From: David Woodhouse <dwmw2@infradead.org>
To: Peter Maydell <peter.maydell@linaro.org>, qemu-devel@nongnu.org
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
"Paul Durrant" <paul@xen.org>,
"Joao Martins" <joao.m.martins@oracle.com>,
"Ankur Arora" <ankur.a.arora@oracle.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Thomas Huth" <thuth@redhat.com>,
"Alex Bennée" <alex.bennee@linaro.org>,
"Juan Quintela" <quintela@redhat.com>,
"Dr . David Alan Gilbert" <dgilbert@redhat.com>,
"Claudio Fontana" <cfontana@suse.de>,
"Julien Grall" <julien@xen.org>,
"Michael S. Tsirkin" <mst@redhat.com>,
"Marcel Apfelbaum" <marcel.apfelbaum@gmail.com>,
armbru@redhat.com
Subject: [RFC PATCH v1 4/8] hw/xen: Implement XenStore transactions
Date: Wed, 1 Feb 2023 14:43:54 +0000 [thread overview]
Message-ID: <20230201144358.1744876-5-dwmw2@infradead.org> (raw)
In-Reply-To: <20230201144358.1744876-1-dwmw2@infradead.org>
From: David Woodhouse <dwmw@amazon.co.uk>
Given that the whole thing supported copy on write from the beginning,
transactions end up being fairly simple. On starting a transaction, just
take a ref of the existing root; swap it back in on a successful commit.
The main tree has a transaction ID too, and we keep a record of the last
transaction ID given out. if the main tree is ever modified when it isn't
the latest, it gets a new transaction ID.
A commit can only succeed if the main tree hasn't moved on since it was
forked. Strictly speaking, the XenStore protocol allows a transaction to
succeed as long as nothing *it* read or wrote has changed in the interim,
but no implementations do that; *any* change is sufficient to abort a
transaction.
This does not yet fire watches on the changed nodes on a commit. That bit
is more fun and will come in a follow-on commit.
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
---
hw/i386/kvm/xenstore_impl.c | 99 +++++++++++++++++++++++++++++++++++--
tests/unit/test-xs-node.c | 97 ++++++++++++++++++++++++++++++++++++
2 files changed, 192 insertions(+), 4 deletions(-)
diff --git a/hw/i386/kvm/xenstore_impl.c b/hw/i386/kvm/xenstore_impl.c
index 7b2d2ddc57..c07b807d13 100644
--- a/hw/i386/kvm/xenstore_impl.c
+++ b/hw/i386/kvm/xenstore_impl.c
@@ -39,9 +39,19 @@ typedef struct XsWatch {
int rel_prefix;
} XsWatch;
+typedef struct XsTransaction {
+ XsNode *root;
+ unsigned int base_tx;
+ unsigned int tx_id;
+ unsigned int dom_id;
+} XsTransaction;
+
struct XenstoreImplState {
XsNode *root;
GHashTable *watches;
+ GHashTable *transactions;
+ unsigned int root_tx;
+ unsigned int last_tx;
};
static void xs_node_init(Object *obj)
@@ -163,6 +173,7 @@ struct walk_op {
bool inplace;
bool mutating;
bool create_dirs;
+ bool in_transaction;
};
static void fire_watches(struct walk_op *op, bool parents)
@@ -170,7 +181,7 @@ static void fire_watches(struct walk_op *op, bool parents)
GList *l = NULL;
XsWatch *w;
- if (!op->mutating) {
+ if (!op->mutating || op->in_transaction) {
return;
}
@@ -402,6 +413,16 @@ static int xs_node_walk(XsNode **n, struct walk_op *op)
op->path[namelen] = '\0';
if (!namelen) {
assert(!op->watches);
+ /*
+ * If the main tree was changed, bump its tx ID so that outstanding
+ * transactions correctly fail. But don't bump it every time; only
+ * if it makes a difference.
