From 957bd8e7e302f1a0d31c95fc9910429f10a04d54 Mon Sep 17 00:00:00 2001
From: Juergen Gross <jgross@suse.com>
Date: Fri, 31 Jan 2020 15:25:57 +0100
Subject: [PATCH] tools/xenstore: don't apply write limiting for privileged
 domain

Xenstore write limiting should not be applied to dom0. Unfortunately
write limiting is disabled only for connections via sockets. When
running in a stubdom Xenstore will apply write limiting to dom0, too.
Change that by testing for the domain to be privileged as well.

Signed-off-by: Juergen Gross <jgross@suse.com>
Acked-by: Wei Liu <wl@xen.org>
---
 tools/xenstore/xenstored_domain.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tools/xenstore/xenstored_domain.c b/tools/xenstore/xenstored_domain.c
index 1a83097952..baddaba5df 100644
--- a/tools/xenstore/xenstored_domain.c
+++ b/tools/xenstore/xenstored_domain.c
@@ -918,8 +918,8 @@ void wrl_apply_debit_actual(struct domain *domain)
 {
 	struct wrl_timestampt now;
 
-	if (!domain)
-		/* sockets escape the write rate limit */
+	if (!domain || !domid_is_unprivileged(domain->domid))
+		/* sockets and privileged domain escape the write rate limit */
 		return;
 
 	wrl_gettime_now(&now);
-- 
2.30.2