++++ tools/ocaml/xenstored/xenstored.ml | 88 +++++++++++++++++++++-------- 6 files changed, 138 insertions(+), 44 deletions(-) diff --git a/tools/ocaml/xenstored/connection.ml b/tools/ocaml/xenstored/connection.ml index bd02060cd0..eb23c3af7a 100644 --- a/tools/ocaml/xenstored/connection.ml +++ b/tools/ocaml/xenstored/connection.ml @@ -281,6 +281,9 @@ let get_transaction con tid = let do_input con = Xenbus.Xb.input con.xb let has_input con = Xenbus.Xb.has_in_packet con.xb +let has_partial_input con = match con.xb.Xenbus.Xb.partial_in with + | HaveHdr _ -> true + | NoHdr (n, _) -> n < Xenbus.Partial.header_size () let pop_in con = Xenbus.Xb.get_in_packet con.xb let has_more_input con = Xenbus.Xb.has_more_input con.xb @@ -309,12 +312,13 @@ let is_bad con = match con.dom with None -> false | Some dom -> Domain.is_bad_do Restrictions below can be relaxed once xenstored learns to dump more of its live state in a safe way *) let has_extra_connection_data con = - let has_in = has_input con in + let has_in = has_input con || has_partial_input con in let has_out = has_output con in let has_socket = con.dom = None in let has_nondefault_perms = make_perm con.dom <> con.perm in has_in || has_out - || has_socket (* dom0 sockets not dumped yet *) + (* TODO: what about SIGTERM, should use systemd to store FDS + || has_socket (* dom0 sockets not * dumped yet *) *) || has_nondefault_perms (* set_target not dumped yet *) let has_transaction_data con = @@ -337,16 +341,21 @@ let stats con = Hashtbl.length con.watches, con.stat_nb_ops let dump con chan = - match con.dom with + let id = match con.dom with | Some dom -> let domid = Domain.get_id dom in (* dump domain *) Domain.dump dom chan; - (* dump watches *) - List.iter (fun (path, token) -> - Printf.fprintf chan "watch,%d,%s,%s\n" domid (Utils.hexify path) (Utils.hexify token) - ) (list_watches con); - | None -> () + domid + | None -> + let fd = con |> get_fd |> Utils.FD.to_int in + Printf.fprintf chan "socket,%d\n" fd; + -fd + in + (* dump watches *) + List.iter (fun (path, token) -> + Printf.fprintf chan "watch,%d,%s,%s\n" id (Utils.hexify path) (Utils.hexify token) + ) (list_watches con) let debug con = let domid = get_domstr con in diff --git a/tools/ocaml/xenstored/parse_arg.ml b/tools/ocaml/xenstored/parse_arg.ml index 2c4b5a8528..7c0478e76a 100644 --- a/tools/ocaml/xenstored/parse_arg.ml +++ b/tools/ocaml/xenstored/parse_arg.ml @@ -24,6 +24,7 @@ type config = pidfile: string option; (* old xenstored compatibility *) tracefile: string option; (* old xenstored compatibility *) restart: bool; + live_reload: bool; disable_socket: bool; } @@ -35,6 +36,7 @@ let do_argv = and reraise_top_level = ref false and config_file = ref "" and restart = ref false + and live_reload = ref false and disable_socket = ref false in @@ -52,6 +54,7 @@ let do_argv = ("--pid-file", Arg.Set_string pidfile, ""); (* for compatibility *) ("-T", Arg.Set_string tracefile, ""); (* for compatibility *) ("--restart", Arg.Set restart, "Read database on starting"); + ("--live", Arg.Set live_reload, "Read live dump on startup"); ("--disable-socket", Arg.Unit (fun () -> disable_socket := true), "Disable socket"); ] in let usage_msg = "usage : xenstored [--config-file ] [--no-domain-init] [--help] [--no-fork] [--reraise-top-level] [--restart] [--disable-socket]" in @@ -65,5 +68,6 @@ let do_argv = pidfile = if !pidfile <> "" then Some !pidfile else None; tracefile = if !tracefile <> "" then Some !tracefile else None; restart = !restart; + live_reload = !live_reload; disable_socket = !disable_socket; } diff --git a/tools/ocaml/xenstored/process.ml b/tools/ocaml/xenstored/process.ml index 3174d8ede5..dd50456ad5 100644 --- a/tools/ocaml/xenstored/process.ml +++ b/tools/ocaml/xenstored/process.ml @@ -91,19 +91,24 @@ type t = ; cmdline: string list ; deadline: float ; force: bool + ; result: string list ; pending: bool } let state = ref { binary= Sys.executable_name - ; cmdline= [] + ; cmdline= (Sys.argv |> Array.to_list |> List.tl) ; deadline= 0. ; force= false + ; result = [] ; pending= false } let debug = Printf.eprintf -let args_of_t t = (t.binary, "--restart" :: t.cmdline) +let forced_args = ["--live"; "--restart"] +let args_of_t t = + let filtered = List.filter (fun x -> not @@ List.mem x forced_args) t.cmdline in + (t.binary, forced_args @ filtered) let string_of_t t = let executable, rest = args_of_t t in @@ -117,12 +122,12 @@ let launch_exn t = let validate_exn t = (* --help must be last to check validity of earlier arguments *) - let t = {t with cmdline= t.cmdline @ ["--help"]} in - let cmd = string_of_t t in + let t' = {t with cmdline= t.cmdline @ ["--help"]} in + let cmd = string_of_t t' in debug "Executing %s" cmd ; match Unix.fork () with | 0 -> - ( try launch_exn t with _ -> exit 2 ) + ( try launch_exn t' with _ -> exit 2 ) | pid -> ( match Unix.waitpid [] pid with | _, Unix.WEXITED 0 -> @@ -146,10 +151,14 @@ let parse_live_update args = validate_exn {!state with binary= file} | ["-a"] -> debug "Live update aborted" ; - {!state with pending= false} + {!state with pending= false; result = []} | "-c" :: cmdline -> - validate_exn {!state with cmdline} + validate_exn {!state with cmdline = !state.cmdline @ cmdline} | "-s" :: _ -> + (match !state.pending, !state.result with + | true, _ -> !state (* no change to state, avoid resetting timeout *) + | false, _ :: _ -> !state (* we got a pending result to deliver *) + | false, [] -> let timeout = ref 60 in let force = ref false in Arg.parse_argv ~current:(ref 0) (Array.of_list args) @@ -165,10 +174,16 @@ let parse_live_update args = "live-update -s" ; debug "Live update process queued" ; {!state with deadline = Unix.gettimeofday () +. float !timeout - ; force= !force; pending= true} + ; force= !force; pending= true}) | _ -> invalid_arg ("Unknown arguments: " ^ String.concat "," args)) ; - None + match !state.pending, !state.result with + | true, _ -> Some "BUSY" + | false, (_ :: _ as result) -> + (* xenstore-control has read the result, clear it *) + state := { !state with result = [] }; + Some (String.concat "\n" result) + | false, [] -> None with | Arg.Bad s | Arg.Help s | Invalid_argument s -> Some s @@ -182,17 +197,27 @@ let parse_live_update args = | [] -> true | _ when Unix.gettimeofday () < t.deadline -> false | l -> - info "Live update timeout reached: %d active connections" (List.length l); - List.iter (fun con -> warn "%s prevents live update" (Connection.get_domstr con)) l; + warn "timeout reached: have to wait, migrate or shutdown %d domains:" (List.length l); + let msgs = List.rev_map (fun con -> Printf.sprintf "%s: %d tx, in: %b, out: %b, perm: %s" + (Connection.get_domstr con) + (Connection.number_of_transactions con) + (Connection.has_input con) + (Connection.has_output con) + (Connection.get_perm con |> Perms.Connection.to_string) + ) l in + List.iter (warn "Live-update: %s") msgs; if t.force then begin warn "Live update forced, some domain connections may break!"; true end else begin - warn "Live update aborted, try migrating or shutting down the domains/toolstack"; - state := { t with pending = false }; + warn "Live update aborted (see above for domains preventing it)"; + state := { t with pending = false; result = msgs}; false end end else false + + let completed () = + state := { !state with result = ["OK"] } end (* packets *) diff --git a/tools/ocaml/xenstored/store.ml b/tools/ocaml/xenstored/store.ml index e20767372f..a3be2e6bbe 