+ */
+ if (op->mutating && !op->in_transaction) {
+ if (op->s->root_tx != op->s->last_tx) {
+ op->s->root_tx = ++op->s->last_tx;
+ }
+ }
}
return 0;
}
@@ -456,13 +477,20 @@ static int init_walk_op(XenstoreImplState *s, struct walk_op *op,
op->inplace = true;
op->mutating = false;
op->create_dirs = false;
+ op->in_transaction = false;
op->dom_id = dom_id;
op->s = s;
if (tx_id == XBT_NULL) {
*rootp = &s->root;
} else {
- return ENOENT;
+ XsTransaction *tx = g_hash_table_lookup(s->transactions,
+ GINT_TO_POINTER(tx_id));
+ if (!tx) {
+ return ENOENT;
+ }
+ *rootp = &tx->root;
+ op->in_transaction = true;
}
return 0;
@@ -534,13 +562,65 @@ int xs_impl_directory(XenstoreImplState *s, unsigned int dom_id,
int xs_impl_transaction_start(XenstoreImplState *s, unsigned int dom_id,
unsigned int *tx_id)
{
- return ENOSYS;
+ XsTransaction *tx;
+
+ if (*tx_id != XBT_NULL) {
+ return EINVAL;
+ }
+
+ tx = g_new0(XsTransaction, 1);
+
+ tx->tx_id = ++s->last_tx;
+ tx->base_tx = s->root_tx;
+ tx->root = xs_node_ref(s->root);
+ tx->dom_id = dom_id;
+
+ g_hash_table_insert(s->transactions, GINT_TO_POINTER(tx->tx_id), tx);
+ *tx_id = tx->tx_id;
+ return 0;
+}
+
+static int transaction_commit(XenstoreImplState *s, XsTransaction *tx)
+{
+ if (s->root_tx != tx->base_tx) {
+ return EAGAIN;
+ }
+ xs_node_unref(s->root);
+ s->root = tx->root;
+ tx->root = NULL;
+ s->root_tx = tx->tx_id;
+
+ /*
+ * XX: Walk the new root and fire watches on any node which has a
+ * refcount of one (which is therefore unique to this transaction).
+ */
+ return 0;
}
int xs_impl_transaction_end(XenstoreImplState *s, unsigned int dom_id,
xs_transaction_t tx_id, bool commit)
{
- return ENOSYS;
+ int ret = 0;
+
+ if (commit) {
+ XsTransaction *tx = g_hash_table_lookup(s->transactions,
+ GINT_TO_POINTER(tx_id));
+ if (!tx || tx->dom_id != dom_id) {
+ return ENOENT;
+ }
+
+ ret = transaction_commit(s, tx);
+ /*
+ * It *is* in the hash table still, so g_hash_table_remove() will
+ * return true and we'll return ret;
+ */
+ }
+
+ if (g_hash_table_remove(s->transactions, GINT_TO_POINTER(tx_id))) {
+ return ret;
+ } else {
+ return ENOENT;
+ }
}
int xs_impl_rm(XenstoreImplState *s, unsigned int dom_id,
@@ -761,11 +841,22 @@ int xs_impl_reset_watches(XenstoreImplState *s, unsigned int dom_id)
return 0;
}
+static void xs_tx_free(void *_tx)
+{
+ XsTransaction *tx = _tx;
+ if (tx->root) {
+ xs_node_unref(tx->root);
+ }
+ g_free(tx);
+}
+
XenstoreImplState *xs_impl_create(void)
{
XenstoreImplState *s = g_new0(XenstoreImplState, 1);
s->watches = g_hash_table_new_full(g_str_hash, g_str_equal, g_free, NULL);
+ s->transactions = g_hash_table_new_full(g_direct_hash, g_direct_equal,
+ NULL, xs_tx_free);
s->root = xs_node_new();
#ifdef XS_NODE_UNIT_TEST
s->root->name = g_strdup("/");
diff --git a/tests/unit/test-xs-node.c b/tests/unit/test-xs-node.c
index 3bea23d106..88ac71e83f 100644
--- a/tests/unit/test-xs-node.c
+++ b/tests/unit/test-xs-node.c
@@ -23,6 +23,7 @@ static GList *xs_node_list;
/* This doesn't happen in qemu but we want to make valgrind happy */
static void xs_impl_delete(XenstoreImplState *s)
{
+ g_hash_table_unref(s->transactions);
g_hash_table_unref(s->watches);
xs_node_unref(s->root);
g_free(s);
@@ -243,12 +244,108 @@ static void test_xs_node_simple(void)
}
+static void do_test_xs_node_tx(bool fail, bool commit)
+{
+ XenstoreImplState *s = setup();
+ GString *watches = g_string_new(NULL);
+ GByteArray *data = g_byte_array_new();
+ unsigned int tx_id = XBT_NULL;
+ int err;
+
+ g_assert(s);
+
+ /* Set a watch */
+ err = xs_impl_watch(s, DOMID_GUEST, "some", "watch",
+ watch_cb, watches);
+ g_assert(!err);
+ g_assert(watches->len == strlen("somewatch"));
+ g_assert(!strcmp(watches->str, "somewatch"));
+ g_string_truncate(watches, 0);
+
+ /* Write something */
