ia64/xen-unstable

changeset 15713:f8d5c509f156

Fix/cleanup destroyDevice code path in xend.

When calling destroyDevice code path (e.g. xm block-detach dom devid),
allow specifying an integer device id or a device name such as xvdN or
/dev/xvdN. Allowing the /dev/xvdN form is useful when detaching
devices from dom0. Bootloaders may do this to unmount a disk
previously mounted in dom0.

Move examination of device ID format into the DevController,
permitting device controllers to determine a valid device ID instead
of higher level code.

Signed-off-by: Jim Fehlig <jfehlig@novell.com>
author kfraser@localhost.localdomain
date Mon Aug 06 10:12:34 2007 +0100 (2007-08-06)
parents 92e43b36d211
children fd20c1333e3e
files tools/python/xen/xend/XendDomainInfo.py tools/python/xen/xend/server/DevController.py tools/python/xen/xend/server/blkif.py tools/security/policies/default-security_policy.xml tools/security/policies/default-ul-security_policy.xml
line diff
     1.1 --- a/tools/python/xen/xend/XendDomainInfo.py	Mon Aug 06 10:11:25 2007 +0100
     1.2 +++ b/tools/python/xen/xend/XendDomainInfo.py	Mon Aug 06 10:12:34 2007 +0100
     1.3 @@ -559,18 +559,8 @@ class XendDomainInfo:
     1.4              self.getDeviceController(devclass).waitForDevices()
     1.5  
     1.6      def destroyDevice(self, deviceClass, devid, force = False):
     1.7 -        try:
     1.8 -            dev = int(devid)
     1.9 -        except ValueError:
    1.10 -            # devid is not a number but a string containing either device
    1.11 -            # name (e.g. xvda) or device_type/device_id (e.g. vbd/51728)
    1.12 -            dev = type(devid) is str and devid.split('/')[-1] or None
    1.13 -            if dev == None:
    1.14 -                log.debug("Could not find the device %s", devid)
    1.15 -                return None
    1.16 -
    1.17 -        log.debug("dev = %s", dev)
    1.18 -        return self.getDeviceController(deviceClass).destroyDevice(dev, force)
    1.19 +        log.debug("dev = %s", devid)
    1.20 +        return self.getDeviceController(deviceClass).destroyDevice(devid, force)
    1.21  
    1.22      def getDeviceSxprs(self, deviceClass):
    1.23          if self._stateGet() in (DOM_STATE_RUNNING, DOM_STATE_PAUSED):
     2.1 --- a/tools/python/xen/xend/server/DevController.py	Mon Aug 06 10:11:25 2007 +0100
     2.2 +++ b/tools/python/xen/xend/server/DevController.py	Mon Aug 06 10:12:34 2007 +0100
     2.3 @@ -203,27 +203,32 @@ class DevController:
     2.4  
     2.5          The implementation here simply deletes the appropriate paths from the
     2.6          store.  This may be overridden by subclasses who need to perform other
     2.7 -        tasks on destruction.  Further, the implementation here can only
     2.8 -        accept integer device IDs, or values that can be converted to
     2.9 -        integers.  Subclasses may accept other values and convert them to
    2.10 -        integers before passing them here.
    2.11 +        tasks on destruction. The implementation here accepts integer device
    2.12 +        IDs or paths containg integer deviceIDs, e.g. vfb/0.  Subclasses may
    2.13 +        accept other values and convert them to integers before passing them
    2.14 +        here.
    2.15          """
    2.16  
    2.17 -        devid = int(devid)
    2.18 +        try:
    2.19 +            dev = int(devid)
    2.20 +        except ValueError:
    2.21 +            # Does devid contain devicetype/deviceid?
    2.22 +            # Propogate exception if unable to find an integer devid
    2.23 +            dev = int(type(devid) is str and devid.split('/')[-1] or None)
    2.24  
    2.25          # Modify online status /before/ updating state (latter is watched by
    2.26          # drivers, so this ordering avoids a race).
    2.27 -        self.writeBackend(devid, 'online', "0")
    2.28 -        self.writeBackend(devid, 'state', str(xenbusState['Closing']))
    2.29 +        self.writeBackend(dev, 'online', "0")
    2.30 +        self.writeBackend(dev, 'state', str(xenbusState['Closing']))
    2.31  
    2.32          if force:
    2.33 -            frontpath = self.frontendPath(devid)
    2.34 +            frontpath = self.frontendPath(dev)
    2.35              backpath = xstransact.Read(frontpath, "backend")
    2.36              if backpath:
    2.37                  xstransact.Remove(backpath)
    2.38              xstransact.Remove(frontpath)
    2.39  
    2.40 -        self.vm._removeVm("device/%s/%d" % (self.deviceClass, devid))
    2.41 +        self.vm._removeVm("device/%s/%d" % (self.deviceClass, dev))
    2.42  
    2.43      def configurations(self):
    2.44          return map(self.configuration, self.deviceIDs())
