1 /*
2 * Copyright (C) 2009 Citrix Ltd.
3 * Author Vincent Hanquez <vincent.hanquez@eu.citrix.com>
4 * Author Stefano Stabellini <stefano.stabellini@eu.citrix.com>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU Lesser General Public License as published
8 * by the Free Software Foundation; version 2.1 only. with the special
9 * exception on linking described in file LICENSE.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Lesser General Public License for more details.
15 */
16
17 #ifndef LIBXL_INTERNAL_H
18 #define LIBXL_INTERNAL_H
19
20 #include "libxl_osdeps.h" /* must come before any other headers */
21
22 #include "xentoolcore_internal.h"
23
24 #include "libxl_sr_stream_format.h"
25
26 #include <assert.h>
27 #include <dirent.h>
28 #include <errno.h>
29 #include <fcntl.h>
30 #include <inttypes.h>
31 #include <pthread.h>
32 #include <signal.h>
33 #include <stdarg.h>
34 #include <stddef.h>
35 #include <stdint.h>
36 #include <stdio.h>
37 #include <stdlib.h>
38 #include <string.h>
39 #include <unistd.h>
40 #include <ctype.h>
41
42 #include <sys/mman.h>
43 #include <poll.h>
44 #include <sys/select.h>
45 #include <sys/stat.h>
46 #include <sys/time.h>
47 #include <sys/types.h>
48 #include <sys/wait.h>
49 #include <sys/socket.h>
50 #include <sys/un.h>
51 #include <sys/file.h>
52 #include <sys/ioctl.h>
53
54 #include <xenevtchn.h>
55 #include <xenstore.h>
56 #define XC_WANT_COMPAT_MAP_FOREIGN_API
57 #include <xenctrl.h>
58 #include <xenguest.h>
59 #include <xenhypfs.h>
60 #include <xc_dom.h>
61
62 #include <xen-tools/libs.h>
63
64 #include "xentoollog.h"
65
66 #include <xen/io/xenbus.h>
67
68 #ifdef LIBXL_H
69 # error libxl.h should be included via libxl_internal.h, not separately
70 #endif
71 #if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 3)
72 # define LIBXL_EXTERNAL_CALLERS_ONLY \
73 __attribute__((warning("may not be called from within libxl")))
74 #endif
75
76 #include "libxl.h"
77 #include "_paths.h"
78 #include "_libxl_save_msgs_callout.h"
79
80 #if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1)
81 #define _hidden __attribute__((visibility("hidden")))
82 #define _protected __attribute__((visibility("protected")))
83 #else
84 #define _hidden
85 #define _protected
86 #endif
87
88 #include "flexarray.h"
89 #include "libxl_utils.h"
90
91 #include "libxl_json.h"
92
93 #include "_libxl_types_internal.h"
94 #include "_libxl_types_internal_json.h"
95
96 #define LIBXL_INIT_TIMEOUT 10
97 #define LIBXL_DESTROY_TIMEOUT 10
98 #define LIBXL_HOTPLUG_TIMEOUT 40
99 /* QEMU may be slow to load and start due to a bug in Linux where the I/O
100 * subsystem sometime produce high latency under load. */
101 #define LIBXL_DEVICE_MODEL_START_TIMEOUT 60
102 #define LIBXL_DEVICE_MODEL_SAVE_FILE XEN_LIB_DIR "/qemu-save" /* .$domid */
103 #define LIBXL_DEVICE_MODEL_RESTORE_FILE XEN_LIB_DIR "/qemu-resume" /* .$domid */
104 #define LIBXL_QMP_CMD_TIMEOUT 10
105 #define LIBXL_STUBDOM_START_TIMEOUT 30
106 #define LIBXL_QEMU_BODGE_TIMEOUT 2
107 #define LIBXL_XENCONSOLE_LIMIT 1048576
108 #define LIBXL_XENCONSOLE_PROTOCOL "vt100"
109 #define LIBXL_MAXMEM_CONSTANT 1024
110 #define LIBXL_PV_EXTRA_MEMORY 1024
111 #define LIBXL_HVM_EXTRA_MEMORY 2048
112 #define LIBXL_MIN_DOM0_MEM (128*1024)
113 #define LIBXL_INVALID_GFN (~(uint64_t)0)
114 #define LIBXL_VGA_HOLE_SIZE 0x20
115 /* use 0 as the domid of the toolstack domain for now */
116 #define LIBXL_TOOLSTACK_DOMID 0
117 #define QEMU_SIGNATURE "DeviceModelRecord0002"
118 #define STUBDOM_CONSOLE_LOGGING 0
119 #define STUBDOM_CONSOLE_SAVE 1
120 #define STUBDOM_CONSOLE_RESTORE 2
121 #define STUBDOM_CONSOLE_SERIAL 3
122 #define STUBDOM_SPECIAL_CONSOLES 3
123 #define LIBXL_LINUX_STUBDOM_MEM 128
124 #define TAP_DEVICE_SUFFIX "-emu"
125 #define DOMID_XS_PATH "domid"
126 #define PVSHIM_BASENAME "xen-shim"
127 #define PVSHIM_CMDLINE "pv-shim console=xen,pv"
128
129 /* Size macros. */
130 #define __AC(X,Y) (X##Y)
131 #define _AC(X,Y) __AC(X,Y)
132 #define MB(_mb) (_AC(_mb, ULL) << 20)
133 #define GB(_gb) (_AC(_gb, ULL) << 30)
134
135 #define ROUNDUP(_val, _order) \
136 (((unsigned long)(_val)+(1UL<<(_order))-1) & ~((1UL<<(_order))-1))
137
138 #define DIV_ROUNDUP(n, d) (((n) + (d) - 1) / (d))
139
140 #define MASK_EXTR(v, m) (((v) & (m)) / ((m) & -(m)))
141 #define MASK_INSR(v, m) (((v) * ((m) & -(m))) & (m))
142
143 #define LIBXL__LOGGING_ENABLED
144
145 #ifdef LIBXL__LOGGING_ENABLED
146 #define LIBXL__LOG(ctx, loglevel, _f, _a...) libxl__log(ctx, loglevel, -1, __FILE__, __LINE__, __func__, INVALID_DOMID, _f, ##_a)
147 #define LIBXL__LOG_ERRNO(ctx, loglevel, _f, _a...) libxl__log(ctx, loglevel, errno, __FILE__, __LINE__, __func__, INVALID_DOMID, _f, ##_a)
148 #define LIBXL__LOG_ERRNOVAL(ctx, loglevel, errnoval, _f, _a...) libxl__log(ctx, loglevel, errnoval, __FILE__, __LINE__, __func__, INVALID_DOMID, _f, ##_a)
149
150 /* Same log functions as above, but with _d being a domain id. */
151 #define LIBXL__LOGD(ctx, loglevel, _d, _f, _a...) libxl__log(ctx, loglevel, -1, __FILE__, __LINE__, __func__, _d, _f, ##_a)
152 #define LIBXL__LOGD_ERRNO(ctx, loglevel, _d, _f, _a...) libxl__log(ctx, loglevel, errno, __FILE__, __LINE__, __func__, _d, _f, ##_a)
153 #define LIBXL__LOGD_ERRNOVAL(ctx, loglevel, errnoval, _d, _f, _a...) libxl__log(ctx, loglevel, errnoval, __FILE__, __LINE__, __func__, _d, _f, ##_a)
154 #else
155 #define LIBXL__LOG(ctx, loglevel, _f, _a...)
156 #define LIBXL__LOG_ERRNO(ctx, loglevel, _f, _a...)
157 #define LIBXL__LOG_ERRNOVAL(ctx, loglevel, errnoval, _f, _a...)
158
159 #define LIBXLD__LOG(ctx, loglevel, _d, _f, _a...)
160 #define LIBXLD__LOG_ERRNO(ctx, loglevel, _d, _f, _a...)
161 #define LIBXLD__LOG_ERRNOVAL(ctx, loglevel, errnoval, _d, _f, _a...)
162 #endif
163 /* all of these macros preserve errno (saving and restoring) */
164
165 /*
166 * A macro to help retain the first failure in "do as much as you can"
167 * situations. Note the hard-coded use of the variable name `rc`.
168 */
169 #define ACCUMULATE_RC(rc_acc) ((rc_acc) = (rc_acc) ?: rc)
170
171 /* Convert pfn to physical address space. */
172 #define pfn_to_paddr(x) ((uint64_t)(x) << XC_PAGE_SHIFT)
173
174 /* logging */
175 _hidden void libxl__logv(libxl_ctx *ctx, xentoollog_level msglevel, int errnoval,
176 const char *file /* may be 0 */, int line /* ignored if !file */,
177 const char *func /* may be 0 */,
178 uint32_t domid /* may be INVALID_DOMID */,
179 const char *fmt, va_list al)
180 __attribute__((format(printf,8,0)));
181
182 _hidden void libxl__log(libxl_ctx *ctx, xentoollog_level msglevel, int errnoval,
183 const char *file /* may be 0 */, int line /* ignored if !file */,
184 const char *func /* may be 0 */,
185 uint32_t domid /* may be INVALID_DOMID */,
186 const char *fmt, ...)
187 __attribute__((format(printf,8,9)));
188
189 /* these functions preserve errno (saving and restoring) */
190
191 typedef struct libxl__gc libxl__gc;
192 typedef struct libxl__egc libxl__egc;
193 typedef struct libxl__ao libxl__ao;
194 typedef struct libxl__aop_occurred libxl__aop_occurred;
195 typedef struct libxl__osevent_hook_nexus libxl__osevent_hook_nexus;
196 typedef struct libxl__osevent_hook_nexi libxl__osevent_hook_nexi;
197 typedef struct libxl__device_type libxl__device_type;
198 typedef struct libxl__json_object libxl__json_object;
199 typedef struct libxl__carefd libxl__carefd;
200 typedef struct libxl__ev_slowlock libxl__ev_slowlock;
201 typedef struct libxl__dm_resume_state libxl__dm_resume_state;
202 typedef struct libxl__ao_device libxl__ao_device;
203 typedef struct libxl__multidev libxl__multidev;
204 typedef struct libxl__ev_immediate libxl__ev_immediate;
205
206 typedef struct libxl__domain_create_state libxl__domain_create_state;
207 typedef void libxl__domain_create_cb(struct libxl__egc *egc,
208 libxl__domain_create_state *dcs,
209 int rc, uint32_t domid);
210
211 typedef struct libxl__colo_device_nic libxl__colo_device_nic;
212 typedef struct libxl__colo_qdisk libxl__colo_qdisk;
213 typedef struct libxl__colo_proxy_state libxl__colo_proxy_state;
214 typedef struct libxl__colo_save_state libxl__colo_save_state;
215 typedef struct libxl__colo_restore_state libxl__colo_restore_state;
216
217 _hidden void libxl__alloc_failed(libxl_ctx *, const char *func,
218 size_t nmemb, size_t size) __attribute__((noreturn));
219 /* func, size and nmemb are used only in the log message.
220 * You may pass size==0 if size and nmemb are not meaningful
221 * and should not be printed. */
222
223 typedef struct libxl__ev_fd libxl__ev_fd;
224 typedef void libxl__ev_fd_callback(libxl__egc *egc, libxl__ev_fd *ev,
225 int fd, short events, short revents);
226 /* Note that revents may contain POLLERR or POLLHUP regardless of
227 * events; otherwise revents contains only bits in events. Contrary
228 * to the documentation for poll(2), POLLERR and POLLHUP can occur
229 * even if only POLLIN was set in events. (POLLNVAL is a fatal
230 * error and will cause libxl event machinery to fail an assertion.)
231 *
232 * It is not permitted to listen for the same or overlapping events
233 * on the same fd using multiple different libxl__ev_fd's.
234 *
235 * Note that (depending on the underlying event loop implementation)
236 * it is possible that a the fd callback system is `level triggered'
237 * or `event triggered'. That is, the callback may be called only
238 * once for each transition from not ready to ready. So the
239 * callback must generally contain a loop which exhausts the fd,
240 * rather than relying on being called again if the fd is still
241 * ready.
242 *
243 * (Spurious wakeups, and spurious bits set in revents, are
244 * suppressed by the libxl event core.)
245 */
246 struct libxl__ev_fd {
247 /* caller should include this in their own struct */
248 /* read-only for caller, who may read only when registered: */
249 int fd;
250 short events;
251 libxl__ev_fd_callback *func;
252 /* remainder is private for libxl__ev_fd... */
253 LIBXL_LIST_ENTRY(libxl__ev_fd) entry;
254 libxl__osevent_hook_nexus *nexus;
255 };
256
257
258 typedef struct libxl__ao_abortable libxl__ao_abortable;
259 typedef void libxl__ao_abortable_callback(libxl__egc *egc,
260 libxl__ao_abortable *ao_abortable, int rc /* ABORTED */);
261
262 struct libxl__ao_abortable {
263 /* caller must fill this in and it must remain valid */
264 libxl__ao *ao;
265 libxl__ao_abortable_callback *callback;
266 /* remainder is private for abort machinery */
267 bool registered;
268 LIBXL_LIST_ENTRY(libxl__ao_abortable) entry;
269 /*
270 * For nested aos:
271 * Semantically, abort affects the whole tree of aos,
272 * not just the parent.
273 * libxl__ao_abortable.ao refers to the child, so
274 * that the child callback sees the right ao. (After all,
275 * it was code dealing with the child that set .ao.)
276 * But, the abortable is recorded on the "abortables" list
277 * for the ultimate root ao, so that every possible child
278 * abort occurs as a result of the abort of the parent.
279 * We set ao->aborting only in the root.
