On 31.01.20 15:58, Wei Liu wrote:
On Fri, Jan 31, 2020 at 02:55:44PM +0000, Wei Liu wrote:
On Fri, Jan 31, 2020 at 03:25:57PM +0100, Juergen Gross wrote:
Xenstore write limiting should not be applied to dom0. Unfortunately
write limiting is disabled only for connections via sockets. When
running in a stubdom Xenstore will apply write limiting to dom0, too.
Change that by testing for the domain to be privileged as well.
Signed-off-by: Juergen Gross <jgr...@suse.com>
Acked-by: Wei Liu <w...@xen.org>
---
tools/xenstore/xenstored_domain.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/xenstore/xenstored_domain.c
b/tools/xenstore/xenstored_domain.c
index 1a83097952..c7c6c574df 100644
--- a/tools/xenstore/xenstored_domain.c
+++ b/tools/xenstore/xenstored_domain.c
@@ -918,8 +918,8 @@ void wrl_apply_debit_actual(struct domain *domain)
{
struct wrl_timestampt now;
- if (!domain)
- /* sockets escape the write rate limit */
+ if (!domain || !domid_is_unprivileged(domain->domid))
+ /* sockets and dom0 escape the write rate limit */
Actually I think changing dom0 to "privileged domain" makes more sense
here because you're allowed to specify a non-0 domain ID as privileged
domid.
If you agree I can fix it while committing.
Yes, sure.
Juergen
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