+ err = write_str(s, DOMID_GUEST, XBT_NULL, "some/relative/path",
+ "something");
+ g_assert(!err);
+ g_assert(!strcmp(watches->str,
+ "some/relative/pathwatch"));
+ g_string_truncate(watches, 0);
+
+ /* Create a transaction */
+ err = xs_impl_transaction_start(s, DOMID_GUEST, &tx_id);
+ g_assert(!err);
+
+ if (fail) {
+ /* Write something else in the root */
+ err = write_str(s, DOMID_GUEST, XBT_NULL, "some/relative/path",
+ "another thing");
+ g_assert(!err);
+ g_assert(!strcmp(watches->str,
+ "some/relative/pathwatch"));
+ g_string_truncate(watches, 0);
+ }
+
+ g_assert(!watches->len);
+
+ /* Perform a write in the transaction */
+ err = write_str(s, DOMID_GUEST, tx_id, "some/relative/path",
+ "something else");
+ g_assert(!err);
+ g_assert(!watches->len);
+
+ /* The transaction should fail */
+ err = xs_impl_transaction_end(s, DOMID_GUEST, tx_id, commit);
+ if (commit && fail) {
+ g_assert(err == EAGAIN);
+ } else {
+ g_assert(!err);
+ }
+ g_assert(!watches->len);
+
+ err = xs_impl_unwatch(s, DOMID_GUEST, "some", "watch",
+ watch_cb, watches);
+ g_assert(!err);
+
+ err = xs_impl_read(s, DOMID_GUEST, XBT_NULL, "some/relative/path", data);
+ g_assert(!err);
+ if (fail) {
+ g_assert(data->len == strlen("another thing"));
+ g_assert(!memcmp(data->data, "another thing", data->len));
+ } else if (commit) {
+ g_assert(data->len == strlen("something else"));
+ g_assert(!memcmp(data->data, "something else", data->len));
+ } else {
+ g_assert(data->len == strlen("something"));
+ g_assert(!memcmp(data->data, "something", data->len));
+ }
+ g_byte_array_unref(data);
+ g_string_free(watches, true);
+ xs_impl_delete(s);
+}
+
+static void test_xs_node_tx_fail(void)
+{
+ do_test_xs_node_tx(true, true);
+}
+
+static void test_xs_node_tx_abort(void)
+{
+ do_test_xs_node_tx(false, false);
+ do_test_xs_node_tx(true, false);
+}
+static void test_xs_node_tx_succeed(void)
+{
+ do_test_xs_node_tx(false, true);
+}
+
int main(int argc, char **argv)
{
g_test_init(&argc, &argv, NULL);
module_call_init(MODULE_INIT_QOM);
g_test_add_func("/xs_node/simple", test_xs_node_simple);
+ g_test_add_func("/xs_node/tx_abort", test_xs_node_tx_abort);
+ g_test_add_func("/xs_node/tx_fail", test_xs_node_tx_fail);
+ g_test_add_func("/xs_node/tx_succeed", test_xs_node_tx_succeed);
return g_test_run();
}
--
2.39.0
next prev parent reply other threads:[~2023-02-01 14:54 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-01 14:43 [RFC PATCH v1 0/8] Look Ma! We made a XenStore David Woodhouse
2023-02-01 14:43 ` [RFC PATCH v1 1/8] hw/xen: Add xenstore wire implementation and implementation stubs David Woodhouse
2023-02-01 14:43 ` [RFC PATCH v1 2/8] hw/xen: Add basic XenStore tree walk and write/read/directory support David Woodhouse
2023-02-01 14:43 ` [RFC PATCH v1 3/8] hw/xen: Implement XenStore watches David Woodhouse
2023-02-01 14:43 ` David Woodhouse [this message]
2023-02-01 14:43 ` [RFC PATCH v1 5/8] hw/xen: Watches on XenStore transactions David Woodhouse
2023-02-01 14:43 ` [RFC PATCH v1 6/8] xenstore perms WIP David Woodhouse
2023-02-01 14:43 ` [RFC PATCH v1 7/8] hw/xen: Implement core serialize/deserialize methods for xenstore_impl David Woodhouse
2023-02-01 14:43 ` [RFC PATCH v1 8/8] hw/xen: Create initial XenStore nodes David Woodhouse
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230201144358.1744876-5-dwmw2@infradead.org \
--to=dwmw2@infradead.org \
--cc=alex.bennee@linaro.org \
--cc=ankur.a.arora@oracle.com \
--cc=armbru@redhat.com \
--cc=cfontana@suse.de \
--cc=dgilbert@redhat.com \
--cc=joao.m.martins@oracle.com \
--cc=julien@xen.org \
--cc=marcel.apfelbaum@gmail.com \
--cc=mst@redhat.com \
--cc=paul@xen.org \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=quintela@redhat.com \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.