On Fri, Jan 31, 2020 at 02:55:44PM +0000, Wei Liu wrote:
> On Fri, Jan 31, 2020 at 03:25:57PM +0100, Juergen Gross wrote:
> > Xenstore write limiting should not be applied to dom0. Unfortunately
> > write limiting is disabled only for connections via sockets. When
> > running in a stubdom Xenstore will apply write limiting to dom0, too.
> > Change that by testing for the domain to be privileged as well.
> >
> > Signed-off-by: Juergen Gross <jgr...@suse.com>
>
> Acked-by: Wei Liu <w...@xen.org>
>
> > ---
> > tools/xenstore/xenstored_domain.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/tools/xenstore/xenstored_domain.c
> > b/tools/xenstore/xenstored_domain.c
> > index 1a83097952..c7c6c574df 100644
> > --- a/tools/xenstore/xenstored_domain.c
> > +++ b/tools/xenstore/xenstored_domain.c
> > @@ -918,8 +918,8 @@ void wrl_apply_debit_actual(struct domain *domain)
> > {
> > struct wrl_timestampt now;
> >
> > - if (!domain)
> > - /* sockets escape the write rate limit */
> > + if (!domain || !domid_is_unprivileged(domain->domid))
> > + /* sockets and dom0 escape the write rate limit */
Actually I think changing dom0 to "privileged domain" makes more sense
here because you're allowed to specify a non-0 domain ID as privileged
domid.
If you agree I can fix it while committing.
Wei.
> > return;
> >
> > wrl_gettime_now(&now);
> > --
> > 2.16.4
> >
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
