On 06.03.25 23:03, Jason Andryuk wrote:
> With split hardware and control domains, each domain should be
> privileged with respect to xenstore. When adding domains to xenstore,
> look at their privilege and add them to xenstored as appropriate.
> dom0_domid is used for the hardware domain, and priv_domid is used for a
> control domain.
>
> Only one of each is allowed for now.
>
> Signed-off-by: Jason Andryuk <jason.andryuk@amd.com>
> ---
> tools/xenstored/domain.c | 16 ++++++++++++++++
> 1 file changed, 16 insertions(+)
>
> diff --git a/tools/xenstored/domain.c b/tools/xenstored/domain.c
> index 64c8fd0cc3..f2394cd6e9 100644
> --- a/tools/xenstored/domain.c
> +++ b/tools/xenstored/domain.c
> @@ -795,6 +795,20 @@ static struct domain *find_or_alloc_existing_domain(unsigned int domid)
> return domain;
> }
>
> +static void domain_set_privileged(struct domain *domain)
> +{
> + xc_domaininfo_t dominfo;
> +
> + if ( !get_domain_info(domain->domid, &dominfo) )
> + return;
> +
> + if ( dominfo.flags & XEN_DOMINF_priv )
> + priv_domid = domain->domid;
> +
> + if ( dominfo.flags & XEN_DOMINF_hardware )
> + dom0_domid = domain->domid;
> +}
Please no use of libxenctrl. I have worked hard to eliminate the usage
in order to enable a xenstore-stubdom being used across Xen versions
(C Xenstore is relying on stable hypercalls only now).
You need to add the needed flags to the rather new stable domctl
XEN_DOMCTL_get_domain_state and to libxenmanage.
> +
> static int new_domain(struct domain *domain, int port, bool restore)
> {
> int rc;
> @@ -831,6 +845,8 @@ static int new_domain(struct domain *domain, int port, bool restore)
> domain->conn->domain = domain;
> domain->conn->id = domain->domid;
>
> + domain_set_privileged(domain);
The name implies you are changing the domain to be privileged, but this
is done conditionally only.
Maybe name the function domain_apply_privileges()?
Juergen