From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ian Campbell <Ian.Campbell@citrix.com>
Subject: Re: [PATCH v2 09/18] libxl: disallow attaching the same
 device more than once
Date: Wed, 3 Sep 2014 12:52:40 +0100
Message-ID: <1409745160.20794.4.camel@citrix.com>
References: <1406744639-28782-1-git-send-email-wei.liu2@citrix.com>
	<1406744639-28782-10-git-send-email-wei.liu2@citrix.com>
	<1409104110.28009.68.camel@citrix.com>
	<20140828105524.GH13165@zion.uk.xensource.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <20140828105524.GH13165@zion.uk.xensource.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Wei Liu <wei.liu2@citrix.com>
Cc: ian.jackson@eu.citrix.com, xen-devel@lists.xen.org
List-Id: xen-devel@lists.xenproject.org

On Thu, 2014-08-28 at 11:55 +0100, Wei Liu wrote:
> On Wed, Aug 27, 2014 at 02:48:30AM +0100, Ian Campbell wrote:
> > On Wed, 2014-07-30 at 19:23 +0100, Wei Liu wrote:
> > > Originally the code allowed users to attach the same device more than
> > > once. It just stupidly overwrites xenstore entries. This is bogus as
> > > frontend will be very confused.
> > > 
> > > Introduce a helper function to check if the device to be written to
> > > xenstore already exists. A new error code is also introduced.
> > > 
> > > Signed-off-by: Wei Liu <wei.liu2@citrix.com>
> > > ---
> > >  tools/libxl/libxl.c          |   50 ++++++++++++++++++++++++++++++++++++++++++
> > >  tools/libxl/libxl_device.c   |   19 ++++++++++++++++
> > >  tools/libxl/libxl_internal.h |    3 +++
> > >  tools/libxl/libxl_pci.c      |   12 ++++++++++
> > >  tools/libxl/libxl_types.idl  |    1 +
> > >  5 files changed, 85 insertions(+)
> > > 
> > > diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c
> > > index 01dffa0..e6fe238 100644
> > > --- a/tools/libxl/libxl.c
> > > +++ b/tools/libxl/libxl.c
> > > @@ -1906,6 +1906,15 @@ void libxl__device_vtpm_add(libxl__egc *egc, uint32_t domid,
> > >      rc = libxl__device_from_vtpm(gc, domid, vtpm, device);
> > >      if ( rc != 0 ) goto out;
> > >  
> > > +    rc = libxl__device_exists(gc, XBT_NULL, device);
> > 
> > Do we hold any locks from here until the code which actually creates the
> > device? I don't think we have an active transaction either which would
> > serve a similar purpose.
> > 
> 
> At this point we hold libxl context lock, so it should be safe against
> other threads in the same process.
> 
> But I can see there's problem WRT to other processes trying to
> manipulate device. I think we need to have a xs transaction here. What
> do you think?

I'm not sure, but it sounds plausible.