280 */
281 };
282
283 _hidden int libxl__ao_abortable_register(libxl__ao_abortable*);
284 _hidden void libxl__ao_abortable_deregister(libxl__ao_abortable*);
285
libxl__ao_abortable_init(libxl__ao_abortable * c)286 static inline void libxl__ao_abortable_init
287 (libxl__ao_abortable *c) { c->registered = 0; }
libxl__ao_abortable_isregistered(const libxl__ao_abortable * c)288 static inline bool libxl__ao_abortable_isregistered
289 (const libxl__ao_abortable *c) { return c->registered; }
290
291 int libxl__ao_aborting(libxl__ao *ao); /* -> 0 or ERROR_ABORTED */
292
293
294 typedef struct libxl__ev_time libxl__ev_time;
295 typedef void libxl__ev_time_callback(libxl__egc *egc, libxl__ev_time *ev,
296 const struct timeval *requested_abs,
297 int rc); /* TIMEDOUT or ABORTED */
298 struct libxl__ev_time {
299 /* caller should include this in their own struct */
300 /* read-only for caller, who may read only when registered: */
301 libxl__ev_time_callback *func;
302 /* remainder is private for libxl__ev_time... */
303 int infinite; /* not registered in list or with app if infinite */
304 LIBXL_TAILQ_ENTRY(libxl__ev_time) entry;
305 struct timeval abs;
306 libxl__osevent_hook_nexus *nexus;
307 libxl__ao_abortable abrt;
308 };
309
310 typedef struct libxl__ev_xswatch libxl__ev_xswatch;
311 typedef void libxl__ev_xswatch_callback(libxl__egc *egc, libxl__ev_xswatch*,
312 const char *watch_path, const char *event_path);
313 struct libxl__ev_xswatch {
314 /* caller should include this in their own struct */
315 /* read-only for caller, who may read only when registered: */
316 char *path;
317 libxl__ev_xswatch_callback *callback;
318 /* remainder is private for libxl__ev_xswatch... */
319 int slotnum; /* registered iff slotnum >= 0 */
320 uint32_t counterval;
321 };
322
323 typedef struct libxl__ev_evtchn libxl__ev_evtchn;
324 typedef void libxl__ev_evtchn_callback(libxl__egc *egc, libxl__ev_evtchn*);
325 struct libxl__ev_evtchn {
326 /* caller must fill these in, and they must all remain valid */
327 libxl__ev_evtchn_callback *callback;
328 int port;
329 /* remainder is private for libxl__ev_evtchn_... */
330 bool waiting;
331 LIBXL_LIST_ENTRY(libxl__ev_evtchn) entry;
332 };
333
334 /*
335 * An entry in the watch_slots table is either:
336 * 1. an entry in the free list, ie NULL or pointer to next free list entry
337 * 2. an pointer to a libxl__ev_xswatch
338 *
339 * But we don't want to use unions or type-punning because the
340 * compiler might "prove" that our code is wrong and misoptimise it.
341 *
342 * The rules say that all struct pointers have identical
343 * representation and alignment requirements (C99+TC1+TC2 6.2.5p26) so
344 * what we do is simply declare our array as containing only the free
345 * list pointers, and explicitly convert from and to our actual
346 * xswatch pointers when we store and retrieve them.
347 */
348 typedef struct libxl__ev_watch_slot {
349 LIBXL_SLIST_ENTRY(struct libxl__ev_watch_slot) empty;
350 } libxl__ev_watch_slot;
351
352 _hidden libxl__ev_xswatch *libxl__watch_slot_contents(libxl__gc *gc,
353 int slotnum);
354
355
356 typedef struct libxl__ev_child libxl__ev_child;
357 typedef void libxl__ev_child_callback(libxl__egc *egc, libxl__ev_child*,
358 pid_t pid, int status);
359 struct libxl__ev_child {
360 /* caller should include this in their own struct */
361 /* read-only for caller: */
362 pid_t pid; /* -1 means unused ("unregistered", ie Idle) */
363 libxl__ev_child_callback *callback;
364 /* remainder is private for libxl__ev_... */
365 LIBXL_LIST_ENTRY(struct libxl__ev_child) entry;
366 };
367
368 /* libxl__ev_immediate
369 *
370 * Allow to call a non-reentrant callback.
371 *
372 * `callback' will be called immediately as a new event.
373 */
374 struct libxl__ev_immediate {
375 /* filled by user */
376 void (*callback)(libxl__egc *, libxl__ev_immediate *);
377 /* private to libxl__ev_immediate */
378 LIBXL_STAILQ_ENTRY(libxl__ev_immediate) entry;
379 };
380 void libxl__ev_immediate_register(libxl__egc *, libxl__ev_immediate *);
381
382 /*
383 * Lock for device hotplug, qmp_lock.
384 *
385 * libxl__ev_slowlock implement a lock that is outside of CTX_LOCK in the
386 * lock hierarchy. It can be used when one want to make QMP calls to QEMU,
387 * which may take a significant amount time.
388 * It is to be acquired by an ao event callback.
389 *
390 * If libxl__ev_devlock is needed, it should be acquired while every
391 * libxl__ev_qmp are Idle for the current domain.
392 *
393 * It is to be acquired when adding/removing devices or making changes
394 * to them when this is a slow operation and json_lock isn't appropriate.
395 *
396 * Possible states of libxl__ev_slowlock:
397 * Undefined
398 * Might contain anything.
399 * Idle
400 * Struct contents are defined enough to pass to any
401 * libxl__ev_slowlock_* function.
402 * The struct does not contain references to any allocated private
403 * resources so can be thrown away.
404 * Active
405 * Waiting to get a lock.
406 * Needs to wait until the callback is called.
407 * LockAcquired
408 * libxl__ev_slowlock_unlock will need to be called to release the lock
409 * and the resources of libxl__ev_slowlock.
410 *
411 * libxl__ev_*lock_init: Undefined/Idle -> Idle
412 * libxl__ev_slowlock_lock: Idle -> Active
413 * May call callback synchronously.
414 * libxl__ev_slowlock_unlock: LockAcquired/Idle -> Idle
415 * libxl__ev_slowlock_dispose: Idle/Active/LockAcquired -> Idle
416 * The callback will not be called anymore.
417 * callback: When called: Active -> LockAcquired (on error: Idle)
418 * The callback is only called once.
419 */
420 struct libxl__ev_slowlock {
421 /* filled by user */
422 libxl__ao *ao;
423 libxl_domid domid;
424 void (*callback)(libxl__egc *, libxl__ev_slowlock *, int rc);
425 /* private to libxl__ev_slowlock* */
426 libxl__ev_child child;
427 const char *userdata_userid;
428 char *path; /* path of the lock file itself */
429 int fd;
430 bool held;
431 };
432 _hidden void libxl__ev_devlock_init(libxl__ev_slowlock *);
433 _hidden void libxl__ev_qmplock_init(libxl__ev_slowlock *);
434 _hidden void libxl__ev_slowlock_lock(libxl__egc *, libxl__ev_slowlock *);
435 _hidden void libxl__ev_slowlock_unlock(libxl__gc *, libxl__ev_slowlock *);
436 _hidden void libxl__ev_slowlock_dispose(libxl__gc *, libxl__ev_slowlock *);
437
438 /*
439 * QMP asynchronous calls
440 *
441 * This facility allows a command to be sent to QEMU, and the response
442 * to be handed to a callback function.
443 *
444 * Commands can be submited one after an other with the same
445 * connection (e.g. the result from the "add-fd" command need to be
446 * use in a follow-up command before disconnecting from QMP). A
447 * libxl__ev_qmp can be reused when the callback is been called in
448 * order to use the same connection.
449 *
450 * Only one connection at a time can be made to one QEMU, so avoid
451 * keeping a libxl__ev_qmp Connected for to long and call
452 * libxl__ev_qmp_dispose as soon as it is not needed anymore.
453 *
454 * Possible states of a libxl__ev_qmp:
455 * Undefined
456 * Might contain anything.
457 * Idle
458 * Struct contents are defined enough to pass to any
459 * libxl__ev_qmp_* function.
460 * The struct does not contain references to any allocated private
461 * resources so can be thrown away.
462 * Active
463 * Currently waiting for the callback to be called.
464 * _dispose must be called to reclaim resources.
465 * Connected
466 * Struct contain allocated ressources.
467 * Calling _send() with this same ev will use the same QMP connection.
468 * _dispose() must be called to reclaim resources.
469 *
470 * libxl__ev_qmp_init: Undefined/Idle -> Idle
471 *
472 * libxl__ev_qmp_send: Idle/Connected -> Active (on error: Idle)
473 * Sends a command to QEMU.
474 * callback will be called when a response is received or when an
475 * error as occured.
476 * callback isn't called synchronously.
477 *
478 * libxl__ev_qmp_dispose: Connected/Active/Idle -> Idle
479 *
480 * callback: When called: Active -> Connected (on error: Idle/Connected)
481 * When called, ev is Connected and can be reused or disposed of.
482 * On error, the callback is called with response == NULL and the
483 * error code in rc. The new state of ev depending on the value of rc:
484 * - rc == ERROR_QMP_*: This is an error associated with the cmd to
485 * run, ev is Connected.
486 * - otherwise: An other error happend, ev is now Idle.
487 * The callback is only called once.
488 */
489 typedef struct libxl__ev_qmp libxl__ev_qmp;
490 typedef void libxl__ev_qmp_callback(libxl__egc *egc, libxl__ev_qmp *ev,
491 const libxl__json_object *response,
492 int rc);
493
494 _hidden void libxl__ev_qmp_init(libxl__ev_qmp *ev);
495 _hidden int libxl__ev_qmp_send(libxl__egc *egc, libxl__ev_qmp *ev,
496 const char *cmd, libxl__json_object *args);
497 _hidden void libxl__ev_qmp_dispose(libxl__gc *gc, libxl__ev_qmp *ev);
498
499 typedef enum {
500 /* initial state */
501 qmp_state_disconnected = 1,
502 /* waiting for lock */
503 qmp_state_waiting_lock,
504 /* connected to QMP socket, waiting for greeting message */
505 qmp_state_connecting,
506 /* qmp_capabilities command sent, waiting for reply */
507 qmp_state_capability_negotiation,
508 /* sending user's cmd and waiting for reply */
509 qmp_state_waiting_reply,
510 /* ready to send commands */
511 qmp_state_connected,
512 } libxl__qmp_state;
513
514 struct libxl__ev_qmp {
515 /* caller should include this in their own struct */
516 /* caller must fill these in, and they must all remain valid */
517 libxl__ao *ao;
518 libxl_domid domid;
519 libxl__ev_qmp_callback *callback;
520 int payload_fd; /* set to send a fd with the command, -1 otherwise */
521
522 /* read-only when Connected
523 * and not to be accessed by the caller otherwise */
524 struct {
525 int major;
526 int minor;
527 int micro;
528 } qemu_version;
529
530 /*
531 * remaining fields are private to libxl_ev_qmp_*
532 */
533
534 libxl__carefd *cfd;
535 libxl__ev_fd efd;
536 libxl__qmp_state state;
537 libxl__ev_slowlock lock;
538 libxl__ev_immediate ei;
539 int rc;
540 int id;
541 int next_id; /* next id to use */
542 /* receive buffer */
543 char *rx_buf;
544 size_t rx_buf_size; /* current allocated size */
545 size_t rx_buf_used; /* actual data in the buffer */
546 /* sending buffer */
547 char *tx_buf;
548 size_t tx_buf_len; /* tx_buf size */
549 size_t tx_buf_off; /* already sent */
550 /* The message to send when ready */
551 char *msg;
552 int msg_id;
553 };
554
555 /* QMP parameters helpers */
556
557 _hidden void libxl__qmp_param_add_string(libxl__gc *gc,
558 libxl__json_object **param,
559 const char *name, const char *s);
560 _hidden void libxl__qmp_param_add_bool(libxl__gc *gc,
561 libxl__json_object **param,
562 const char *name, bool b);
563 _hidden void libxl__qmp_param_add_integer(libxl__gc *gc,
564 libxl__json_object **param,
565 const char *name, const int i);
566 #define QMP_PARAMETERS_SPRINTF(args, name, format, ...) \
567 libxl__qmp_param_add_string(gc, args, name, \
568 GCSPRINTF(format, __VA_ARGS__))
569
570
571 /*
572 * evgen structures, which are the state we use for generating
573 * events for the caller.
574 *
575 * In general in each case there's an internal and an external
576 * version of the _evdisable_FOO function; the internal one is
577 * used during cleanup.
578 */
579 struct libxl__evgen_domain_death {
580 uint32_t domid;
581 unsigned shutdown_reported:1, death_reported:1;
582 LIBXL_TAILQ_ENTRY(libxl_evgen_domain_death) entry;
583 /* on list .death_reported ? CTX->death_list : CTX->death_reported */
584 libxl_ev_user user;
585 };
586 _hidden void
587 libxl__evdisable_domain_death(libxl__gc*, libxl_evgen_domain_death*);
588
589 struct libxl__evgen_disk_eject {
590 libxl__ev_xswatch watch;
591 uint32_t domid;
592 LIBXL_LIST_ENTRY(libxl_evgen_disk_eject) entry;
593 libxl_ev_user user;
594 char *vdev, *be_ptr_path;
595 };
596 _hidden void
597 libxl__evdisable_disk_eject(libxl__gc*, libxl_evgen_disk_eject*);
598
599 typedef struct libxl__poller libxl__poller;
600 struct libxl__poller {
601 /*
602 * These are used to allow other threads to wake up a thread which
603 * may be stuck in poll, because whatever it was waiting for
604 * hadn't happened yet. Threads which generate events will write
605 * a byte to each pipe. A thread which is waiting will empty its
606 * own pipe, and put its poller on the pollers_event list, before
607 * releasing the ctx lock and going into poll; when it comes out
608 * of poll it will take the poller off the pollers_event list.
609 *
610 * A thread which is waiting for completion of a synchronous ao
611 * will allocate a poller and record it in the ao, so that other
612 * threads can wake it up.
613 *
614 * When a thread is done with a poller it should put it onto
615 * pollers_idle, where it can be reused later.
616 *
617 * The "poller_app" is never idle, but is sometimes on
618 * pollers_event.
619 */
620 LIBXL_LIST_ENTRY(libxl__poller) entry;
621
622 struct pollfd *fd_polls;
623 int fd_polls_allocd;
624
625 int fd_rindices_allocd;
626 int (*fd_rindices)[3]; /* see libxl_event.c:beforepoll_internal */
627
628 int wakeup_pipe[2]; /* 0 means no fd allocated */
629 bool pipe_nonempty;
630
631 /*
632 * We also use the poller to record whether any fds have been
633 * deregistered since we entered poll. Each poller which is not
634 * idle is on the list pollers_active. fds_deregistered is
635 * cleared by beforepoll, and tested by afterpoll. Whenever an fd
636 * event is deregistered, we set the fds_deregistered of all non-idle
637 * pollers. So afterpoll can tell whether any POLLNVAL is
638 * plausibly due to an fd being closed and reopened.
639 *
640 * Additionally, we record whether any fd or time event sources
641 * have been registered. This is necessary because sometimes we
642 * need to wake up the only libxl thread stuck in
643 * eventloop_iteration so that it will pick up new fds or earlier
644 * timeouts. osevents_added is cleared by beforepoll, and set by
645 * fd or timeout event registration. When we are about to leave
646 * libxl (strictly, when we are about to give up an egc), we check
647 * whether there are any pollers. If there are, then at least one
648 * of them must have osevents_added clear. If not, we wake up the
649 * first one on the list. Any entry on pollers_active constitutes
650 * a promise to also make this check, so the baton will never be
651 * dropped.
