From patchwork Fri Jan 31 15:01:47 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paul Durrant X-Patchwork-Id: 11360045 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0B1C1924 for ; Fri, 31 Jan 2020 15:03:39 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id D069A20705 for ; Fri, 31 Jan 2020 15:03:38 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=amazon.com header.i=@amazon.com header.b="cWerZbqb" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D069A20705 Authentication-Results: mail.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=amazon.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1ixXoN-00064X-UQ; Fri, 31 Jan 2020 15:02:23 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1ixXoM-000640-Ro for xen-devel@lists.xenproject.org; Fri, 31 Jan 2020 15:02:22 +0000 X-Inumbo-ID: ada1d318-443a-11ea-8396-bc764e2007e4 Received: from smtp-fw-2101.amazon.com (unknown [72.21.196.25]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id ada1d318-443a-11ea-8396-bc764e2007e4; Fri, 31 Jan 2020 15:02:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1580482940; x=1612018940; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=NnqEJdX+5fN98456TNyF2mXr5DWTlFw0snz0JqrtQg0=; b=cWerZbqbnSrjN7tAE+s91ddGyuUVq7+rcykukoOf2GqUC5fwLOsoWP5s 0oDSwtUsSqSiFzUIrpJpukSgQfRGIqrdpBtGku96D+9qVPfChIPSPdSoW jCJNB+fqJPYG+4iCjQ0GBzXldtIRnLEfJn4WE8WhqrZSClYDfj3z6pyOV M=; IronPort-SDR: 2ZT2d3DLV1TpJtWotJkJXe1HB4oaPmHJGAgsJMuBDWsQmZLbP96X37ATX4BDUw/KH233zZ+JUM IspyZTiF5i5w== X-IronPort-AV: E=Sophos;i="5.70,386,1574121600"; d="scan'208";a="15104677" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-2b-81e76b79.us-west-2.amazon.com) ([10.43.8.2]) by smtp-border-fw-out-2101.iad2.amazon.com with ESMTP; 31 Jan 2020 15:02:19 +0000 Received: from EX13MTAUEA002.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan3.pdx.amazon.com [10.170.41.166]) by email-inbound-relay-2b-81e76b79.us-west-2.amazon.com (Postfix) with ESMTPS id D98D3A18DA; Fri, 31 Jan 2020 15:02:17 +0000 (UTC) Received: from EX13D32EUC003.ant.amazon.com (10.43.164.24) by EX13MTAUEA002.ant.amazon.com (10.43.61.77) with Microsoft SMTP Server (TLS) id 15.0.1236.3; Fri, 31 Jan 2020 15:02:02 +0000 Received: from EX13MTAUEE002.ant.amazon.com (10.43.62.24) by EX13D32EUC003.ant.amazon.com (10.43.164.24) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Fri, 31 Jan 2020 15:02:01 +0000 Received: from u2f063a87eabd5f.cbg10.amazon.com (10.125.106.135) by mail-relay.amazon.com (10.43.62.224) with Microsoft SMTP Server id 15.0.1367.3 via Frontend Transport; Fri, 31 Jan 2020 15:01:59 +0000 From: Paul Durrant To: Date: Fri, 31 Jan 2020 15:01:47 +0000 Message-ID: <20200131150149.2008-6-pdurrant@amazon.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200131150149.2008-1-pdurrant@amazon.com> References: <20200131150149.2008-1-pdurrant@amazon.com> MIME-Version: 1.0 Precedence: Bulk Subject: [Xen-devel] [PATCH v5 5/7] libxl: allow creation of domains with a specified or random domid X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Stefano Stabellini , Julien Grall , Wei Liu , Konrad Rzeszutek Wilk , George Dunlap , Andrew Cooper , Paul Durrant , Jason Andryuk , Ian Jackson , Anthony PERARD Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" This patch adds a 'domid' field to libxl_domain_create_info and then modifies libxl__domain_make() to have Xen use that value if it is valid. If the domid value is invalid then Xen will choose the domid, as before, unless the value is the new special RANDOM_DOMID value added to the API. This value instructs libxl__domain_make() to choose a random domid value for Xen to use. If Xen determines that a domid specified to or chosen by libxl__domain_make() co-incides with an existing domain then the create operation will fail. In this case, if RANDOM_DOMID was specified to libxl__domain_make() then a new random value will be chosen and the create operation will be re-tried, otherwise libxl__domain_make() will fail. After Xen has successfully created a new domain, libxl__domain_make() will check whether its domid matches any recently used domid values. If it does then the domain will be destroyed. If the domid used in creation was specified to libxl__domain_make() then it will fail at this point, otherwise the create operation will be re-tried with either a new random or Xen-selected domid value. NOTE: libxl__logv() is also modified to only log valid domid values in messages rather than any domid, valid or otherwise, that is not INVALID_DOMID. Signed-off-by: Paul Durrant Reviewed-by: Jason Andryuk --- Cc: Ian Jackson Cc: Wei Liu Cc: Anthony PERARD Cc: Andrew Cooper Cc: George Dunlap Cc: Jan Beulich Cc: Julien Grall Cc: Konrad Rzeszutek Wilk Cc: Stefano Stabellini Cc: Jason Andryuk v5: - Flattened nested loops v4: - Not added Jason's R-b because of substantial change - Check for