Currently, only liveupdate request can be delayed. The request can only
be performed by a privileged connection (e.g. dom0). So it is fine to
have no limits.
In a follow-up patch we will want to delay request for unprivileged
connection as well. So it is best to apply a limit.
For now and for simplicity, only a single request can be delayed
for a given unprivileged connection.
Take the opportunity to tweak the prototype and provide a way to
bypass the quota check. This would be useful when the function
is called from the restore code.
Signed-off-by: Julien Grall <jgrall@amazon.com>
Reviewed-by: Luca Fancellu <luca.fancellu@arm.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
lu_status->timeout = to;
lu_status->started_at = time(NULL);
- errno = delay_request(conn, conn->in, do_lu_start, NULL);
+ errno = delay_request(conn, conn->in, do_lu_start, NULL, false);
return NULL;
}
}
int delay_request(struct connection *conn, struct buffered_data *in,
- bool (*func)(struct delayed_request *), void *data)
+ bool (*func)(struct delayed_request *), void *data,
+ bool no_quota_check)
{
struct delayed_request *req;
+ /*
+ * Only allow one request can be delayed for an unprivileged
+ * connection.
+ */
+ if (!no_quota_check && domain_is_unprivileged(conn) &&
+ !list_empty(&conn->delayed))
+ return ENOSPC;
+
req = talloc(in, struct delayed_request);
if (!req)
return ENOMEM;
/* Delay a request. */
int delay_request(struct connection *conn, struct buffered_data *in,
- bool (*func)(struct delayed_request *), void *data);
+ bool (*func)(struct delayed_request *), void *data,
+ bool no_quota_check);
/* Tracing infrastructure. */
void trace_create(const void *data, const char *type);
projects / xen.git / commitdiff