652 */
653 LIBXL_LIST_ENTRY(libxl__poller) active_entry;
654 bool fds_deregistered;
655 bool osevents_added;
656 };
657
658 struct libxl__gc {
659 /* mini-GC */
660 int alloc_maxsize; /* -1 means this is the dummy non-gc gc */
661 void **alloc_ptrs;
662 libxl_ctx *owner;
663 };
664
665 struct libxl__ctx {
666 xentoollog_logger *lg;
667 xc_interface *xch;
668 struct xs_handle *xsh;
669 libxl__gc nogc_gc;
670
671 const libxl_event_hooks *event_hooks;
672 void *event_hooks_user;
673
674 pthread_mutex_t lock; /* protects data structures hanging off the ctx */
675 /* Always use libxl__ctx_lock and _unlock (or the convenience
676 * macors CTX_LOCK and CTX_UNLOCK) to manipulate this.
677 *
678 * You may acquire this mutex recursively if it is convenient to
679 * do so. You may not acquire this lock at the same time as any
680 * other lock. If you need to call application code outside
681 * libxl (ie, a callback) with this lock held then it is
682 * necessaray to impose restrictions on the caller to maintain a
683 * proper lock hierarchy, and these restrictions must then be
684 * documented in the libxl public interface.
685 */
686
687 LIBXL_TAILQ_HEAD(libxl__event_list, libxl_event) occurred;
688
689 int osevent_in_hook;
690 const libxl_osevent_hooks *osevent_hooks;
691 void *osevent_user;
692 /* See the comment for OSEVENT_HOOK_INTERN in libxl_event.c
693 * for restrictions on the use of the osevent fields. */
694
695 libxl__poller *poller_app; /* libxl_osevent_beforepoll and _afterpoll */
696 LIBXL_LIST_HEAD(, libxl__poller) pollers_event, pollers_idle;
697 LIBXL_LIST_HEAD(, libxl__poller) pollers_active;
698
699 LIBXL_SLIST_HEAD(libxl__osevent_hook_nexi, libxl__osevent_hook_nexus)
700 hook_fd_nexi_idle, hook_timeout_nexi_idle;
701 LIBXL_LIST_HEAD(, libxl__ev_fd) efds;
702 LIBXL_TAILQ_HEAD(, libxl__ev_time) etimes;
703
704 libxl__ev_watch_slot *watch_slots;
705 int watch_nslots, nwatches;
706 LIBXL_SLIST_HEAD(, libxl__ev_watch_slot) watch_freeslots;
707 uint32_t watch_counter; /* helps disambiguate slot reuse */
708 libxl__ev_fd watch_efd;
709
710 xenevtchn_handle *xce; /* waiting must be done only with libxl__ev_evtchn* */
711 LIBXL_LIST_HEAD(, libxl__ev_evtchn) evtchns_waiting;
712 libxl__ev_fd evtchn_efd;
713
714 LIBXL_LIST_HEAD(, libxl__ao) aos_inprogress;
715
716 LIBXL_TAILQ_HEAD(libxl__evgen_domain_death_list, libxl_evgen_domain_death)
717 death_list /* sorted by domid */,
718 death_reported;
719 libxl__ev_xswatch death_watch;
720
721 LIBXL_LIST_HEAD(, libxl_evgen_disk_eject) disk_eject_evgens;
722
723 const libxl_childproc_hooks *childproc_hooks;
724 void *childproc_user;
725 int sigchld_selfpipe[2]; /* [0]==-1 means handler not installed */
726 libxl__ev_fd sigchld_selfpipe_efd;
727 LIBXL_LIST_HEAD(, libxl__ev_child) children;
728 bool sigchld_user_registered;
729 LIBXL_LIST_ENTRY(libxl_ctx) sigchld_users_entry;
730
731 libxl_version_info version_info;
732
733 bool libxl_domain_need_memory_0x041200_called,
734 libxl_domain_need_memory_called;
735 };
736
737 /*
738 * libxl__device is a transparent structure that doesn't contain private fields
739 * or external memory references, and as such can be copied by assignment.
740 */
741 typedef struct {
742 uint32_t backend_devid;
743 uint32_t backend_domid;
744 uint32_t devid;
745 uint32_t domid;
746 libxl__device_kind backend_kind;
747 libxl__device_kind kind;
748 } libxl__device;
749
750 /* Used to know if backend of given device is QEMU */
751 #define QEMU_BACKEND(dev) (\
752 (dev)->backend_kind == LIBXL__DEVICE_KIND_QDISK || \
753 (dev)->backend_kind == LIBXL__DEVICE_KIND_VFB || \
754 (dev)->backend_kind == LIBXL__DEVICE_KIND_QUSB || \
755 (dev)->backend_kind == LIBXL__DEVICE_KIND_9PFS || \
756 (dev)->backend_kind == LIBXL__DEVICE_KIND_VKBD)
757
758 #define XC_PCI_BDF "0x%x, 0x%x, 0x%x, 0x%x"
759 #define PCI_DEVFN(slot, func) ((((slot) & 0x1f) << 3) | ((func) & 0x07))
760 #define PCI_SLOT(devfn) (((devfn) >> 3) & 0x1f)
761 #define PCI_FUNC(devfn) ((devfn) & 0x07)
762 #define AUTO_PHP_SLOT 0x100
763
764 #define PROC_PCI_NUM_RESOURCES 7
765 #define PCI_BAR_IO 0x01
766
767 #define PRINTF_ATTRIBUTE(x, y) __attribute__((format(printf, x, y)))
768
769 struct libxl__egc {
770 /* For event-generating functions only.
771 * The egc and its gc may be accessed only on the creating thread. */
772 struct libxl__gc gc;
773 struct libxl__event_list occurred_for_callback;
774 LIBXL_TAILQ_HEAD(, libxl__ao) aos_for_callback;
775 LIBXL_TAILQ_HEAD(, libxl__aop_occurred) aops_for_callback;
776 LIBXL_STAILQ_HEAD(, libxl__ev_immediate) ev_immediates;
777 };
778
779 struct libxl__aop_occurred {
780 /*
781 * An aop belongs to, and may be accessed only on, the thread
782 * which created it. It normally lives in that thread's egc.
783 *
784 * While an aop exists, it corresponds to one refcount in
785 * ao->progress_reports_outstanding, preventing ao destruction.
786 */
787 LIBXL_TAILQ_ENTRY(libxl__aop_occurred) entry;
788 libxl__ao *ao;
789 libxl_event *ev;
790 const libxl_asyncprogress_how *how;
791 };
792
793 #define LIBXL__AO_MAGIC 0xA0FACE00ul
794 #define LIBXL__AO_MAGIC_DESTROYED 0xA0DEAD00ul
795
796 struct libxl__ao {
797 /*
798 * An ao and its gc may be accessed only with the ctx lock held.
799 *
800 * Special exception: If an ao has been added to
801 * egc->aos_for_callback, the thread owning the egc may remove the
802 * ao from that list and make the callback without holding the
803 * lock.
804 *
805 * Corresponding restriction: An ao may be added only to one
806 * egc->aos_for_callback, once; rc and how must already have been
807 * set and may not be subsequently modified. (This restriction is
808 * easily and obviously met since the ao is queued for callback
809 * only in libxl__ao_complete.)
810 */
811 uint32_t magic;
812 unsigned constructing:1, in_initiator:1, complete:1, notified:1,
813 aborting:1;
814 int manip_refcnt;
815 libxl__ao *nested_root;
816 int nested_progeny;
817 int progress_reports_outstanding;
818 int rc;
819 LIBXL_LIST_HEAD(, libxl__ao_abortable) abortables;
820 LIBXL_LIST_ENTRY(libxl__ao) inprogress_entry;
821 libxl__gc gc;
822 libxl_asyncop_how how;
823 libxl__poller *poller;
824 uint32_t domid;
825 LIBXL_TAILQ_ENTRY(libxl__ao) entry_for_callback;
826 int outstanding_killed_child;
827 };
828
829 #define LIBXL_INIT_GC(gc,ctx) do{ \
830 (gc).alloc_maxsize = 0; \
831 (gc).alloc_ptrs = 0; \
832 (gc).owner = (ctx); \
833 } while(0)
834 /* NB, also, a gc struct ctx->nogc_gc is initialised in libxl_ctx_alloc */
835
libxl__gc_owner(libxl__gc * gc)836 static inline libxl_ctx *libxl__gc_owner(libxl__gc *gc)
837 {
838 return gc->owner;
839 }
840
libxl__gc_is_real(const libxl__gc * gc)841 static inline int libxl__gc_is_real(const libxl__gc *gc)
842 {
843 return gc->alloc_maxsize >= 0;
844 }
845
846 /*
847 * Memory allocation tracking/helpers
848 *
849 * See comment "libxl memory management" in libxl.h for a description
850 * of the framework which these calls belong to.
851 *
852 * These functions deal with memory allocations of type (a) and (d) in
853 * that description.
854 *
855 * All pointers returned by these functions are registered for garbage
856 * collection on exit from the outermost libxl callframe.
857 *
858 * However, where the argument is stated to be "gc_opt", &ctx->nogc_gc
859 * may be passed instead, in which case no garbage collection will
860 * occur; the pointer must later be freed with free(). (Passing NULL
861 * for gc_opt is not permitted.) This is for memory allocations of
862 * types (b) and (c). The convenience macro NOGC should be used where
863 * possible.
864 *
865 * NOGC (and ctx->nogc_gc) may ONLY be used with functions which
866 * explicitly declare that it's OK. Use with nonconsenting functions
867 * may result in leaks of those functions' internal allocations on the
868 * psuedo-gc.
869 */
870 /* register ptr in gc for free on exit from outermost libxl callframe. */
871
872 #define NN(...) __attribute__((nonnull(__VA_ARGS__)))
873 #define NN1 __attribute__((nonnull(1)))
874 /* It used to be legal to pass NULL for gc_opt. Get the compiler to
875 * warn about this if any slip through. */
876
877 _hidden void libxl__ptr_add(libxl__gc *gc_opt, void *ptr /* may be NULL */) NN1;
878 /* if this is the outermost libxl callframe then free all pointers in @gc */
879 _hidden void libxl__free_all(libxl__gc *gc);
880 /* allocate @size bytes. (a gc'd malloc(3)) */
881 _hidden void *libxl__malloc(libxl__gc *gc_opt, size_t size) NN1;
882 /* allocate and zero @size. (similar to a gc'd malloc(3)+memzero()) */
883 _hidden void *libxl__zalloc(libxl__gc *gc_opt, size_t size) NN1;
884 /* allocate and zero memory for an array of @nmemb members of @size each.
885 * (similar to a gc'd calloc(3)). */
886 _hidden void *libxl__calloc(libxl__gc *gc_opt, size_t nmemb, size_t size) NN1;
887 /* change the size of the memory block pointed to by @ptr to @new_size bytes.
888 * unlike other allocation functions here any additional space between the
889 * oldsize and @new_size is not initialised (similar to a gc'd realloc(3)).
890 * if @ptr is non-NULL and @gc_opt is not nogc_gc then @ptr must have been
891 * registered with @gc_opt previously. */
892 _hidden void *libxl__realloc(libxl__gc *gc_opt, void *ptr, size_t new_size) NN1;
893 /* print @fmt into an allocated string large enoughto contain the result.
894 * (similar to gc'd asprintf(3)). */
895 _hidden char *libxl__sprintf(libxl__gc *gc_opt, const char *fmt, ...) PRINTF_ATTRIBUTE(2, 3) NN1;
896 _hidden char *libxl__vsprintf(libxl__gc *gc, const char *format, va_list ap) PRINTF_ATTRIBUTE(2, 0);
897 /* duplicate the string @c (similar to a gc'd strdup(3)). */
898 _hidden char *libxl__strdup(libxl__gc *gc_opt,
899 const char *c /* may be NULL */) NN1;
900 /* duplicate at most @n bytes of string @c (similar to a gc'd strndup(3)). */
901 _hidden char *libxl__strndup(libxl__gc *gc_opt,
902 const char *c /* may be NULL */,
903 size_t n) NN1;
904 /* strip the last path component from @s and return as a newly allocated
905 * string. (similar to a gc'd dirname(3)). */
906 _hidden char *libxl__dirname(libxl__gc *gc_opt, const char *s) NN1;
907
908 /* Make a pipe and set both ends nonblocking. On error, nothing
909 * is left open and both fds[]==-1, and a message is logged.
910 * Useful for self-pipes. */
911 _hidden int libxl__pipe_nonblock(libxl_ctx *ctx, int fds[2]);
912 /* Closes the pipe fd(s). Either or both of fds[] may be -1 meaning
913 * `not open'. Ignores any errors. Sets fds[] to -1. */
914 _hidden void libxl__pipe_close(int fds[2]);
915
916 /* Change the flags for the file description associated with fd to
917 * (flags & mask) | val.
918 * If r_oldflags != NULL then sets *r_oldflags to the original set of
919 * flags.
920 */
921 _hidden int libxl__fd_flags_modify_save(libxl__gc *gc, int fd,
922 int mask, int val, int *r_oldflags);
923 /* Restores the flags for the file description associated with fd to
924 * to the previous value (returned by libxl__fd_flags_modify_save)
925 */
926 _hidden int libxl__fd_flags_restore(libxl__gc *gc, int fd, int old_flags);
927
928 /* Each of these logs errors and returns a libxl error code.
929 * They do not mind if path is already removed.
930 * For _file, path must not be a directory; for _directory it must be. */
931 _hidden int libxl__remove_file(libxl__gc *gc, const char *path);
932 _hidden int libxl__remove_directory(libxl__gc *gc, const char *path);
933 _hidden int libxl__remove_file_or_directory(libxl__gc *gc, const char *path);
934
935
936 _hidden char **libxl__xs_kvs_of_flexarray(libxl__gc *gc, flexarray_t *array);
937
938 /* treats kvs as pairs of keys and values and writes each to dir. */
939 _hidden int libxl__xs_writev(libxl__gc *gc, xs_transaction_t t,
940 const char *dir, char **kvs);
941 /* as writev but also sets the permissions on each path */
942 _hidden int libxl__xs_writev_perms(libxl__gc *gc, xs_transaction_t t,
943 const char *dir, char *kvs[],
944 struct xs_permissions *perms,
945 unsigned int num_perms);
946 /* _atonce creates a transaction and writes all keys at once */
947 _hidden int libxl__xs_writev_atonce(libxl__gc *gc,
948 const char *dir, char **kvs);
949 /* Each fn returns 0 on success.
950 * On error: returns -1, sets errno (no logging) */
951
952 _hidden char *libxl__xs_get_dompath(libxl__gc *gc, uint32_t domid);
953 /* On error: logs, returns NULL, sets errno. */
954
955 _hidden char *libxl__xs_read(libxl__gc *gc, xs_transaction_t t,
956 const char *path);
957 _hidden char **libxl__xs_directory(libxl__gc *gc, xs_transaction_t t,
958 const char *path, unsigned int *nb);
959 /* On error: returns NULL, sets errno (no logging) */
960 _hidden char *libxl__xs_libxl_path(libxl__gc *gc, uint32_t domid);
961
962 _hidden int libxl__backendpath_parse_domid(libxl__gc *gc, const char *be_path,
963 libxl_domid *domid_out);
964
965 /*----- "checked" xenstore access functions -----*/
966 /* Each of these functions will check that it succeeded; if it
967 * fails it logs and returns ERROR_FAIL.
