Commit 1ea26cd3 authored by Yathindra Naik's avatar Yathindra Naik

- vif backend drivers run on a guest domain

- Grant capabilities explicitly to backend domain
- Next step is change NFS to run in the backend domain
parent f70a2190
...@@ -753,20 +753,26 @@ static void initiate_domain_create(libxl__egc *egc, ...@@ -753,20 +753,26 @@ static void initiate_domain_create(libxl__egc *egc,
#ifdef CONFIG_XENCAP #ifdef CONFIG_XENCAP
libxl_capabilities *cap_files = d_config->cap_files; libxl_capabilities *cap_files = d_config->cap_files;
ret = libxl_domain_setcapfiles(ctx, cap_files, domid); if (cap_files != NULL)
if (ret) { {
LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "cannot grant capabilities: %d", ret); ret = libxl_domain_setcapfiles(ctx, cap_files, domid);
ret = ERROR_FAIL; if (ret) {
goto error_out; LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "cannot grant capabilities: %d", ret);
} ret = ERROR_FAIL;
goto error_out;
}
}
libxl_capabilities *cap_evtchn = d_config->cap_evtchn; libxl_capabilities *cap_evtchn = d_config->cap_evtchn;
ret = libxl_domain_evtchn(ctx, cap_evtchn, domid); if (cap_evtchn != NULL)
if (ret) { {
LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "cannot make evt_chn: %d", ret); ret = libxl_domain_evtchn(ctx, cap_evtchn, domid);
ret = ERROR_FAIL; if (ret) {
goto error_out; LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "cannot make evt_chn: %d", ret);
} ret = ERROR_FAIL;
goto error_out;
}
}
#endif #endif
dcs->guest_domid = domid; dcs->guest_domid = domid;
dcs->dmss.dm.guest_domid = 0; /* means we haven't spawned */ dcs->dmss.dm.guest_domid = 0; /* means we haven't spawned */
......
...@@ -148,13 +148,23 @@ retry_transaction: ...@@ -148,13 +148,23 @@ retry_transaction:
LOG(DEBUG, "Granting caps for domid %d for %s/backend\n",device->domid, frontend_path); LOG(DEBUG, "Granting caps for domid %d for %s/backend\n",device->domid, frontend_path);
LOG(DEBUG, "caps[0]: %d\n",caps[0].magic); LOG(DEBUG, "caps[0]: %d\n",caps[0].magic);
if (xc_cap_grant(ctx->xch, device->domid, list, 1)) if (xc_cap_grant(ctx->xch, device->domid, list, 1))
LOG(DEBUG, "Granting caps for %s/backend failed\n",frontend_path); LOG(DEBUG, "Granting caps for %s/backend failed\n",frontend_path);
if (device->backend_domid != 0)
{
if (xc_cap_grant(ctx->xch, device->backend_domid, list, 1))
LOG(DEBUG, "Granting caps for %s/backend failed\n",frontend_path);
}
} }
if (!xc_cap_check(ctx->xch, device->domid, &caps[1])) { if (!xc_cap_check(ctx->xch, device->domid, &caps[1])) {
list[0] = caps[1]; list[0] = caps[1];
LOG(DEBUG, "caps[1]: %d\n", caps[1].magic); LOG(DEBUG, "caps[1]: %d\n", caps[1].magic);
if (xc_cap_grant(ctx->xch, device->domid, list, 1)) if (xc_cap_grant(ctx->xch, device->domid, list, 1))
LOG(DEBUG, "Granting caps for %s/backend failed\n",frontend_path); LOG(DEBUG, "Granting caps for %s/backend failed\n",frontend_path);
if (device->backend_domid != 0)
{
if (xc_cap_grant(ctx->xch, device->backend_domid, list, 1))
LOG(DEBUG, "Granting caps for %s/backend failed\n",frontend_path);
}
} }
caps = xs_get_caps(ctx->xsh, t, frontend_child); caps = xs_get_caps(ctx->xsh, t, frontend_child);
if (caps == NULL) if (caps == NULL)
...@@ -165,6 +175,11 @@ retry_transaction: ...@@ -165,6 +175,11 @@ retry_transaction:
LOG(DEBUG, "caps[0]: %d\n",caps[0].magic); LOG(DEBUG, "caps[0]: %d\n",caps[0].magic);
if (xc_cap_grant(ctx->xch, device->domid, list, 1)) if (xc_cap_grant(ctx->xch, device->domid, list, 1))
LOG(DEBUG, "Granting caps for %s failed\n",frontend_child); LOG(DEBUG, "Granting caps for %s failed\n",frontend_child);
if (device->backend_domid != 0)
{
if (xc_cap_grant(ctx->xch, device->backend_domid, list, 1))
LOG(DEBUG, "Granting caps for %s/backend failed\n",frontend_child);
}
} }
if (!xc_cap_check(ctx->xch, device->domid, &caps[1])) { if (!xc_cap_check(ctx->xch, device->domid, &caps[1])) {
list[0] = caps[1]; list[0] = caps[1];
...@@ -172,10 +187,17 @@ retry_transaction: ...@@ -172,10 +187,17 @@ retry_transaction:
LOG(DEBUG, "caps[1]: %d\n",caps[1].magic); LOG(DEBUG, "caps[1]: %d\n",caps[1].magic);
if (xc_cap_grant(ctx->xch, device->domid, list, 1)) if (xc_cap_grant(ctx->xch, device->domid, list, 1))
LOG(DEBUG, "Granting caps for %s failed\n",frontend_child); LOG(DEBUG, "Granting caps for %s failed\n",frontend_child);
if (device->backend_domid != 0)
{
if (xc_cap_grant(ctx->xch, device->backend_domid, list, 1))
LOG(DEBUG, "Granting caps for %s/backend failed\n",frontend_child);
}
} }
#endif #endif