     3.1 --- a/tools/python/xen/xend/server/blkif.py	Mon Aug 06 10:11:25 2007 +0100
     3.2 +++ b/tools/python/xen/xend/server/blkif.py	Mon Aug 06 10:12:34 2007 +0100
     3.3 @@ -154,13 +154,16 @@ class BlkifController(DevController):
     3.4      def destroyDevice(self, devid, force):
     3.5          """@see DevController.destroyDevice"""
     3.6  
     3.7 -        # If we are given a device name, then look up the device ID from it,
     3.8 -        # and destroy that ID instead.  If what we are given is an integer,
     3.9 -        # then assume it's a device ID and pass it straight through to our
    3.10 -        # superclass's method.
    3.11 -
    3.12 +        # vbd device IDs can be either string or integer.  Further, the
    3.13 +        # following string values are possible:
    3.14 +        #    - devicetype/deviceid (vbd/51728)
    3.15 +        #    - devicetype/devicename (/dev/xvdb)
    3.16 +        #    - devicename (xvdb)
    3.17 +        # Let our superclass handle integer or devicetype/deviceid forms.
    3.18 +        # If we are given a device name form, then look up the device ID
    3.19 +        # from it, and destroy that ID instead.
    3.20          try:
    3.21 -            DevController.destroyDevice(self, int(devid), force)
    3.22 +            DevController.destroyDevice(self, devid, force)
    3.23          except ValueError:
    3.24              devid_end = type(devid) is str and devid.split('/')[-1] or None
    3.25  
     4.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     4.2 +++ b/tools/security/policies/default-security_policy.xml	Mon Aug 06 10:12:34 2007 +0100
     4.3 @@ -0,0 +1,30 @@
     4.4 +<?xml version="1.0" ?>
     4.5 +<SecurityPolicyDefinition xmlns="http://www.ibm.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd">
     4.6 +  <PolicyHeader>
     4.7 +    <PolicyName>DEFAULT</PolicyName>
     4.8 +    <Version>1.0</Version>
     4.9 +  </PolicyHeader>
    4.10 +  <SimpleTypeEnforcement>
    4.11 +    <SimpleTypeEnforcementTypes>
    4.12 +      <Type>SystemManagement</Type>
    4.13 +    </SimpleTypeEnforcementTypes>
    4.14 +  </SimpleTypeEnforcement>
    4.15 +  <ChineseWall>
    4.16 +    <ChineseWallTypes>
    4.17 +      <Type>SystemManagement</Type>
    4.18 +    </ChineseWallTypes>
    4.19 +  </ChineseWall>
    4.20 +  <SecurityLabelTemplate>
    4.21 +    <SubjectLabels bootstrap="SystemManagement">
    4.22 +      <VirtualMachineLabel>
    4.23 +        <Name>SystemManagement</Name>
    4.24 +        <SimpleTypeEnforcementTypes>
    4.25 +          <Type>SystemManagement</Type>
    4.26 +        </SimpleTypeEnforcementTypes>
    4.27 +        <ChineseWallTypes>
    4.28 +          <Type/>
    4.29 +        </ChineseWallTypes>
    4.30 +      </VirtualMachineLabel>
    4.31 +    </SubjectLabels>
    4.32 +  </SecurityLabelTemplate>
    4.33 +</SecurityPolicyDefinition>
     5.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     5.2 +++ b/tools/security/policies/default-ul-security_policy.xml	Mon Aug 06 10:12:34 2007 +0100
     5.3 @@ -0,0 +1,41 @@
     5.4 +<?xml version="1.0" ?>
     5.5 +<SecurityPolicyDefinition xmlns="http://www.ibm.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.ibm.com ../../security_policy.xsd">
     5.6 +  <PolicyHeader>
     5.7 +    <PolicyName>DEFAULT-UL</PolicyName>
     5.8 +    <Version>1.0</Version>
     5.9 +  </PolicyHeader>
    5.10 +  <SimpleTypeEnforcement>
    5.11 +    <SimpleTypeEnforcementTypes>
    5.12 +      <Type>SystemManagement</Type>
    5.13 +      <Type>__UNLABELED__</Type>
    5.14 +    </SimpleTypeEnforcementTypes>
    5.15 +  </SimpleTypeEnforcement>
    5.16 +  <ChineseWall>
    5.17 +    <ChineseWallTypes>
    5.18 +      <Type>SystemManagement</Type>
    5.19 +    </ChineseWallTypes>
    5.20 +  </ChineseWall>
    5.21 +  <SecurityLabelTemplate>
    5.22 +    <SubjectLabels bootstrap="SystemManagement">
    5.23 +      <VirtualMachineLabel>
    5.24 +        <Name>SystemManagement</Name>
    5.25 +        <SimpleTypeEnforcementTypes>
    5.26 +          <Type>SystemManagement</Type>
    5.27 +          <Type>__UNLABELED__</Type>
    5.28 +        </SimpleTypeEnforcementTypes>
    5.29 +        <ChineseWallTypes>
    5.30 +          <Type/>
    5.31 +        </ChineseWallTypes>
    5.32 +      </VirtualMachineLabel>
    5.33 +      <VirtualMachineLabel>
    5.34 +        <Name>__UNLABELED__</Name>
    5.35 +        <SimpleTypeEnforcementTypes>
    5.36 +          <Type>__UNLABELED__</Type>
    5.37 +        </SimpleTypeEnforcementTypes>
    5.38 +        <ChineseWallTypes>
    5.39 +          <Type/>
    5.40 +        </ChineseWallTypes>
    5.41 +      </VirtualMachineLabel>
    5.42 +    </SubjectLabels>
    5.43 +  </SecurityLabelTemplate>
    5.44 +</SecurityPolicyDefinition>