968 */
969
970 int libxl__xs_vprintf(libxl__gc *gc, xs_transaction_t t,
971 const char *path, const char *fmt, va_list ap) PRINTF_ATTRIBUTE(4, 0);
972 int libxl__xs_printf(libxl__gc *gc, xs_transaction_t t,
973 const char *path, const char *fmt, ...) PRINTF_ATTRIBUTE(4, 5);
974
975 /* On success, path will exist and will have an empty value */
976 int libxl__xs_mknod(libxl__gc *gc, xs_transaction_t t,
977 const char *path, struct xs_permissions *perms,
978 unsigned int num_perms);
979
980 /* On success, *result_out came from the gc.
981 * On error, *result_out is undefined.
982 * ENOENT is regarded as error.
983 */
984 int libxl__xs_read_mandatory(libxl__gc *gc, xs_transaction_t t,
985 const char *path, const char **result_out);
986
987 /* On success, *result_out came from the gc.
988 * On error, *result_out is undefined.
989 * ENOENT counts as success but sets *result_out=0
990 */
991 int libxl__xs_read_checked(libxl__gc *gc, xs_transaction_t t,
992 const char *path, const char **result_out);
993
994 /* Does not include a trailing null.
995 * May usefully be combined with GCSPRINTF if the format string
996 * behaviour of libxl__xs_printf is desirable. */
997 int libxl__xs_write_checked(libxl__gc *gc, xs_transaction_t t,
998 const char *path, const char *string);
999
1000 /* ENOENT is not an error (even if the parent directories don't exist) */
1001 int libxl__xs_rm_checked(libxl__gc *gc, xs_transaction_t t, const char *path);
1002
1003 /* Transaction functions, best used together.
1004 * The caller should initialise *t to 0 (XBT_NULL) before calling start.
1005 * Each function leaves *t!=0 iff the transaction needs cleaning up.
1006 *
1007 * libxl__xs_transaction_commit returns:
1008 * <0 failure - a libxl error code
1009 * +1 commit conflict; transaction has been destroyed and caller
1010 * must go round again (call _start again and retry)
1011 * 0 committed successfully
1012 *
1013 * The intended usage pattern looks like this:
1014 * int some_function()
1015 * {
1016 * int rc;
1017 * xs_transaction_t t = 0;
1018 * // other initialisations
1019 *
1020 * // do whatever you need to do before the xenstore stuff
1021 * // errors? set rc and goto out.
1022 *
1023 * for (;;) {
1024 * rc = libxl__xs_transaction_start(gc, &t);
1025 * if (rc) goto out;
1026 *
1027 * // do your work here, including all xenstore reads and writes
1028 * // libxl__xs_*_checked are useful; pass them t.
1029 * // errors? set rc and goto out.
1030 *
1031 * rc = libxl__xs_transaction_commit(gc, &t);
1032 * if (!rc) break;
1033 * if (rc<0) goto out;
1034 * }
1035 *
1036 * // now the xenstore transaction succeeded
1037 * // do whatever else you need to do
1038 * // errors? set rc and goto out.
1039 *
1040 * return something;
1041 *
1042 * out:
1043 * // other cleanups
1044 * libxl__xs_transaction_abort(gc, &t);
1045 * // other cleanups
1046 * return rc;
1047 * }
1048 *
1049 * Formally the states of *t are:
1050 *
1051 * name value of *t description
1052 * Idle 0 no transaction exists
1053 * Ready non-0 ready for work, nothing done yet
1054 * Busy non-0 writes have been made but we are not finished
1055 * Uncommitted non-0 writes have been made and should be committed
1056 *
1057 * libxl__xs_transaction_start: Idle -> Ready (on error: Idle)
1058 *
1059 * The transaction goes from Ready to Busy, and from Busy to
1060 * Uncommitted, by the use of xenstore read and write operations
1061 * (libxl__xs_..., xs_...) made by libxl__xs_transaction's caller.
1062 *
1063 * libxl__xs_transaction_commit: Ready/Uncommitted -> Idle
1064 * on success (returns 0): xenstore has been updated
1065 * on error (<0) or conflict (+1): updates discarded
1066 *
1067 * libxl__xs_transaction_abort: Any -> Idle (any updates discarded)
1068 */
1069 int libxl__xs_transaction_start(libxl__gc *gc, xs_transaction_t *t);
1070 int libxl__xs_transaction_commit(libxl__gc *gc, xs_transaction_t *t);
1071 void libxl__xs_transaction_abort(libxl__gc *gc, xs_transaction_t *t);
1072
1073
1074
1075 /*
1076 * This is a recursive delete, from top to bottom. What this function does
1077 * is remove empty folders that contained the deleted entry.
1078 *
1079 * It mimics xenstore-rm -t behaviour.
1080 */
1081 _hidden int libxl__xs_path_cleanup(libxl__gc *gc, xs_transaction_t t,
1082 const char *user_path);
1083
1084 /*
1085 * Event generation functions provided by the libxl event core to the
1086 * rest of libxl. Implemented in terms of _beforepoll/_afterpoll
1087 * and/or the fd registration machinery, as provided by the
1088 * application.
1089 *
1090 * Semantics are similar to those of the fd and timeout registration
1091 * functions provided to libxl_osevent_register_hooks.
1092 *
1093 * Non-0 returns from libxl__ev_{modify,deregister} have already been
1094 * logged by the core and should be returned unmodified to libxl's
1095 * caller; NB that they may be valid libxl error codes but they may
1096 * also be positive numbers supplied by the caller.
1097 *
1098 * In each case, there is a libxl__ev_FOO structure which can be in
1099 * one of three states:
1100 *
1101 * Undefined - Might contain anything. All-bits-zero is
1102 * an undefined state.
1103 *
1104 * Idle - Struct contents are defined enough to pass to any
1105 * libxl__ev_FOO function but not registered and
1106 * callback will not be called. The struct does not
1107 * contain references to any allocated resources so
1108 * can be thrown away.
1109 *
1110 * Active - Request for events has been registered and events
1111 * may be generated. _deregister must be called to
1112 * reclaim resources.
1113 *
1114 * These functions are provided for each kind of event KIND:
1115 *
1116 * int libxl__ev_KIND_register(libxl__gc *gc, libxl__ev_KIND *GEN,
1117 * libxl__ev_KIND_callback *FUNC,
1118 * DETAILS);
1119 * On entry *GEN must be in state Undefined or Idle.
1120 * Returns a libxl error code; on error return *GEN is Idle.
1121 * On successful return *GEN is Active and FUNC wil be
1122 * called by the event machinery in future. FUNC will
1123 * not be called from within the call to _register.
1124 * FUNC will be called with the context locked (with CTX_LOCK).
1125 *
1126 * void libxl__ev_KIND_deregister(libxl__gc *gc, libxl__ev_KIND *GEN_upd);
1127 * On entry *GEN must be in state Active or Idle.
1128 * On return it is Idle. (Idempotent.)
1129 *
1130 * void libxl__ev_KIND_init(libxl__ev_KIND *GEN);
1131 * Provided for initialising an Undefined KIND.
1132 * On entry *GEN must be in state Idle or Undefined.
1133 * On return it is Idle. (Idempotent.)
1134 *
1135 * int libxl__ev_KIND_isregistered(const libxl__ev_KIND *GEN);
1136 * On entry *GEN must be Idle or Active.
1137 * Returns nonzero if it is Active, zero otherwise.
1138 * Cannot fail.
1139 *
1140 * int libxl__ev_KIND_modify(libxl__gc*, libxl__ev_KIND *GEN,
1141 * DETAILS);
1142 * Only provided for some kinds of generator.
1143 * On entry *GEN must be Active and on return, whether successful
1144 * or not, it will be Active.
1145 * Returns a libxl error code; on error the modification
1146 * is not effective.
1147 *
1148 * All of these functions are fully threadsafe and may be called by
1149 * general code in libxl even from within event callback FUNCs.
1150 * The ctx will be locked on entry to each FUNC and FUNC should not
1151 * unlock it.
1152 *
1153 * Callers of libxl__ev_KIND_register must ensure that the
1154 * registration is undone, with _deregister, in libxl_ctx_free.
1155 * This means that normally each kind of libxl__evgen (ie each
1156 * application-requested event source) needs to be on a list so that
1157 * it can be automatically deregistered as promised in libxl_event.h.
1158 */
1159
1160
1161 _hidden int libxl__ev_fd_register(libxl__gc*, libxl__ev_fd *ev_out,
1162 libxl__ev_fd_callback*,
1163 int fd, short events /* as for poll(2) */);
1164 _hidden int libxl__ev_fd_modify(libxl__gc*, libxl__ev_fd *ev,
1165 short events);
1166 _hidden void libxl__ev_fd_deregister(libxl__gc*, libxl__ev_fd *ev);
libxl__ev_fd_init(libxl__ev_fd * efd)1167 static inline void libxl__ev_fd_init(libxl__ev_fd *efd)
1168 { efd->fd = -1; }
libxl__ev_fd_isregistered(const libxl__ev_fd * efd)1169 static inline int libxl__ev_fd_isregistered(const libxl__ev_fd *efd)
1170 { return efd->fd >= 0; }
1171
1172 _hidden int libxl__ev_time_register_rel(libxl__ao*, libxl__ev_time *ev_out,
1173 libxl__ev_time_callback*,
1174 int milliseconds /* as for poll(2) */);
1175 _hidden int libxl__ev_time_register_abs(libxl__ao*, libxl__ev_time *ev_out,
1176 libxl__ev_time_callback*,
1177 struct timeval);
1178 _hidden int libxl__ev_time_modify_rel(libxl__gc*, libxl__ev_time *ev,
1179 int milliseconds /* as for poll(2) */);
1180 _hidden int libxl__ev_time_modify_abs(libxl__gc*, libxl__ev_time *ev,
1181 struct timeval);
1182 _hidden void libxl__ev_time_deregister(libxl__gc*, libxl__ev_time *ev);
libxl__ev_time_init(libxl__ev_time * ev)1183 static inline void libxl__ev_time_init(libxl__ev_time *ev)
1184 { ev->func = 0; libxl__ao_abortable_init(&ev->abrt); }
libxl__ev_time_isregistered(const libxl__ev_time * ev)1185 static inline int libxl__ev_time_isregistered(const libxl__ev_time *ev)
1186 { return !!ev->func; }
1187
1188
1189 _hidden int libxl__ev_xswatch_register(libxl__gc*, libxl__ev_xswatch *xsw_out,
1190 libxl__ev_xswatch_callback*,
1191 const char *path /* copied */);
1192 _hidden void libxl__ev_xswatch_deregister(libxl__gc *gc, libxl__ev_xswatch*);
1193
libxl__ev_xswatch_init(libxl__ev_xswatch * xswatch_out)1194 static inline void libxl__ev_xswatch_init(libxl__ev_xswatch *xswatch_out)
1195 { xswatch_out->slotnum = -1; }
libxl__ev_xswatch_isregistered(const libxl__ev_xswatch * xw)1196 static inline int libxl__ev_xswatch_isregistered(const libxl__ev_xswatch *xw)
1197 { return xw->slotnum >= 0; }
1198
1199
1200 /*
1201 * The evtchn facility is one-shot per call to libxl__ev_evtchn_wait.
1202 * You should:
1203 * Use libxl__ctx_evtchn_init to make sure CTX->xce is valid;
1204 * Call some suitable xc bind function on (or to obtain) the port;
1205 * Then call libxl__ev_evtchn_wait.
1206 *
1207 * When the event is signaled then the callback will be made, once.
1208 * Then you must call libxl__ev_evtchn_wait again, if desired.
1209 *
1210 * You must NOT call xenevtchn_unmask. wait will do that for you.
1211 *
1212 * Calling libxl__ev_evtchn_cancel will arrange for libxl to disregard
1213 * future occurrences of event. Both libxl__ev_evtchn_wait and
1214 * libxl__ev_evtchn_cancel are idempotent.
1215 *
1216 * (Note of course that an event channel becomes signaled when it is
1217 * first bound, so you will get one call to libxl__ev_evtchn_wait
1218 * "right away"; unless you have won a very fast race, the condition
1219 * you were waiting for won't exist yet so when you check for it
1220 * you'll find you need to call wait again.)
1221 *
1222 * You must not wait on the same port twice at once (that is, with
1223 * two separate libxl__ev_evtchn's).
1224 */
1225 _hidden int libxl__ev_evtchn_wait(libxl__gc*, libxl__ev_evtchn *evev);
1226 _hidden void libxl__ev_evtchn_cancel(libxl__gc *gc, libxl__ev_evtchn *evev);
1227
libxl__ev_evtchn_init(libxl__ev_evtchn * evev)1228 static inline void libxl__ev_evtchn_init(libxl__ev_evtchn *evev)
1229 { evev->waiting = 0; }
libxl__ev_evtchn_iswaiting(const libxl__ev_evtchn * evev)1230 static inline bool libxl__ev_evtchn_iswaiting(const libxl__ev_evtchn *evev)
1231 { return evev->waiting; }
1232
1233 _hidden int libxl__ctx_evtchn_init(libxl__gc *gc); /* for libxl_ctx_alloc */
1234
1235 /*
1236 * For making subprocesses. This is the only permitted mechanism for
1237 * code in libxl to do so.
1238 *
1239 * In the parent, returns the pid, filling in childw_out.
1240 * In the child, returns 0.
1241 * If it fails, returns a libxl error (all of which are -ve).
1242 *
1243 * The child should go on to exec (or exit) soon. The child may not
1244 * make any further calls to libxl infrastructure, except for memory
1245 * allocation and logging. If the child needs to use xenstore it
1246 * must open its own xs handle and use it directly, rather than via
1247 * the libxl event machinery.
1248 *
1249 * The parent may signal the child but it must not reap it. That will
1250 * be done by the event machinery.
1251 *
1252 * The child death event will generate exactly one event callback; until
1253 * then the childw is Active and may not be reused.
1254 *
1255 * libxl__ev_child_kill_deregister: Active -> Idle
1256 * This will transfer ownership of the child process death event from
1257 * `ch' to `ao', thus deregister the callback.
1258 * The `ao' completion will wait until the child have been reaped by the
1259 * event machinery.
