From mboxrd@z Thu Jan  1 00:00:00 1970
From: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Subject: [RFC PATCH 0/18] Xenstore stub domain
Date: Wed, 11 Jan 2012 12:21:12 -0500
Message-ID: <1326302490-19428-1-git-send-email-dgdegra@tycho.nsa.gov>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
List-Unsubscribe: <http://lists.xensource.com/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: xen-devel@lists.xensource.com
List-Id: xen-devel@lists.xenproject.org

This patch series allows xenstored to run in a stub domian started by
dom0. It is based on a patch series posted by Alex Zeffertt in 2009 -
http://old-list-archives.xen.org/archives/html/xen-devel/2009-03/msg01488.html


A domain configuration for starting xenstored looks like:

kernel='/home/daniel/xen/stubdom/mini-os-x86_64-xenstore/mini-os'
extra=''
memory=50
name='xenstore'

Once xenstore is started, "xenstore_dom=1" needs to be added to other
domain's configurations in order to set up the xenstore connection to
domain 1.

The following program handles post-creation parts of xenstored. To use
it, run "xl create -p xenstore" and then "init-xenstore $domid". The
running xenstored must be stopped to prevent xl using the UNIX sockets,
and xenconsoled needs to be restarted after switching xenstores.

/* init-xenstore.c: link with -lxenctrl */

#include <fcntl.h>
#include <stdio.h>
#include <string.h>
#include <stdint.h>
#include <stdlib.h>
#include <sys/ioctl.h>
#include <sys/mman.h>

#define __XEN_TOOLS__
#include <xen/domctl.h>
#include "xenctrl.h"

#define IOCTL_XENBUS_BACKEND_SETUP _IOC(_IOC_NONE, 'B', 1, 0)
#define IOCTL_XENBUS_BACKEND_COMMIT _IOC(_IOC_NONE, 'B', 2, 0)

static void set_virq(int domid, int virq)
{
	struct xen_domctl command;
	xc_interface *xch;

	xch = xc_interface_open(NULL, NULL, 0);

	memset(&command, 0, sizeof(command)); 
	command.cmd               = XEN_DOMCTL_set_virq_handler;
	command.interface_version = XEN_DOMCTL_INTERFACE_VERSION;
	command.domain            = domid;
	command.u.set_virq_handler.virq = virq;
	xc_domctl(xch, &command);
	xc_interface_close(xch);
}

int main(int argc, char** argv)
{
	char buf[512];
	int domid = atoi(argv[1]);

	set_virq(domid, VIRQ_DOM_EXC);

	int fd = open("/dev/xen/xenbus_backend", O_RDWR);
	void *map = mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0);
	int rv = ioctl(fd, IOCTL_XENBUS_BACKEND_SETUP, domid);
	*(uint16_t*)(map + 0x810) = rv;
	snprintf(buf, 512, "xl unpause %d", domid);
	system(buf);
	ioctl(fd, IOCTL_XENBUS_BACKEND_COMMIT, 0);
	return 0;
}

-------------------------------------------------

Dom0 kernel changes:
    [PATCH] xenbus: Add support for xenbus backend in stub domain

This is based on the new /dev/xen devices introduced in Linux 3.3.

Hypervisor changes:
    [PATCH 01/18] xen: reinstate previously unused
    [PATCH 02/18] xen: allow global VIRQ handlers to be delegated to
    [PATCH 03/18] xsm: allow use of XEN_DOMCTL_getdomaininfo by
    [PATCH 04/18] xen: Preserve reserved grant entries when switching

Patch 1 & 4 are required for setting up grant entries in new domains.
Patch 2 & 3 allow xenstored to run in an unprivileged domain. This
currently requires XSM to be enabled to avoid allowing all domUs access
to XEN_DOMCTL_getdomaininfo, so the patch only allows this hypercall if
XSM is being compiled in.

Toolstack changes:
    [PATCH 05/18] tools/libxl: Add xenstore and console backend domain
    [PATCH 06/18] lib{xc,xl}: Seed grant tables with xenstore and

These patches populate two of the eight reserved grant entries in new
domains with the xenstore and console shared pages, which is required
if xenstored is not run in a privileged domain.

Minios and xenstored:
    [PATCH 07/18] mini-os: avoid crash if no console is provided
    [PATCH 08/18] mini-os: avoid crash if no xenstore is provided
    [PATCH 09/18] mini-os: remove per-fd evtchn limit
    [PATCH 10/18] xenstored: use grant references instead of
    [PATCH 11/18] xenstored: add NO_SOCKETS compilation option
    [PATCH 12/18] xenstored support for in-memory rather than FS based
    [PATCH 13/18] xenstored: support running in minios stubdom
    [PATCH 14/18] xenstored: always use xc_gnttab_munmap in stubdom
    [PATCH 15/18] xenstored: add --event parameter for bootstrapping
    [PATCH 16/18] xenstored: pull dom0 event port from shared page
    [PATCH 17/18] xenstored: use domain_is_unprivileged instead of
    [PATCH 18/18] xenstored: add --priv-domid parameter

Support for running in a stub domain