100644 --- a/tools/ocaml/xenstored/store.ml +++ b/tools/ocaml/xenstored/store.ml @@ -366,7 +366,7 @@ let traversal root_node f = let rec _traversal path node = f path node; let node_path = Path.of_path_and_name path (Symbol.to_string node.Node.name) in - List.iter (_traversal node_path) node.Node.children + List.iter (_traversal node_path) (List.rev node.Node.children) in _traversal [] root_node diff --git a/tools/ocaml/xenstored/utils.ml b/tools/ocaml/xenstored/utils.ml index eb79bf0146..6c1603c276 100644 --- a/tools/ocaml/xenstored/utils.ml +++ b/tools/ocaml/xenstored/utils.ml @@ -115,3 +115,15 @@ let path_validate path connection_path = if len > !Define.path_max then raise Define.Invalid_path; abs_path + +module FD : sig + type t = Unix.file_descr + val of_int: int -> t + val to_int : t -> int +end = struct + type t = Unix.file_descr + (* This is like Obj.magic but just for these types, + and relies on Unix.file_descr = int *) + external to_int : t -> int = "%identity" + external of_int : int -> t = "%identity" +end diff --git a/tools/ocaml/xenstored/xenstored.ml b/tools/ocaml/xenstored/xenstored.ml index 22413271fb..5893af2caa 100644 --- a/tools/ocaml/xenstored/xenstored.ml +++ b/tools/ocaml/xenstored/xenstored.ml @@ -141,9 +141,12 @@ exception Bad_format of string let dump_format_header = "$xenstored-dump-format" -let from_channel_f chan domain_f watch_f store_f = +let from_channel_f chan global_f socket_f domain_f watch_f store_f = let unhexify s = Utils.unhexify s in - let getpath s = Store.Path.of_string (Utils.unhexify s) in + let getpath s = + let u = Utils.unhexify s in + debug "Path: %s" u; + Store.Path.of_string u in let header = input_line chan in if header <> dump_format_header then raise (Bad_format "header"); @@ -155,6 +158,12 @@ let from_channel_f chan domain_f watch_f store_f = let l = String.split ',' line in try match l with + | "global" :: rw :: _ -> + (* there might be more parameters here, + e.g. a RO socket from a previous version: ignore it *) + global_f ~rw + | "socket" :: fd :: [] -> + socket_f ~fd:(int_of_string fd) | "dom" :: domid :: mfn :: port :: []-> domain_f (int_of_string domid) (Nativeint.of_string mfn) @@ -175,12 +184,28 @@ let from_channel_f chan domain_f watch_f store_f = with End_of_file -> quit := true done; - () + info "Completed loading xenstore dump" let from_channel store cons doms chan = (* don't let the permission get on our way, full perm ! *) let op = Store.get_ops store Perms.Connection.full_rights in - + let rwro = ref (None) in + let global_f ~rw = + let get_listen_sock sockfd = + let fd = sockfd |> int_of_string |> Utils.FD.of_int in + Unix.listen fd 1; + Some fd + in + rwro := get_listen_sock rw + in + let socket_f ~fd = + let ufd = Utils.FD.of_int fd in + let is_valid = try (Unix.fstat ufd).Unix.st_kind = Unix.S_SOCK with _ -> false in + if is_valid then + Connections.add_anonymous cons ufd + else + warn "Ignoring invalid socket FD %d" fd + in let domain_f domid mfn port = let ndom = if domid > 0 then @@ -190,28 +215,38 @@ let from_channel store cons doms chan = in Connections.add_domain cons ndom; in - let watch_f domid path token = - let con = Connections.find_domain cons domid in - ignore (Connections.add_watch cons con path token) + let get_con id = + if id < 0 then Connections.find cons (Utils.FD.of_int (-id)) + else Connections.find_domain cons id + in + let watch_f id path token = + ignore (Connections.add_watch cons (get_con id) path token) in let store_f path perms value = op.Store.write path value; op.Store.setperms path perms in - from_channel_f chan domain_f watch_f store_f + from_channel_f chan global_f socket_f domain_f watch_f store_f; + !rwro let from_file store cons doms file = + info "Loading xenstore dump from %s" file; let channel = open_in file in finally (fun () -> from_channel store doms cons channel) (fun () -> close_in channel) -let to_channel store cons chan = +let to_channel store cons rw chan = let hexify s = Utils.hexify s in fprintf chan "%s\n" dump_format_header; + let fdopt = function None -> -1 | Some fd -> + (* systemd and utils.ml sets it close on exec *) + Unix.clear_close_on_exec fd; + Utils.FD.to_int fd in + fprintf chan "global,%d\n" (fdopt rw); - (* dump connections related to domains; domid, mfn, eventchn port, watches *) - Connections.iter_domains cons (fun con -> Connection.dump con chan); + (* dump connections related to domains: domid, mfn, eventchn port/ sockets, and watches *) + Connections.iter cons (fun con -> Connection.dump con chan); (* dump the store *) Store.dump_fct store (fun path node -> @@ -224,9 +259,9 @@ let to_channel store cons chan = () -let to_file store cons file = +let to_file store cons fds file = let channel = open_out_gen [ Open_wronly; Open_creat; Open_trunc; ] 0o600 file in - finally (fun () -> to_channel store cons channel) + finally (fun () -> to_channel store cons fds channel) (fun () -> close_out channel) end @@ -246,13 +281,13 @@ let _ = ); let rw_sock = - if cf.disable_socket then + if cf.disable_socket || cf.live_reload then None else Some (Unix.handle_unix_error Utils.create_unix_socket Define.xs_daemon_socket) in - if cf.daemonize then + if cf.daemonize && not cf.live_reload then Unixext.daemonize () else printf "Xen Storage Daemon, version %d.%d\n%!" @@ -292,10 +327,15 @@ let _ = List.iter (fun path -> Store.write store Perms.Connection.full_rights path "") Store.Path.specials; + let rw_sock = if cf.restart && Sys.file_exists Disk.xs_daemon_database then ( - DB.from_file store domains cons Disk.xs_daemon_database; - Event.bind_dom_exc_virq eventchn - ) else ( + let rwro = DB.from_file store domains cons Disk.xs_daemon_database in + info "Live reload: database loaded"; + Event.bind_dom_exc_virq eventchn; + Process.LiveUpdate.completed (); + rwro + ) else ( + info "No live reload: regular startup"; if !Disk.enable then ( info "reading store from disk"; Disk.read store @@ -309,10 +349,13 @@ let _ = Connections.add_domain cons (Domains.create0 domains); Event.bind_dom_exc_virq eventchn ); - ); + rw_sock + ) in (* required for xenstore-control to detect availability of live-update *) - Store.mkdir store Perms.Connection.full_rights (Store.Path.of_string "/tool"); + let toolpath = Store.Path.of_string "/tool" in + if not (Store.path_exists store toolpath) then + Store.mkdir store Perms.Connection.full_rights toolpath; Store.write store Perms.Connection.full_rights (Store.Path.of_string "/tool/xenstored") Sys.executable_name; @@ -324,7 +367,7 @@ let _ = Sys.set_signal Sys.sigpipe Sys.Signal_ignore; if cf.activate_access_log then begin - let post_rotate () = DB.to_file store cons Disk.xs_daemon_database in + let post_rotate () = DB.to_file store cons (None) Disk.xs_daemon_database in Logging.init_access_log post_rotate end; @@ -367,6 +410,7 @@ let _ = let ring_scan_checker dom = (* no need to scan domains already marked as for processing *) if not (Domain.get_io_credit dom > 0) then + debug "Looking up domid %d" (Domain.get_id dom); let con = Connections.find_domain cons (Domain.get_id dom) in if not (Connection.has_more_work con) then ( Process.do_output store cons domains con; @@ -496,7 +540,7 @@ let _ = live_update := Process.LiveUpdate.should_run cons; if !live_update || !quit then begin (* don't initiate live update if saving state fails *) - DB.to_file store cons Disk.xs_daemon_database; + DB.to_file store cons (rw_sock) Disk.xs_daemon_database; quit := true; end with exc ->