1260 */
1261 _hidden pid_t libxl__ev_child_fork(libxl__gc *gc, libxl__ev_child *childw_out,
1262 libxl__ev_child_callback *death);
libxl__ev_child_init(libxl__ev_child * childw_out)1263 static inline void libxl__ev_child_init(libxl__ev_child *childw_out)
1264 { childw_out->pid = -1; }
libxl__ev_child_inuse(const libxl__ev_child * childw_out)1265 static inline int libxl__ev_child_inuse(const libxl__ev_child *childw_out)
1266 { return childw_out->pid >= 0; }
1267 _hidden void libxl__ev_child_kill_deregister(libxl__ao *ao,
1268 libxl__ev_child *ch,
1269 int sig);
1270
1271 /* Useable (only) in the child to once more make the ctx useable for
1272 * xenstore operations. logs failure in the form "what: <error
1273 * message>". */
1274 _hidden int libxl__ev_child_xenstore_reopen(libxl__gc *gc, const char *what);
1275
1276
1277 /*
1278 * Other event-handling support provided by the libxl event core to
1279 * the rest of libxl.
1280 */
1281
1282 _hidden void libxl__event_occurred(libxl__egc*, libxl_event *event);
1283 /* Arranges to notify the application that the event has occurred.
1284 * event should be suitable for passing to libxl_event_free. */
1285
1286 _hidden libxl_event *libxl__event_new(libxl__egc*, libxl_event_type,
1287 uint32_t domid,
1288 libxl_ev_user for_user);
1289 /* Convenience function.
1290 * Allocates a new libxl_event, fills in domid and type.
1291 * Cannot fail. */
1292
1293 #define NEW_EVENT(egc, type, domid, user) \
1294 libxl__event_new((egc), LIBXL_EVENT_TYPE_##type, (domid), (user))
1295 /* Convenience macro. */
1296
1297 /*
1298 * In general, call this via the macro LIBXL__EVENT_DISASTER.
1299 *
1300 * Event-generating functions, or ao machinery, may call this if they
1301 * might have wanted to generate an event (either an internal one ie a
1302 * libxl__ev_FOO_callback or an application event), but are prevented
1303 * from doing so due to eg lack of memory.
1304 *
1305 * NB that this function may return and the caller isn't supposed to
1306 * then crash, although it may fail (and henceforth leave things in a
1307 * state where many or all calls fail).
1308 */
1309 _hidden void libxl__event_disaster(libxl__gc*, const char *msg, int errnoval,
1310 libxl_event_type type /* may be 0 */,
1311 const char *file, int line,
1312 const char *func);
1313 #define LIBXL__EVENT_DISASTER(gc, msg, errnoval, type) \
1314 libxl__event_disaster(gc, msg, errnoval, type, __FILE__,__LINE__,__func__)
1315
1316
1317 /* Fills in, or disposes of, the resources held by, a poller whose
1318 * space the caller has allocated. ctx must be locked. */
1319 _hidden int libxl__poller_init(libxl__gc *gc, libxl__poller *p);
1320 _hidden void libxl__poller_dispose(libxl__poller *p);
1321
1322 /* Obtain a fresh poller from malloc or the idle list, and put it
1323 * away again afterwards. _get can fail, returning NULL.
1324 * ctx must be locked. */
1325 _hidden libxl__poller *libxl__poller_get(libxl__gc *gc);
1326 _hidden void libxl__poller_put(libxl_ctx*, libxl__poller *p /* may be NULL */);
1327
1328 /* Notifies whoever is polling using p that they should wake up.
1329 * ctx must be locked. */
1330 _hidden void libxl__poller_wakeup(libxl__gc *egc, libxl__poller *p);
1331
1332 /* Internal to fork and child reaping machinery */
1333 extern const libxl_childproc_hooks libxl__childproc_default_hooks;
1334 int libxl__sigchld_needed(libxl__gc*); /* non-reentrant idempotent, logs errs */
1335 void libxl__sigchld_notneeded(libxl__gc*); /* non-reentrant idempotent */
1336 void libxl__sigchld_check_stale_handler(void);
1337 int libxl__self_pipe_wakeup(int fd); /* returns 0 or -1 setting errno */
1338 int libxl__self_pipe_eatall(int fd); /* returns 0 or -1 setting errno */
1339
1340
1341 _hidden int libxl__atfork_init(libxl_ctx *ctx);
1342
1343
1344 /* File references */
1345 typedef struct {
1346 /*
1347 * Path is always set if the file reference is valid. However if
1348 * mapped is true then the actual file may already be unlinked.
1349 */
1350 const char * path;
1351 int mapped;
1352 void * data;
1353 size_t size;
1354 } libxl__file_reference;
1355 _hidden int libxl__file_reference_map(libxl__file_reference *f);
1356 _hidden int libxl__file_reference_unmap(libxl__file_reference *f);
1357
1358 /* from xl_dom */
1359 _hidden libxl_domain_type libxl__domain_type(libxl__gc *gc, uint32_t domid);
1360 _hidden int libxl__domain_cpupool(libxl__gc *gc, uint32_t domid);
1361 _hidden libxl_scheduler libxl__domain_scheduler(libxl__gc *gc, uint32_t domid);
1362 _hidden int libxl__sched_set_params(libxl__gc *gc, uint32_t domid,
1363 libxl_domain_sched_params *scparams);
1364 _hidden int libxl__grant_vga_iomem_permission(libxl__gc *gc, const uint32_t domid,
1365 libxl_domain_config *const d_config);
1366
1367 typedef struct {
1368 uint32_t store_port;
1369 uint32_t store_domid;
1370 unsigned long store_mfn;
1371
1372 uint32_t console_port;
1373 uint32_t console_domid;
1374 unsigned long console_mfn;
1375 char *console_tty;
1376
1377 char *saved_state;
1378 int dm_monitor_fd;
1379
1380 libxl__file_reference pv_kernel;
1381 libxl__file_reference pv_ramdisk;
1382 const char *shim_path;
1383 const char *shim_cmdline;
1384 const char *pv_cmdline;
1385
1386 /*
1387 * dm_runas: If set, pass qemu the `-runas` parameter with this
1388 * string as an argument
1389 * dm_kill_uid: If set, the devicemodel should be killed by
1390 * destroying all processes with this uid.
1391 */
1392 char *dm_runas, *dm_kill_uid;
1393
1394 xen_vmemrange_t *vmemranges;
1395 uint32_t num_vmemranges;
1396
1397 xen_pfn_t vuart_gfn;
1398 evtchn_port_t vuart_port;
1399
1400 /* ARM only to deal with broken firmware */
1401 uint32_t clock_frequency;
1402
1403 /* Whether this domain is being migrated/restored, or booting fresh. Only
1404 * applicable to the primary domain, not support domains (e.g. stub QEMU). */
1405 bool restore;
1406 } libxl__domain_build_state;
1407
1408 _hidden void libxl__domain_build_state_init(libxl__domain_build_state *s);
1409 _hidden void libxl__domain_build_state_dispose(libxl__domain_build_state *s);
1410
1411 _hidden int libxl__build_pre(libxl__gc *gc, uint32_t domid,
1412 libxl_domain_config * const d_config,
1413 libxl__domain_build_state *state);
1414 _hidden int libxl__build_post(libxl__gc *gc, uint32_t domid,
1415 libxl_domain_build_info *info, libxl__domain_build_state *state,
1416 char **vms_ents, char **local_ents);
1417
1418 _hidden int libxl__build_pv(libxl__gc *gc, uint32_t domid,
1419 libxl_domain_config *const d_config, libxl__domain_build_state *state);
1420 _hidden int libxl__build_hvm(libxl__gc *gc, uint32_t domid,
1421 libxl_domain_config *d_config,
1422 libxl__domain_build_state *state);
1423
1424 _hidden int libxl__qemu_traditional_cmd(libxl__gc *gc, uint32_t domid,
1425 const char *cmd);
1426 _hidden int libxl__domain_rename(libxl__gc *gc, uint32_t domid,
1427 const char *old_name, const char *new_name,
1428 xs_transaction_t trans);
1429
1430 /* Deprecated, use libxl__dm_resume instead. */
1431 _hidden int libxl__domain_resume_device_model_deprecated(libxl__gc *gc, uint32_t domid);
1432
1433 _hidden const char *libxl__userdata_path(libxl__gc *gc, uint32_t domid,
1434 const char *userdata_userid,
1435 const char *wh);
1436 _hidden void libxl__userdata_destroyall(libxl__gc *gc, uint32_t domid);
1437 /* Caller must hold userdata store lock before calling
1438 * libxl__userdata_{retrieve,store}
1439 * See libxl__{un,}lock_domain_userdata.
1440 */
1441 _hidden int libxl__userdata_retrieve(libxl__gc *gc, uint32_t domid,
1442 const char *userdata_userid,
1443 uint8_t **data_r, int *datalen_r);
1444 _hidden int libxl__userdata_store(libxl__gc *gc, uint32_t domid,
1445 const char *userdata_userid,
1446 const uint8_t *data, int datalen);
1447
1448 /* Deprecated, use libxl__domain_resume instead */
1449 _hidden int libxl__domain_resume_deprecated(libxl__gc *gc, uint32_t domid,
1450 int suspend_cancel);
1451 /* Deprecated, use libxl__domain_unpause instead */
1452 _hidden int libxl__domain_unpause_deprecated(libxl__gc *,
1453 libxl_domid domid);
1454
1455 /* Call libxl__dm_resume_init() and fill the first few fields,
1456 * then call one of libxl__domain_resume / libxl__domain_unpause
1457 * or directly libxl__dm_resume if only the device model needs to be
1458 * "resumed". */
1459 struct libxl__dm_resume_state {
1460 /* caller must fill these in, and they must all remain valid */
1461 libxl__ao *ao;
1462 libxl_domid domid;
1463 void (*callback)(libxl__egc *, libxl__dm_resume_state *, int rc);
1464
1465 /* private to libxl__domain_resume and libxl__domain_unpause */
1466 void (*dm_resumed_callback)(libxl__egc *,
1467 libxl__dm_resume_state *, int rc);
1468 /* private to libxl__domain_resume */
1469 bool suspend_cancel;
1470
1471 /* private to libxl__dm_resume */
1472 libxl__ev_qmp qmp;
1473 libxl__ev_time time;
1474 libxl__ev_xswatch watch;
1475 };
1476 _hidden void libxl__dm_resume(libxl__egc *egc,
1477 libxl__dm_resume_state *dmrs);
1478 _hidden void libxl__domain_resume(libxl__egc *egc,
1479 libxl__dm_resume_state *dmrs,
1480 bool suspend_cancel);
1481 _hidden void libxl__domain_unpause(libxl__egc *,
1482 libxl__dm_resume_state *dmrs);
1483
1484 /* returns 0 or 1, or a libxl error code */
1485 _hidden int libxl__domain_pvcontrol_available(libxl__gc *gc, uint32_t domid);
1486
1487 _hidden const char *libxl__domain_pvcontrol_xspath(libxl__gc*, uint32_t domid);
1488 _hidden char * libxl__domain_pvcontrol_read(libxl__gc *gc,
1489 xs_transaction_t t, uint32_t domid);
1490
1491 /* from xl_device */
1492 _hidden char *libxl__device_disk_string_of_backend(libxl_disk_backend backend);
1493 _hidden char *libxl__device_disk_string_of_format(libxl_disk_format format);
1494 _hidden const char *libxl__qemu_disk_format_string(libxl_disk_format format);
1495 _hidden int libxl__device_disk_set_backend(libxl__gc*, libxl_device_disk*);
1496
1497 _hidden int libxl__device_physdisk_major_minor(const char *physpath, int *major, int *minor);
1498 _hidden int libxl__device_disk_dev_number(const char *virtpath,
1499 int *pdisk, int *ppartition);
1500 _hidden char *libxl__devid_to_vdev(libxl__gc *gc, int devid);
1501
1502 _hidden int libxl__device_console_add(libxl__gc *gc, uint32_t domid,
1503 libxl__device_console *console,
1504 libxl__domain_build_state *state,
1505 libxl__device *device);
1506 _hidden int libxl__device_vuart_add(libxl__gc *gc, uint32_t domid,
1507 libxl__device_console *console,
1508 libxl__domain_build_state *state);
1509
1510 /* Returns 1 if device exists, 0 if not, ERROR_* (<0) on error. */
1511 _hidden int libxl__device_exists(libxl__gc *gc, xs_transaction_t t,
1512 libxl__device *device);
1513 _hidden int libxl__device_generic_add(libxl__gc *gc, xs_transaction_t t,
1514 libxl__device *device, char **bents, char **fents, char **ro_fents);
1515 _hidden char *libxl__domain_device_frontend_path(libxl__gc *gc, uint32_t domid, uint32_t devid,
1516 libxl__device_kind device_kind);
1517 _hidden char *libxl__device_backend_path(libxl__gc *gc, libxl__device *device);
1518 _hidden char *libxl__domain_device_backend_path(libxl__gc *gc, uint32_t backend_domid,
1519 uint32_t domid, uint32_t devid,
1520 libxl__device_kind device_kind);
1521 _hidden char *libxl__device_libxl_path(libxl__gc *gc, libxl__device *device);
1522 _hidden char *libxl__domain_device_libxl_path(libxl__gc *gc, uint32_t domid, uint32_t devid,
1523 libxl__device_kind device_kind);
1524 _hidden int libxl__parse_backend_path(libxl__gc *gc, const char *path,
1525 libxl__device *dev);
1526 _hidden int libxl__console_tty_path(libxl__gc *gc, uint32_t domid, int cons_num,
1527 libxl_console_type type, char **tty_path);
1528 _hidden int libxl__device_destroy(libxl__gc *gc, libxl__device *dev);
1529 _hidden int libxl__wait_for_backend(libxl__gc *gc, const char *be_path,
1530 const char *state);
1531 _hidden int libxl__nic_type(libxl__gc *gc, libxl__device *dev,
1532 libxl_nic_type *nictype);
1533 _hidden int libxl__init_console_from_channel(libxl__gc *gc,
1534 libxl__device_console *console,
1535 int dev_num,
1536 libxl_device_channel *channel);
1537 _hidden int libxl__device_nextid(libxl__gc *gc, uint32_t domid,
1538 libxl__device_kind device);
1539 _hidden int libxl__resolve_domid(libxl__gc *gc, const char *name,
1540 uint32_t *domid);
1541
1542 /*
1543 * For each aggregate type which can be used as an input we provide:
1544 *
1545 * int libxl__<type>_setdefault(gc, <type> *p):
1546 *
1547 * Idempotently sets any members of "p" which is currently set to
1548 * a special value indicating that the defaults should be used
1549 * (per libxl_<type>_init) to a specific value.
1550 *
1551 * All libxl API functions are expected to have arranged for this
1552 * to be called before using any values within these structures.