recent domid *after* creation - Re-worked commit comment v3: - Added DOMID_MASK definition used to mask randomized values - Use stack variable to avoid assuming endianness v2: - Re-worked to use a value from libxl_domain_create_info --- tools/libxl/libxl.h | 9 +++++ tools/libxl/libxl_create.c | 67 ++++++++++++++++++++++++++++++++---- tools/libxl/libxl_internal.c | 2 +- tools/libxl/libxl_types.idl | 1 + xen/include/public/xen.h | 3 ++ 5 files changed, 74 insertions(+), 8 deletions(-) diff --git a/tools/libxl/libxl.h b/tools/libxl/libxl.h index 1d235ecb1c..31c6f4b11a 100644 --- a/tools/libxl/libxl.h +++ b/tools/libxl/libxl.h @@ -1268,6 +1268,14 @@ void libxl_mac_copy(libxl_ctx *ctx, libxl_mac *dst, const libxl_mac *src); */ #define LIBXL_HAVE_DOMAIN_NEED_MEMORY_CONFIG +/* + * LIBXL_HAVE_CREATEINFO_DOMID + * + * libxl_domain_create_new() and libxl_domain_create_restore() will use + * a domid specified in libxl_domain_create_info(). + */ +#define LIBXL_HAVE_CREATEINFO_DOMID + typedef char **libxl_string_list; void libxl_string_list_dispose(libxl_string_list *sl); int libxl_string_list_length(const libxl_string_list *sl); @@ -1528,6 +1536,7 @@ int libxl_ctx_free(libxl_ctx *ctx /* 0 is OK */); /* domain related functions */ #define INVALID_DOMID ~0 +#define RANDOM_DOMID (INVALID_DOMID - 1) /* If the result is ERROR_ABORTED, the domain may or may not exist * (in a half-created state). *domid will be valid and will be the diff --git a/tools/libxl/libxl_create.c b/tools/libxl/libxl_create.c index 3a7364e2ac..7fd4d713e7 100644 --- a/tools/libxl/libxl_create.c +++ b/tools/libxl/libxl_create.c @@ -555,8 +555,6 @@ int libxl__domain_make(libxl__gc *gc, libxl_domain_config *d_config, libxl_domain_create_info *info = &d_config->c_info; libxl_domain_build_info *b_info = &d_config->b_info; - assert(soft_reset || *domid == INVALID_DOMID); - uuid_string = libxl__uuid2string(gc, info->uuid); if (!uuid_string) { rc = ERROR_NOMEM; @@ -600,11 +598,66 @@ int libxl__domain_make(libxl__gc *gc, libxl_domain_config *d_config, goto out; } - ret = xc_domain_create(ctx->xch, domid, &create); - if (ret < 0) { - LOGED(ERROR, *domid, "domain creation fail"); - rc = ERROR_FAIL; - goto out; + for (;;) { + bool recent; + + if (info->domid == RANDOM_DOMID) { + uint16_t v; + + ret = libxl__random_bytes(gc, (void *)&v, sizeof(v)); + if (ret < 0) + break; + + v &= DOMID_MASK; + if (!libxl_domid_valid_guest(v)) + continue; + + *domid = v; + } else + *domid = info->domid; + + ret = xc_domain_create(ctx->xch, domid, &create); + if (ret < 0) { + /* + * If we generated a random domid and creation failed + * because that domid already exists then simply try + * again. + */ + if (errno == EEXIST && info->domid == RANDOM_DOMID) + continue; + + LOGED(ERROR, *domid, "domain creation fail"); + *domid = INVALID_DOMID; + rc = ERROR_FAIL; + goto out; + } + + rc = libxl__is_domid_recent(gc, *domid, &recent); + if (rc) + goto out; + + /* The domid is not recent, so we're done */ + if (!recent) + break; + + /* + * If the domid was specified then there's no point in + * trying again. + */ + if (libxl_domid_valid_guest(info->domid)) { + LOGED(ERROR, *domid, "domain id recently used"); + rc = ERROR_FAIL; + goto out; + } + + /* Try to destroy the domain again as we can't use it */ + ret = xc_domain_destroy(ctx->xch, *domid); + if (ret < 0) { + LOGED(ERROR, *domid, "domain destroy fail"); + *domid = INVALID_DOMID; + rc = ERROR_FAIL; + goto out; + } } rc = libxl__arch_domain_save_config(gc, d_config, state, &create); diff --git a/tools/libxl/libxl_internal.c b/tools/libxl/libxl_internal.c index bbd4c6cba9..d93a75533f 100644 --- a/tools/libxl/libxl_internal.c +++ b/tools/libxl/libxl_internal.c @@ -234,7 +234,7 @@ void libxl__logv(libxl_ctx *ctx, xentoollog_level msglevel, int errnoval, fileline[sizeof(fileline)-1] = 0; domain[0] = 0; - if (domid != INVALID_DOMID) + if (libxl_domid_valid_guest(domid)) snprintf(domain, sizeof(domain), "Domain %"PRIu32":", domid); x: xtl_log(ctx->lg, msglevel, errnoval, "libxl", diff --git a/tools/libxl/libxl_types.idl b/tools/libxl/libxl_types.idl index 7921950f6a..d0d431614f 100644 --- a/tools/libxl/libxl_types.idl +++ b/tools/libxl/libxl_types.idl @@ -409,6 +409,7 @@ libxl_domain_create_info = Struct("domain_create_info",[ ("ssidref", uint32), ("ssid_label", string), ("name", string), + ("domid", libxl_domid), ("uuid", libxl_uuid), ("xsdata", libxl_key_value_list), ("platformdata", libxl_key_value_list), diff --git a/xen/include/public/xen.h b/xen/include/public/xen.h index d2198dffad..75b1619d0d 100644 --- a/xen/include/public/xen.h +++ b/xen/include/public/xen.h @@ -614,6 +614,9 @@ DEFINE_XEN_GUEST_HANDLE(mmuext_op_t); /* Idle domain. */ #define DOMID_IDLE xen_mk_uint(0x7FFF) +/* Mask for valid domain id values */ +#define DOMID_MASK xen_mk_uint(0x7FFF) + #ifndef __ASSEMBLY__ typedef uint16_t domid_t;