dgit.raspbian.org Git - xen.git/commit

author	Julien Grall <jgrall@amazon.com>
	Wed, 20 Oct 2021 14:45:19 +0000 (14:45 +0000)
committer	Ian Jackson <iwj@xenproject.org>
	Thu, 21 Oct 2021 10:52:12 +0000 (11:52 +0100)
commit	98f60e5de00baf650c574c9352bb19aedb082dea
tree	0eb8c87cd118d1ae263045b4340155e8ff1eb47f	tree \| snapshot
parent	118da371d1ff5d8432fa299544b1ea5e7e3710f0	commit \| diff

tools/xenstored: Ignore domain we were unable to restore

Commit 939775cfd3 "handle dying domains in live update" was meant to
handle gracefully dying domain. However, the @releaseDomain watch
will end up to be sent as soon as we finished to restore Xenstored
state.

This may be before Xen reports the domain to be dying (such as if
the guest decided to revoke access to the xenstore page). Consequently
daemon like xenconsoled will not clean-up the domain and it will be
left as a zombie.

To avoid the problem, mark the connection as ignored. This also
requires to tweak conn_can_write() and conn_can_read() to prevent
dereferencing a NULL pointer (the interface will not mapped).

The check conn->is_ignored was originally added after the callbacks
because the helpers for a socket connection may close the fd. However,
ignore_connection() will close a socket connection directly. So it is
fine to do the re-order.

Signed-off-by: Julien Grall <jgrall@amazon.com>
Release-Acked-by: Ian Jackson <iwj@xenproject.org>
Reviewed-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Luca Fancellu <luca.fancellu@arm.com>

tools/xenstore/xenstored_core.c		diff \| blob \| history
tools/xenstore/xenstored_core.h		diff \| blob \| history
tools/xenstore/xenstored_domain.c		diff \| blob \| history