1553 */
1554 _hidden int libxl__domain_config_setdefault(libxl__gc *gc,
1555 libxl_domain_config *d_config,
1556 uint32_t domid /* logging only */);
1557 _hidden int libxl__domain_create_info_setdefault(libxl__gc *gc,
1558 libxl_domain_create_info *c_info,
1559 const libxl_physinfo *info);
1560 _hidden int libxl__domain_build_info_setdefault(libxl__gc *gc,
1561 libxl_domain_build_info *b_info);
1562 _hidden void libxl__rdm_setdefault(libxl__gc *gc,
1563 libxl_domain_build_info *b_info);
1564
1565 _hidden int libxl__domain_need_memory_calculate(libxl__gc *gc,
1566 libxl_domain_build_info *b_info,
1567 uint64_t *need_memkb);
1568
1569 _hidden const char *libxl__device_nic_devname(libxl__gc *gc,
1570 uint32_t domid,
1571 uint32_t devid,
1572 libxl_nic_type type);
1573
1574 _hidden int libxl__get_domid(libxl__gc *gc, uint32_t *domid);
1575
1576 /*----- xswait: wait for a xenstore node to be suitable -----*/
1577
1578 typedef struct libxl__xswait_state libxl__xswait_state;
1579
1580 /*
1581 * rc describes the circumstances of this callback:
1582 *
1583 * rc==0
1584 *
1585 * The xenstore path (may have) changed. It has been read for
1586 * you. The result is in data (allocated from the ao gc).
1587 * data may be NULL, which means that the xenstore read gave
1588 * ENOENT.
1589 *
1590 * If you are satisfied, you MUST call libxl__xswait_stop.
1591 * Otherwise, xswait will continue waiting and watching and
1592 * will call you back later.
1593 *
1594 * rc==ERROR_TIMEDOUT, rc==ERROR_ABORTED
1595 *
1596 * The specified timeout was reached.
1597 * This has NOT been logged (except to the debug log).
1598 * xswait will not continue (but calling libxl__xswait_stop is OK).
1599 *
1600 * rc!=0, !=ERROR_TIMEDOUT, !=ERROR_ABORTED
1601 *
1602 * Some other error occurred.
1603 * This HAS been logged.
1604 * xswait will not continue (but calling libxl__xswait_stop is OK).
1605 *
1606 * xswait.path may start with with '@', in which case no read is done
1607 * and the callback will always get data==0.
1608 */
1609 typedef void libxl__xswait_callback(libxl__egc *egc,
1610 libxl__xswait_state *xswa, int rc, const char *data);
1611
1612 struct libxl__xswait_state {
1613 /* caller must fill these in, and they must all remain valid */
1614 libxl__ao *ao;
1615 const char *what; /* for error msgs: noun phrase, what we're waiting for */
1616 const char *path;
1617 int timeout_ms; /* as for poll(2) */
1618 libxl__xswait_callback *callback;
1619 /* remaining fields are private to xswait */
1620 libxl__ev_time time_ev;
1621 libxl__ev_xswatch watch_ev;
1622 };
1623
1624 void libxl__xswait_init(libxl__xswait_state*);
1625 void libxl__xswait_stop(libxl__gc*, libxl__xswait_state*); /*idempotent*/
1626 bool libxl__xswait_inuse(const libxl__xswait_state *ss);
1627
1628 int libxl__xswait_start(libxl__gc*, libxl__xswait_state*);
1629
1630 /*
1631 * libxl__ev_devstate - waits a given time for a device to
1632 * reach a given state. Follows the libxl_ev_* conventions.
1633 * Will generate only one event, and after that is automatically
1634 * cancelled.
1635 */
1636 typedef struct libxl__ev_devstate libxl__ev_devstate;
1637 typedef void libxl__ev_devstate_callback(libxl__egc *egc, libxl__ev_devstate*,
1638 int rc);
1639 /* rc will be 0, ERROR_TIMEDOUT, ERROR_ABORTED, ERROR_INVAL
1640 * (meaning path was removed), or ERROR_FAIL if other stuff went
1641 * wrong (in which latter case, logged) */
1642
1643 struct libxl__ev_devstate {
1644 /* read-only for caller, who may read only when waiting: */
1645 int wanted;
1646 libxl__ev_devstate_callback *callback;
1647 /* as for the remainder, read-only public parts may also be
1648 * read by the caller (notably, watch.path), but only when waiting: */
1649 libxl__xswait_state w;
1650 };
1651
libxl__ev_devstate_init(libxl__ev_devstate * ds)1652 static inline void libxl__ev_devstate_init(libxl__ev_devstate *ds)
1653 {
1654 libxl__xswait_init(&ds->w);
1655 }
1656
libxl__ev_devstate_cancel(libxl__gc * gc,libxl__ev_devstate * ds)1657 static inline void libxl__ev_devstate_cancel(libxl__gc *gc,
1658 libxl__ev_devstate *ds)
1659 {
1660 libxl__xswait_stop(gc,&ds->w);
1661 }
1662
1663 _hidden int libxl__ev_devstate_wait(libxl__ao *ao, libxl__ev_devstate *ds,
1664 libxl__ev_devstate_callback cb,
1665 const char *state_path,
1666 int state, int milliseconds);
1667
1668 /*
1669 * libxl__ev_domaindeathcheck_register - arranges to call back (once)
1670 * if the domain is destroyed. If the domain dies, we log a message
1671 * of the form "<what>: <explanation of the situation, including the domid>".
1672 */
1673
1674 typedef struct libxl__domaindeathcheck libxl__domaindeathcheck;
1675 typedef void libxl___domaindeathcheck_callback(libxl__egc *egc,
1676 libxl__domaindeathcheck*,
1677 int rc /* DESTROYED or ABORTED */);
1678
1679 struct libxl__domaindeathcheck {
1680 /* must be filled in by caller, and remain valid: */
1681 const char *what;
1682 uint32_t domid;
1683 libxl___domaindeathcheck_callback *callback;
1684 /* private */
1685 libxl__ao_abortable abrt;
1686 libxl__ev_xswatch watch;
1687 };
1688
1689 _hidden int libxl__domaindeathcheck_start(libxl__ao *ao,
1690 libxl__domaindeathcheck *dc);
1691
1692 void libxl__domaindeathcheck_init(libxl__domaindeathcheck *dc);
1693 void libxl__domaindeathcheck_stop(libxl__gc *gc, libxl__domaindeathcheck *dc);
1694
1695
1696 /*
1697 * libxl__try_phy_backend - Check if there's support for the passed
1698 * type of file using the PHY backend
1699 * st_mode: mode_t of the file, as returned by stat function
1700 *
1701 * Returns 1 on success, and 0 if not suitable for phy backend.
1702 */
1703 _hidden int libxl__try_phy_backend(mode_t st_mode);
1704
1705
1706 _hidden char *libxl__devid_to_localdev(libxl__gc *gc, int devid);
1707
1708 _hidden int libxl__pci_numdevs(libxl__gc *gc);
1709 _hidden int libxl__pci_topology_init(libxl__gc *gc,
1710 physdev_pci_device_t *devs,
1711 int num_devs);
1712
1713 /* from libxl_pci */
1714
1715 _hidden void libxl__device_pci_add(libxl__egc *egc, uint32_t domid,
1716 libxl_device_pci *pcidev, bool starting,
1717 libxl__ao_device *aodev);
1718 _hidden void libxl__device_pci_destroy_all(libxl__egc *egc, uint32_t domid,
1719 libxl__multidev *);
1720 _hidden int libxl__device_pci_setdefault(libxl__gc *gc, uint32_t domid,
1721 libxl_device_pci *pci, bool hotplug);
1722 _hidden bool libxl__is_igd_vga_passthru(libxl__gc *gc,
1723 const libxl_domain_config *d_config);
1724
1725 /* from libxl_dtdev */
1726
1727 _hidden int libxl__device_dt_add(libxl__gc *gc, uint32_t domid,
1728 const libxl_device_dtdev *dtdev);
1729
1730 /*
1731 *----- spawn -----
1732 *
1733 * Higher-level double-fork and separate detach eg as for device models
1734 *
1735 * Each libxl__spawn_state is in one of these states
1736 * Undefined, Idle, Attached, Detaching
1737 */
1738
1739 typedef struct libxl__obsolete_spawn_starting libxl__spawn_starting;
1740 /* this type is never defined, so no objects of this type exist
1741 * fixme-ao This should go away completely. */
1742
1743 typedef struct libxl__spawn_state libxl__spawn_state;
1744
1745 /* Clears out a spawn state; idempotent. */
1746 _hidden void libxl__spawn_init(libxl__spawn_state*);
1747
1748 /*
1749 * libxl__spawn_spawn - Create a new process which will become daemonic
1750 * Forks twice, to allow the child to detach entirely from the parent.
1751 *
1752 * We call the two generated processes the "middle child" (result of
1753 * the first fork) and the "inner child" (result of the second fork
1754 * which takes place in the middle child).
1755 *
1756 * The inner child must soon exit or exec. It must also soon exit or
1757 * notify the parent of its successful startup by writing to the
1758 * xenstore path xspath OR via other means that the parent will have
1759 * to set up.
1760 *
1761 * The user (in the parent) will be called back (confirm_cb) every
1762 * time that xenstore path is modified.
1763 *
1764 * In both children, the ctx is not fully usable: gc and logging
1765 * operations are OK, but operations on Xen and xenstore are not.
1766 * (The restrictions are the same as those which apply to children
1767 * made with libxl__ev_child_fork.)
1768 *
1769 * midproc_cb will be called in the middle child, with the pid of the
1770 * inner child; this could for example record the pid. midproc_cb
1771 * should be fast, and should return. It will be called (reentrantly)
1772 * within libxl__spawn_init.
1773 *
1774 * failure_cb will be called in the parent on failure of the
1775 * intermediate or final child; an error message will have been
1776 * logged.
1777 *
1778 * confirm_cb, failure_cb and detached_cb will not be called
1779 * reentrantly from within libxl__spawn_spawn.
1780 *
1781 * what: string describing the spawned process, used for logging
1782 *
1783 * Logs errors. A copy of "what" is taken.
1784 * Return values:
1785 * < 0 error, *spawn is now Idle and need not be detached
1786 * +1 caller is the parent, *spawn is Attached and must be detached
1787 * 0 caller is now the inner child, should probably call libxl__exec
1788 *
1789 * The spawn state must be Undefined or Idle on entry.
1790 */
1791 _hidden int libxl__spawn_spawn(libxl__egc *egc, libxl__spawn_state *spawn);
1792
1793 /*
1794 * libxl__spawn_request_detach - Detaches the daemonic child.
1795 *
1796 * Works by killing the intermediate process from spawn_spawn.
1797 * After this function returns, failures of either child are no
1798 * longer reported via failure_cb.
1799 *
1800 * This is not synchronous: there will be a further callback when
1801 * the detach is complete.
1802 *
1803 * If called before the inner child has been created, this may prevent
1804 * it from running at all. Thus this should be called only when the
1805 * inner child has notified that it is ready. Normally it will be
1806 * called from within confirm_cb.
1807 *
1808 * Logs errors.
1809 *
1810 * The spawn state must be Attached entry and will be Detaching
1811 * on return.
1812 */
1813 _hidden void libxl__spawn_initiate_detach(libxl__gc *gc, libxl__spawn_state*);
1814
1815 /*
1816 * libxl__spawn_initiate_failure - Propagate failure from the caller to the
1817 * callee.
1818 *
1819 * Works by killing the intermediate process from spawn_spawn.
1820 * After this function returns, a failure will be reported.
1821 *
1822 * This is not synchronous: there will be a further callback when
1823 * the detach is complete.
1824 *
1825 * Caller must have logged a failure reason.
1826 *
1827 * The spawn state must be Attached on entry and will remain Attached. It
1828 * is possible for a spawn to fail for multiple reasons, for example
1829 * call(s) to libxl__spawn_initiate_failure and also for some other reason.
1830 * In that case the first rc value from any source will take precedence.
1831 */
1832 _hidden void libxl__spawn_initiate_failure(libxl__egc *egc,
1833 libxl__spawn_state *ss, int rc);
1834
1835 /*
1836 * If successful, this should return 0.
1837 *
1838 * Otherwise it should return a signal number, which will be
1839 * sent to the inner child; the overall spawn will then fail.
1840 */
1841 typedef int /* signal number */
1842 libxl__spawn_midproc_cb(libxl__gc*, libxl__spawn_state*, pid_t inner);
1843
1844 /*
1845 * Called if the spawn failed. The reason will have been logged.
1846 * The spawn state will be Idle on entry to the callback (and
1847 * it may be reused immediately if desired).
1848 */
1849 typedef void libxl__spawn_failure_cb(libxl__egc*, libxl__spawn_state*,
1850 int rc);
1851
1852 /*
1853 * Called when the xspath watch triggers. xspath will have been read
1854 * and the result placed in xsdata; if that failed because the key
1855 * didn't exist, xspath==0. (If it failed for some other reason,
1856 * the spawn machinery calls failure_cb instead.)
1857 *
1858 * If the child has indicated its successful startup, or a failure
1859 * has occurred, this should call libxl__spawn_detach.
1860 *
1861 * If the child is still starting up, should simply return, doing
1862 * nothing.
1863 *
1864 * The spawn state will be Active on entry to the callback; there
1865 * are no restrictions on the state on return; it may even have
1866 * been detached and reused.
1867 */
1868 typedef void libxl__spawn_confirm_cb(libxl__egc*, libxl__spawn_state*,
1869 const char *xsdata);
1870
1871 /*
1872 * Called when the detach (requested by libxl__spawn_initiate_detach) has
1873 * completed. On entry to the callback the spawn state is Idle.
1874 */
1875 typedef void libxl__spawn_detached_cb(libxl__egc*, libxl__spawn_state*);
1876
1877 struct libxl__spawn_state {
1878 /* must be filled in by user and remain valid */
1879 libxl__ao *ao;
1880 const char *what;
1881 const char *xspath;
1882 const char *pidpath; /* only used by libxl__spawn_midproc_record_pid */
1883 int timeout_ms; /* -1 means forever */
1884 libxl__spawn_midproc_cb *midproc_cb;
1885 libxl__spawn_failure_cb *failure_cb;
1886 libxl__spawn_confirm_cb *confirm_cb;
1887 libxl__spawn_detached_cb *detached_cb;
1888
1889 /* remaining fields are private to libxl_spawn_... */
1890 int detaching; /* we are in Detaching */
1891 int rc; /* might be non-0 whenever we are not Idle */
1892 libxl__ev_child mid; /* always in use whenever we are not Idle */
1893 libxl__xswait_state xswait;
1894 };
1895
libxl__spawn_inuse(const libxl__spawn_state * ss)1896 static inline int libxl__spawn_inuse(const libxl__spawn_state *ss)
1897 { return libxl__ev_child_inuse(&ss->mid); }
1898
1899 /*
1900 * libxl_spawner_record_pid - Record given pid in xenstore
1901 *
1902 * This function can be passed directly as an intermediate_hook to
1903 * libxl__spawn_spawn. On failure, returns the value SIGTERM.