#ifdef CONFIG_XENCAP #ifdef CONFIG_XENCAP
libxl__xs_writev(gc, t, frontend_path, fents, device->domid, 'b'); libxl__xs_writev(gc, t, frontend_path, fents, device->domid, 'b');
if (device->backend_domid != 0)
libxl__xs_writev(gc, t, frontend_path, fents, device->backend_domid, 'b');
#else #else
libxl__xs_writev(gc, t, frontend_path, fents); libxl__xs_writev(gc, t, frontend_path, fents);
#endif #endif
...@@ -196,10 +218,17 @@ retry_transaction: ...@@ -196,10 +218,17 @@ retry_transaction:
LOG(DEBUG, "caps[0]: %d caps[1]: %d\n",caps[0].magic, caps[1].magic); LOG(DEBUG, "caps[0]: %d caps[1]: %d\n",caps[0].magic, caps[1].magic);
if (xc_cap_grant(ctx->xch, device->domid, list, 1)) if (xc_cap_grant(ctx->xch, device->domid, list, 1))
LOG(DEBUG, "Granting caps for %s/frontend failed\n",backend_path); LOG(DEBUG, "Granting caps for %s/frontend failed\n",backend_path);
} if (device->backend_domid != 0)
{
if (xc_cap_grant(ctx->xch, device->backend_domid, list, 1))
LOG(DEBUG, "Granting caps for %s/frontend failed\n",backend_path);
}
}
#endif #endif
#ifdef CONFIG_XENCAP #ifdef CONFIG_XENCAP
libxl__xs_writev(gc, t, backend_path, bents, device->domid, 'r'); libxl__xs_writev(gc, t, backend_path, bents, device->domid, 'r');
if (device->backend_domid != 0)
libxl__xs_writev(gc, t, backend_path, bents, device->backend_domid, 'b');
#else #else
libxl__xs_writev(gc, t, backend_path, bents); libxl__xs_writev(gc, t, backend_path, bents);
#endif #endif
......
...@@ -85,6 +85,7 @@ static int cap_domain_create(struct domain *d, u32 ssidref) ...@@ -85,6 +85,7 @@ static int cap_domain_create(struct domain *d, u32 ssidref)
d->cap_space = dom_cap_space; d->cap_space = dom_cap_space;
d->cap_flag = 1; d->cap_flag = 1;
/* Also, init est_evtchn - allowing other domains to est event channels with domain 0 */ /* Also, init est_evtchn - allowing other domains to est event channels with domain 0 */
#if 0
d->est_evtchn = xmalloc(struct capability); d->est_evtchn = xmalloc(struct capability);
if (d->est_evtchn == NULL) if (d->est_evtchn == NULL)
{ {
...@@ -96,6 +97,7 @@ static int cap_domain_create(struct domain *d, u32 ssidref) ...@@ -96,6 +97,7 @@ static int cap_domain_create(struct domain *d, u32 ssidref)
TT_ERR("Could not create cap for Dom0's est_evtchn\n"); TT_ERR("Could not create cap for Dom0's est_evtchn\n");
return -1; return -1;
} }
#endif
return rc; return rc;
} }
else else
...@@ -1588,10 +1590,14 @@ static int cap_evtchn_unbound (struct domain *d, struct evtchn *chn, ...@@ -1588,10 +1590,14 @@ static int cap_evtchn_unbound (struct domain *d, struct evtchn *chn,
/* Check if the remote domain has the cap to /* Check if the remote domain has the cap to
est evtchn. Note, remote domain must exist est evtchn. Note, remote domain must exist
for this to work. */ for this to work. */
/* if the remote domain does not have caps
set then dont do anything. Simply return. */
if (d->est_evtchn == NULL) if (d->est_evtchn == NULL)
{ {
TT_ERR("remote domain %d does not have est_evtchn\n",id2); TT_ERR("remote domain %d does not have est_evtchn\n",id2);
return 1; return 0;
} }
if ((remote_domain = get_domain_by_id(id2)) == NULL) if ((remote_domain = get_domain_by_id(id2)) == NULL)
{ {
...@@ -1637,10 +1643,13 @@ static int cap_evtchn_interdomain (struct domain *d1, struct evtchn ...@@ -1637,10 +1643,13 @@ static int cap_evtchn_interdomain (struct domain *d1, struct evtchn
/* Check if this domain (d1) has the capability /* Check if this domain (d1) has the capability
to bind with the remote domain (d2) */ to bind with the remote domain (d2) */
/* if the remote domain does not have est_evtchn
set then simply return. */
if (d2->est_evtchn == NULL) if (d2->est_evtchn == NULL)
{ {
TT_ERR("remote domain %d est_evtchn is NULL\n",d2->domain_id); TT_ERR("remote domain %d est_evtchn is NULL\n",d2->domain_id);
return 1; return 0;
} }
if (cap_check(d1, d2->est_evtchn) == 0) if (cap_check(d1, d2->est_evtchn) == 0)
{ {
...@@ -1682,7 +1691,7 @@ static int cap_evtchn_send (struct domain *d, struct evtchn *chn) ...@@ -1682,7 +1691,7 @@ static int cap_evtchn_send (struct domain *d, struct evtchn *chn)
if (remote_domain->est_evtchn == NULL) if (remote_domain->est_evtchn == NULL)
{ {
TT_ERR("remoted domain %d est_evtchn is NULL\n",remote_domain->domain_id); TT_ERR("remoted domain %d est_evtchn is NULL\n",remote_domain->domain_id);
return 1; return 0;
} }
if (cap_check(d,remote_domain->est_evtchn) == 0) if (cap_check(d,remote_domain->est_evtchn) == 0)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment