[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH RFC 0/5] Grant table for console, xenstore pages

To: xen-devel@xxxxxxxxxxxxxxxxxxx
From: Diego Ongaro <diego.ongaro@xxxxxxxxxx>
Date: Fri, 11 Jul 2008 20:12:30 +0100
Delivery-date: Fri, 11 Jul 2008 12:12:34 -0700
List-id: Xen developer discussion <xen-devel.lists.xensource.com>

I'm working on moving xenstored into a dedicated, unprivileged domain.
This is the first set of patches I'm sending out towards that goal. I
understand there is currently a freeze, so I'm just looking for feedback
at this point.

Each domU shares one of its pages with the xenstore daemon from its
creation. The domain builder writes the mfn for this page in the domU's
start info page. Then it sends the xenstore daemon an "introduce"
command, giving it the new domU's domid, this mfn to map, and an unbound
port in the domU to bind.

However, if the xenstore daemon resides in an unprivileged domain, it is
not permitted to map an arbitrary mfn. Instead, it could use the
existing grant table mechanism. In fact, the first 8 grant table entries
for each domU are reserved for cases like this. (DomU's don't use the
first 8 entries.)

Because the console and the xenstore mechanisms are so similar, these
patches include analogous changes for console support as well.

The first patch claims one grant entry for the console and another for
the xenstore. It modifies the builder to fill in the grant table entries
for the console and the xenstore. At this stage, the grant entries just
give access to domain 0 (addressed in a later patch).

The next two patches modify the xenstore daemon and the console daemon,
respectively, to use xc_gnttab_map_grant_ref instead of
xc_map_foreign_range.

The final two patches implement a way to determine in which domains the
console and xenstore daemons reside. If each of the files
/var/run/{console,xenstore}.did contains an integer, this integer is
interpreted as the domain id for that daemon. The default or fallback is
domid=0, of course. In patch 4, libxc is modified to use this mechanism
for the grant table entries. In patch 5, xend is modified to use this
mechanism for the allocated unbound ports.

To get the discussion going, what should be done about xenstore's
/local/domain/#/device/{console,store}/ring-ref ? I don't think they're
necessary anymore, but I've made no effort to remove them.

Thanks,
Diego Ongaro

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH RFC 0/5] Grant table for console, xenstore pages
  - From: Derek Murray
- [Xen-devel] [PATCH RFC 5/5] Grant table for console, xenstore pages
  - From: Diego Ongaro
- [Xen-devel] [PATCH RFC 4/5] Grant table for console, xenstore pages
  - From: Diego Ongaro
- [Xen-devel] [PATCH RFC 3/5] Grant table for console, xenstore pages
  - From: Diego Ongaro
- [Xen-devel] [PATCH RFC 2/5] Grant table for console, xenstore pages
  - From: Diego Ongaro
- [Xen-devel] [PATCH RFC 1/5] Grant table for console, xenstore pages
  - From: Diego Ongaro

Prev by Date: Re: [Xen-devel] Floating Point Exception
Next by Date: [Xen-devel] [PATCH RFC 1/5] Grant table for console, xenstore pages
Previous by thread: [Xen-devel] [PATCH][TOOLS] blktap: cleanup take 2
Next by thread: [Xen-devel] [PATCH RFC 1/5] Grant table for console, xenstore pages
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.