1904 */
1905 _hidden int libxl__spawn_record_pid(libxl__gc*, libxl__spawn_state*,
1906 pid_t innerchild);
1907
1908 /*
1909 * libxl__xenstore_child_wait_deprecated - Wait for daemonic child IPC
1910 *
1911 * This is a NOT function for waiting for ordinary child processes.
1912 * If you want to run (fork/exec/wait) subprocesses from libxl:
1913 * - Make your libxl entrypoint use the ao machinery
1914 * - Use libxl__ev_child_fork, and use the callback programming style
1915 *
1916 * This function is intended for interprocess communication with a
1917 * service process. If the service process does not respond quickly,
1918 * the whole caller may be blocked. Therefore this function is
1919 * deprecated. This function is currently used only by
1920 * libxl__wait_for_device_model_deprecated.
1921 *
1922 * gc: allocation pool
1923 * domid: guest to work with
1924 * timeout: how many seconds to wait for the state to appear
1925 * what: string describing the spawned process
1926 * path: path to the state file in xenstore
1927 * state: expected string to wait for in path (optional)
1928 * spawning: malloc'd pointer to libxl__spawn_starting (optional)
1929 * check_callback: (optional)
1930 * check_callback_userdata: data to pass to the callback function
1931 *
1932 * Returns 0 on success, and < 0 on error.
1933 *
1934 * This function waits the given timeout for the given path to appear
1935 * in xenstore, and optionally for state in path.
1936 * If path appears and state matches, check_callback is called.
1937 * If check_callback returns > 0, waiting for path or state continues.
1938 * Otherwise libxl__xenstore_child_wait_deprecated returns.
1939 */
1940 _hidden int libxl__xenstore_child_wait_deprecated(libxl__gc *gc,
1941 uint32_t domid,
1942 uint32_t timeout, char *what,
1943 char *path, char *state,
1944 libxl__spawn_starting *spawning,
1945 int (*check_callback)(libxl__gc *gc,
1946 uint32_t domid,
1947 const char *state,
1948 void *userdata),
1949 void *check_callback_userdata);
1950
1951
1952 /* low-level stuff, for synchronous subprocesses etc. */
1953
1954 /*
1955 * env should be passed using the following format,
1956 *
1957 * env[0]: name of env variable
1958 * env[1]: value of env variable
1959 * env[n]: ...
1960 *
1961 * So it efectively becomes something like:
1962 * export env[n]=env[n+1]
1963 * (where n%2 = 0)
1964 *
1965 * The last entry of the array always has to be NULL.
1966 *
1967 * stdinfd, stdoutfd, stderrfd will be dup2'd onto the corresponding
1968 * fd in the child, if they are not -1. The original copy of the
1969 * descriptor will be closed in the child (unless it's 0, 1 or 2
1970 * ie the source descriptor is itself stdin, stdout or stderr).
1971 *
1972 * Logs errors, never returns.
1973 */
1974 _hidden void libxl__exec(libxl__gc *gc, int stdinfd, int stdoutfd,
1975 int stderrfd, const char *arg0, char *const args[],
1976 char *const env[]) __attribute__((noreturn));
1977
1978 /* from xl_create */
1979
1980 /* on entry, libxl_domid_valid_guest(domid) must be false;
1981 * on exit (even error exit), domid may be valid and refer to a domain */
1982 _hidden int libxl__domain_make(libxl__gc *gc,
1983 libxl_domain_config *d_config,
1984 libxl__domain_build_state *state,
1985 uint32_t *domid, bool soft_reset);
1986
1987 _hidden int libxl__domain_build(libxl__gc *gc,
1988 libxl_domain_config *d_config,
1989 uint32_t domid,
1990 libxl__domain_build_state *state);
1991
1992 /* for device model creation */
1993 _hidden const char *libxl__domain_device_model(libxl__gc *gc,
1994 const libxl_domain_build_info *info);
1995 _hidden int libxl__need_xenpv_qemu(libxl__gc *gc,
1996 libxl_domain_config *d_config);
1997 _hidden bool libxl__query_qemu_backend(libxl__gc *gc,
1998 uint32_t domid,
1999 uint32_t backend_id,
2000 const char *type,
2001 bool def);
2002 _hidden int libxl__dm_active(libxl__gc *gc, uint32_t domid);
2003 _hidden int libxl__dm_check_start(libxl__gc *gc,
2004 libxl_domain_config *d_config,
2005 uint32_t domid);
2006
2007 /*
2008 * This function will fix reserved device memory conflict
2009 * according to user's configuration.
2010 */
2011 _hidden int libxl__domain_device_construct_rdm(libxl__gc *gc,
2012 libxl_domain_config *d_config,
2013 uint64_t rdm_mem_guard,
2014 struct xc_dom_image *dom);
2015
2016 /*
2017 * This function will cause the whole libxl process to hang
2018 * if the device model does not respond. It is deprecated.
2019 *
2020 * Instead of calling this function:
2021 * - Make your libxl entrypoint use the ao machinery
2022 * - Use libxl__ev_xswatch_register, and use the callback programming
2023 * style
2024 */
2025 _hidden int libxl__wait_for_device_model_deprecated(libxl__gc *gc,
2026 uint32_t domid, char *state,
2027 libxl__spawn_starting *spawning
2028 /* NULL allowed */,
2029 int (*check_callback)(libxl__gc *gc,
2030 uint32_t domid,
2031 const char *state,
2032 void *userdata),
2033 void *check_callback_userdata);
2034
2035 _hidden const libxl_vnc_info *libxl__dm_vnc(const libxl_domain_config *g_cfg);
2036
2037 _hidden char *libxl__abs_path(libxl__gc *gc, const char *s, const char *path);
2038
2039 #define LIBXL__LOG_DEBUG XTL_DEBUG
2040 #define LIBXL__LOG_VERBOSE XTL_VERBOSE
2041 #define LIBXL__LOG_INFO XTL_INFO
2042 #define LIBXL__LOG_WARNING XTL_WARN
2043 #define LIBXL__LOG_ERROR XTL_ERROR
2044
2045 _hidden char *libxl__domid_to_name(libxl__gc *gc, uint32_t domid);
2046 _hidden char *libxl__cpupoolid_to_name(libxl__gc *gc, uint32_t poolid);
2047
2048 _hidden int libxl__enum_from_string(const libxl_enum_string_table *t,
2049 const char *s, int *e) NN(2);
2050
2051 _hidden yajl_gen_status libxl__yajl_gen_asciiz(yajl_gen hand, const char *str);
2052
2053 _hidden yajl_gen_status libxl__string_gen_json(yajl_gen hand, const char *p);
2054
2055 typedef yajl_gen_status (*libxl__gen_json_callback)(yajl_gen hand, void *);
2056 _hidden char *libxl__object_to_json(libxl_ctx *ctx, const char *type,
2057 libxl__gen_json_callback gen, void *p);
2058
2059 _hidden void libxl__cpuid_legacy(libxl_ctx *ctx, uint32_t domid, bool retore,
2060 libxl_domain_build_info *info);
2061
2062 /* Calls poll() again - useful to check whether a signaled condition
2063 * is still true. Cannot fail. Returns currently-true revents. */
2064 _hidden short libxl__fd_poll_recheck(libxl__egc *egc, int fd, short events);
2065
2066 _hidden char *libxl__uuid2string(libxl__gc *gc, const libxl_uuid uuid);
2067
2068 struct libxl__xen_console_reader {
2069 char *buffer;
2070 unsigned int size;
2071 unsigned int count;
2072 unsigned int clear;
2073 unsigned int incremental;
2074 unsigned int index;
2075 };
2076
2077 /* parse the string @s as a sequence of 6 colon separated bytes in to @mac */
2078 _hidden int libxl__parse_mac(const char *s, libxl_mac mac);
2079 /* compare mac address @a and @b. 0 if the same, -ve if a<b and +ve if a>b */
2080 _hidden int libxl__compare_macs(libxl_mac *a, libxl_mac *b);
2081 /* return true if mac address is all zero (the default value) */
2082 _hidden int libxl__mac_is_default(libxl_mac *mac);
2083 /* init a recursive mutex */
2084 _hidden int libxl__init_recursive_mutex(libxl_ctx *ctx, pthread_mutex_t *lock);
2085
2086 _hidden int libxl__gettimeofday(libxl__gc *gc, struct timeval *now_r);
2087
2088 #define STRINGIFY(x) #x
2089 #define TOSTRING(x) STRINGIFY(x)
2090
2091 /* from libxl_qmp */
2092 typedef struct libxl__qmp_handler libxl__qmp_handler;
2093
2094 /* Initialise and connect to the QMP socket.
2095 * Return an handler or NULL if there is an error
2096 */
2097 _hidden libxl__qmp_handler *libxl__qmp_initialize(libxl__gc *gc,
2098 uint32_t domid);
2099 /* Resume QEMU. */
2100 _hidden int libxl__qmp_resume(libxl__gc *gc, int domid);
2101 /* Load current QEMU state from file. */
2102 _hidden int libxl__qmp_restore(libxl__gc *gc, int domid, const char *filename);
2103 /* Start NBD server */
2104 _hidden int libxl__qmp_nbd_server_start(libxl__gc *gc, int domid,
2105 const char *host, const char *port);
2106 /* Add a disk to NBD server */
2107 _hidden int libxl__qmp_nbd_server_add(libxl__gc *gc, int domid,
2108 const char *disk);
2109 /* Start replication */
2110 _hidden int libxl__qmp_start_replication(libxl__gc *gc, int domid,
2111 bool primary);
2112 /* Get replication error that occurs when the vm is running */
2113 _hidden int libxl__qmp_query_xen_replication_status(libxl__gc *gc, int domid);
2114 /* Do checkpoint */
2115 _hidden int libxl__qmp_colo_do_checkpoint(libxl__gc *gc, int domid);
2116 /* Stop replication */
2117 _hidden int libxl__qmp_stop_replication(libxl__gc *gc, int domid,
2118 bool primary);
2119 /* Stop NBD server */
2120 _hidden int libxl__qmp_nbd_server_stop(libxl__gc *gc, int domid);
2121 /* Add or remove a child to/from quorum */
2122 _hidden int libxl__qmp_x_blockdev_change(libxl__gc *gc, int domid,
2123 const char *parant,
2124 const char *child, const char *node);
2125 /* run a hmp command in qmp mode */
2126 _hidden int libxl__qmp_hmp(libxl__gc *gc, int domid, const char *command_line,
2127 char **out);
2128 /* close and free the QMP handler */
2129 _hidden void libxl__qmp_close(libxl__qmp_handler *qmp);
2130 /* remove the socket file, if the file has already been removed,
2131 * nothing happen */
2132 _hidden void libxl__qmp_cleanup(libxl__gc *gc, uint32_t domid);
2133
2134 /* `data' should contain a byte to send.
2135 * When dealing with a non-blocking fd, it returns
2136 * ERROR_NOT_READY on EWOULDBLOCK
2137 * logs on other failures. */
2138 int libxl__sendmsg_fds(libxl__gc *gc, int carrier,
2139 const char data,
2140 int nfds, const int fds[], const char *what);
2141
2142 /* Insists on receiving exactly nfds and datalen. On failure, logs
2143 * and leaves *fds untouched. */
2144 int libxl__recvmsg_fds(libxl__gc *gc, int carrier,
2145 void *databuf, size_t datalen,
2146 int nfds, int fds[], const char *what);
2147
2148 /* from libxl_json */
2149 #include <yajl/yajl_gen.h>
2150
2151 _hidden yajl_gen_status libxl__yajl_gen_asciiz(yajl_gen hand, const char *str);
2152 _hidden yajl_gen_status libxl__yajl_gen_enum(yajl_gen hand, const char *str);
2153
2154 typedef enum {
2155 JSON_NULL = (1 << 0),
2156 JSON_BOOL = (1 << 1),
2157 JSON_INTEGER = (1 << 2),
2158 JSON_DOUBLE = (1 << 3),
2159 /* number is store in string, it's too big to be a long long or a double */
2160 JSON_NUMBER = (1 << 4),
2161 JSON_STRING = (1 << 5),
2162 JSON_MAP = (1 << 6),
2163 JSON_ARRAY = (1 << 7),
2164 JSON_ANY = 255 /* this is a mask of all values above, adjust as needed */
2165 } libxl__json_node_type;
2166
2167 struct libxl__json_object {
2168 libxl__json_node_type type;
2169 union {
2170 bool b;
2171 long long i;
2172 double d;
2173 char *string;
2174 /* List of libxl__json_object */
2175 flexarray_t *array;
2176 /* List of libxl__json_map_node */
2177 flexarray_t *map;
2178 } u;
2179 struct libxl__json_object *parent;
2180 };
2181
2182 typedef int (*libxl__json_parse_callback)(libxl__gc *gc,
2183 libxl__json_object *o,
2184 void *p);
2185 _hidden int libxl__object_from_json(libxl_ctx *ctx, const char *type,
2186 libxl__json_parse_callback parse,
2187 void *p,
2188 const char *s);
2189
2190 typedef struct {
2191 char *map_key;
2192 libxl__json_object *obj;
2193 } libxl__json_map_node;
2194
libxl__json_object_is_null(const libxl__json_object * o)2195 static inline bool libxl__json_object_is_null(const libxl__json_object *o)
2196 {
2197 return o != NULL && o->type == JSON_NULL;
2198 }
libxl__json_object_is_bool(const libxl__json_object * o)2199 static inline bool libxl__json_object_is_bool(const libxl__json_object *o)
2200 {
2201 return o != NULL && o->type == JSON_BOOL;
2202 }
libxl__json_object_is_string(const libxl__json_object * o)2203 static inline bool libxl__json_object_is_string(const libxl__json_object *o)
2204 {
2205 return o != NULL && o->type == JSON_STRING;
2206 }
libxl__json_object_is_integer(const libxl__json_object * o)2207 static inline bool libxl__json_object_is_integer(const libxl__json_object *o)
2208 {
2209 return o != NULL && o->type == JSON_INTEGER;
2210 }
libxl__json_object_is_double(const libxl__json_object * o)2211 static inline bool libxl__json_object_is_double(const libxl__json_object *o)
2212 {
2213 return o != NULL && o->type == JSON_DOUBLE;
2214 }
libxl__json_object_is_number(const libxl__json_object * o)2215 static inline bool libxl__json_object_is_number(const libxl__json_object *o)
2216 {
2217 return o != NULL && o->type == JSON_NUMBER;
2218 }
libxl__json_object_is_map(const libxl__json_object * o)2219 static inline bool libxl__json_object_is_map(const libxl__json_object *o)
2220 {
2221 return o != NULL && o->type == JSON_MAP;
2222 }
libxl__json_object_is_array(const libxl__json_object * o)2223 static inline bool libxl__json_object_is_array(const libxl__json_object *o)
2224 {
2225 return o != NULL && o->type == JSON_ARRAY;
2226 }
2227
2228 /*
2229 * `o` may be NULL for all libxl__json_object_get_* functions.
2230 */
2231
libxl__json_object_get_bool(const libxl__json_object * o)2232 static inline bool libxl__json_object_get_bool(const libxl__json_object *o)
2233 {
2234 if (libxl__json_object_is_bool(o))
2235 return o->u.b;
2236 else
2237 return false;
2238 }
2239 static inline
libxl__json_object_get_string(const libxl__json_object * o)2240 const char *libxl__json_object_get_string(const libxl__json_object *o)
2241 {
2242 if (libxl__json_object_is_string(o))
2243 return o->u.string;
2244 else
2245 return NULL;
2246 }
2247 static inline
libxl__json_object_get_number(const libxl__json_object * o)2248 const char *libxl__json_object_get_number(const libxl__json_object *o)
2249 {
2250 if (libxl__json_object_is_number(o))
2251 return o->u.string;
2252 else
2253 return NULL;
2254 }
2255 static inline
libxl__json_object_get_map(const libxl__json_object * o)2256 flexarray_t *libxl__json_object_get_map(const libxl__json_object *o)
2257 {
2258 if (libxl__json_object_is_map(o))
2259 return o->u.map;
2260 else
2261 return NULL;
2262 }
2263 static inline
libxl__json_object_get_array(const libxl__json_object * o)2264 flexarray_t *libxl__json_object_get_array(const libxl__json_object *o)
2265 {
2266 if (libxl__json_object_is_array(o))
2267 return o->u.array;
2268 else
2269 return NULL;
2270 }
libxl__json_object_get_integer(const libxl__json_object * o)2271 static inline long long libxl__json_object_get_integer(const libxl__json_object *o)
2272 {
2273 if (libxl__json_object_is_integer(o))
2274 return o->u.i;
2275 else
2276 return -1;
2277 }
2278
2279 /*
2280 * `o` may be NULL for the following libxl__json_*_get functions.
2281 */
2282
2283 _hidden libxl__json_object *libxl__json_array_get(const libxl__json_object *o,
2284 int i);
2285 _hidden
2286 libxl__json_map_node *libxl__json_map_node_get(const libxl__json_object *o,
2287 int i);
2288 _hidden const libxl__json_object *libxl__json_map_get(const char *key,
2289 const libxl__json_object *o,
2290 libxl__json_node_type expected_type);
2291
2292 /*
2293 * NOGC can be used with those json_object functions, but the
2294 * libxl__json_object* will need to be freed with libxl__json_object_free.
2295 */
2296 _hidden libxl__json_object *libxl__json_object_alloc(libxl__gc *gc_opt,
2297 libxl__json_node_type type);
2298 _hidden yajl_status libxl__json_object_to_yajl_gen(libxl__gc *gc_opt,
2299 yajl_gen hand,
2300 const libxl__json_object *param);
2301 _hidden void libxl__json_object_free(libxl__gc *gc_opt,
2302 libxl__json_object *obj);
2303
2304 _hidden libxl__json_object *libxl__json_parse(libxl__gc *gc_opt, const char *s);
2305
2306 /* `args` may be NULL */
2307 _hidden char *libxl__json_object_to_json(libxl__gc *gc,
2308 const libxl__json_object *args);
2309 /* Always return a valid string, but invalid json on error. */
2310 #define JSON(o) \
2311 (libxl__json_object_to_json(gc, (o)) ? : "<invalid-json-object>")
2312
2313 /* Based on /local/domain/$domid/dm-version xenstore key
2314 * default is qemu xen traditional */
2315 _hidden int libxl__device_model_version_running(libxl__gc *gc, uint32_t domid);
2316 /* Return the system-wide default device model */
2317 _hidden libxl_device_model_version libxl__default_device_model(libxl__gc *gc);
2318
2319 static inline
libxl__stubdomain_is_linux_running(libxl__gc * gc,uint32_t domid)2320 bool libxl__stubdomain_is_linux_running(libxl__gc *gc, uint32_t domid)
2321 {
2322 /* same logic as in libxl__stubdomain_is_linux */
2323 return libxl__device_model_version_running(gc, domid)
2324 == LIBXL_DEVICE_MODEL_VERSION_QEMU_XEN;
2325 }
2326
2327 static inline
libxl__stubdomain_is_linux(libxl_domain_build_info * b_info)2328 bool libxl__stubdomain_is_linux(libxl_domain_build_info *b_info)
2329 {
2330 /* right now qemu-tranditional implies MiniOS stubdomain and qemu-xen
2331 * implies Linux stubdomain */
2332 return libxl_defbool_val(b_info->device_model_stubdomain) &&
2333 b_info->device_model_version == LIBXL_DEVICE_MODEL_VERSION_QEMU_XEN;
2334 }
2335
2336 #define DEVICE_MODEL_XS_PATH(gc, dm_domid, domid, fmt, _a...) \
2337 libxl__sprintf(gc, "/local/domain/%u/device-model/%u" fmt, dm_domid, \
2338 domid, ##_a)
2339
2340 /*
2341 * Calling context and GC for event-generating functions:
2342 *
2343 * These are for use by parts of libxl which directly or indirectly
2344 * call libxl__event_occurred. These contain a gc but also a list of
2345 * deferred events.
2346 *
2347 * You should never need to initialise an egc unless you are part of
2348 * the event machinery itself. Otherwise you will always be given an
2349 * egc if you need one. Even functions which generate specific kinds
2350 * of events don't need to - rather, they will be passed an egc into
2351 * their own callback function and should just use the one they're
2352 * given.
2353 *
2354 * Functions using LIBXL_INIT_EGC may *not* generally be called from
2355 * within libxl, because libxl__egc_cleanup may call back into the
2356 * application. This should be enforced by declaring all such
2357 * functions in libxl.h or libxl_event.h with
2358 * LIBXL_EXTERNAL_CALLERS_ONLY. You should in any case not find it
2359 * necessary to call egc-creators from within libxl.
2360 *
2361 * The callbacks must all take place with the ctx unlocked because
2362 * the application is entitled to reenter libxl from them. This
2363 * would be bad not because the lock is not recursive (it is) but
2364 * because the application might make blocking libxl calls which
2365 * would hold the lock unreasonably long.
2366 *
2367 * For the same reason libxl__egc_cleanup (or EGC_FREE) must be called
2368 * with the ctx *unlocked*. So the right pattern has the EGC_...
2369 * macro calls on the outside of the CTX_... ones.
2370 */
2371
2372 /* useful for all functions which take an egc: */
2373
2374 #define EGC_GC \
2375 libxl__gc *const gc __attribute__((unused)) = &egc->gc
2376
2377 /* egc initialisation and destruction: */
2378
2379 #define LIBXL_INIT_EGC(egc,ctx) do{ \
2380 LIBXL_INIT_GC((egc).gc,ctx); \
2381 LIBXL_TAILQ_INIT(&(egc).occurred_for_callback); \
2382 LIBXL_TAILQ_INIT(&(egc).aos_for_callback); \
2383 LIBXL_TAILQ_INIT(&(egc).aops_for_callback); \
2384 LIBXL_STAILQ_INIT(&(egc).ev_immediates); \
2385 } while(0)
2386
2387 _hidden void libxl__egc_ao_cleanup_1_baton(libxl__gc *gc);
2388 /* Passes the baton for added osevents. See comment for
2389 * osevents_added in struct libxl__poller. */
2390 _hidden void libxl__egc_cleanup_2_ul_cb_gc(libxl__egc *egc);
2391 /* Frees memory allocated within this egc's gc, and and report all
2392 * occurred events via callback, if applicable. May reenter the
2393 * application; see restrictions above. The ctx must be UNLOCKED. */
2394
2395 /* convenience macros: */
2396
2397 #define EGC_INIT(ctx) \
2398 libxl__egc egc[1]; LIBXL_INIT_EGC(egc[0],ctx); \
2399 EGC_GC
2400
2401 #define CTX_UNLOCK_EGC_FREE do{ \
2402 libxl__egc_ao_cleanup_1_baton(&egc->gc); \
2403 CTX_UNLOCK; \
2404 libxl__egc_cleanup_2_ul_cb_gc(egc); \
2405 }while(0)
2406
2407
2408 /*
2409 * Machinery for asynchronous operations ("ao")
2410 *
2411 * All "slow" functions (see below for the exact definition) need to
2412 * use the asynchronous operation ("ao") machinery. The function
2413 * should take a parameter const libxl_asyncop_how *ao_how and must
2414 * start with a call to AO_CREATE or equivalent. These functions MAY
2415 * NOT be called from inside libxl (regardless of what is passed for
2416 * ao_how), because they can cause reentrancy hazards due to
2417 * callbacks.
2418 *
2419 * For the same reason functions taking an ao_how may make themselves
2420 * an egc with EGC_INIT (and they will generally want to, to be able
2421 * to immediately complete an ao during its setup).
2422 *
2423 *
2424 * "Slow" functions includes any that might block on a guest or an
2425 * external script. More broadly, it includes any operations which
2426 * are sufficiently slow that an application might reasonably want to
2427 * initiate them, and then carry on doing something else, while the
2428 * operation completes. That is, a "fast" function must be fast
2429 * enough that we do not mind blocking all other management operations
2430 * on the same host while it completes.
2431 *
2432 * There are certain primitive functions which make a libxl operation
2433 * necessarily "slow" for API reasons. These are:
2434 * - awaiting xenstore watches (although read-modify-write xenstore
2435 * transactions are OK for fast functions)
2436 * - spawning subprocesses
2437 * - anything with a timeout
2438 *
2439 *
2440 * Lifecycle of an ao:
2441 *
2442 * - Created by libxl__ao_create (or the AO_CREATE convenience macro).
2443 *
2444 * - After creation, can be used by code which implements
2445 * the operation as follows:
2446 * - the ao's gc, for allocating memory for the lifetime
2447 * of the operation (possibly with the help of the AO_GC
2448 * macro to introduce the gc into scope)
2449 * - the ao itself may be passed about to sub-functions
2450 * so that they can stash it away etc.
2451 * - in particular, the ao pointer must be stashed in some
2452 * per-operation structure which is also passed as a user
2453 * pointer to the internal event generation request routines
2454 * libxl__evgen_FOO, so that at some point a CALLBACK will be
2455 * made when the operation is complete.
2456 * - if the operation provides progress reports, the aop_how(s)
2457 * must be copied into the per-operation structure using
2458 * libxl__ao_progress_gethow.
2459 *
2460 * - If the initiation is unsuccessful, the initiating function must
2461 * call libxl__ao_create_fail before unlocking and returning whatever
2462 * error code is appropriate (AO_CREATE_FAIL macro).
2463 *
2464 * If initiation is successful:
2465 *
2466 * - The initiating function must run libxl__ao_inprogress right
2467 * before unlocking and returning, and return whatever it returns.
2468 * This is best achieved with the AO_INPROGRESS macro.
2469 *
2470 * - If the operation supports progress reports, it may generate
2471 * suitable events with NEW_EVENT and report them with
2472 * libxl__ao_progress_report (with the ctx locked).
2473 *
2474 * - Eventually, some callback function, whose callback has been
2475 * requested directly or indirectly, should call libxl__ao_complete
2476 * (with the ctx locked, as it will generally already be in any
2477 * event callback function). This must happen exactly once for each
2478 * ao, as the last that happens with that ao.
2479 *
2480 * - However, it is permissible for the initiating function to call
2481 * libxl__ao_inprogress and/or libxl__ao_complete (directly or
2482 * indirectly), before it uses AO_INPROGRESS to return. (The ao
2483 * infrastructure will arrange to defer destruction of the ao, etc.,
2484 * until the proper time.) An initiating function should do this
2485 * if it takes a codepath which completes synchronously.
2486 *
2487 * - Conversely it is forbidden to call libxl__ao_complete in the
2488 * initiating function _after_ AO_INPROGRESS, because
2489 * libxl__ao_complete requires the ctx to be locked.
2490 *
2491 * - Note that during callback functions, two gcs are available:
2492 * - The one in egc, whose lifetime is only this callback
2493 * - The one in ao, whose lifetime is the asynchronous operation
2494 * Usually a callback function should use CONTAINER_OF to obtain its
2495 * own state structure, containing a pointer to the ao. It should
2496 * then obtain the ao and use the ao's gc; this is most easily done
2497 * using the convenience macro STATE_AO_GC.
2498 */
2499
2500 #define AO_CREATE(ctx, domid, ao_how) \
2501 libxl__ctx_lock(ctx); \
2502 libxl__ao *ao = libxl__ao_create(ctx, domid, ao_how, \
2503 __FILE__, __LINE__, __func__); \
2504 if (!ao) { libxl__ctx_unlock(ctx); return ERROR_NOMEM; } \
2505 libxl__egc egc[1]; LIBXL_INIT_EGC(egc[0],ctx); \
2506 AO_GC;
2507
2508 #define AO_INPROGRESS ({ \
2509 libxl_ctx *ao__ctx = libxl__gc_owner(&ao->gc); \
2510 /* __ao_inprogress will do egc..1_baton if needed */ \
2511 CTX_UNLOCK; \
2512 libxl__egc_cleanup_2_ul_cb_gc(egc); \
2513 CTX_LOCK; \
2514 int ao__rc = libxl__ao_inprogress(ao, \
2515 __FILE__, __LINE__, __func__); \
2516 libxl__ctx_unlock(ao__ctx); /* gc is now invalid */ \
2517 (ao__rc); \
2518 })
2519
2520 #define AO_CREATE_FAIL(rc) ({ \
2521 libxl_ctx *ao__ctx = libxl__gc_owner(&ao->gc); \
2522 assert(rc); \
2523 libxl__ao_create_fail(ao); \
2524 libxl__egc_ao_cleanup_1_baton(&egc->gc); \
2525 libxl__ctx_unlock(ao__ctx); /* gc is now invalid */ \
2526 libxl__egc_cleanup_2_ul_cb_gc(egc); \
2527 (rc); \
2528 })
2529
2530
2531 /*
2532 * Given, in scope,
2533 * libxl__ao *ao;
2534 * produces, in scope,
2535 * libxl__gc *gc;
2536 */
2537 #define AO_GC \
2538 libxl__gc *const gc __attribute__((unused)) = &ao->gc
2539
2540 /*
2541 * void STATE_AO_GC(libxl__ao *ao_spec);
2542 * // Produces, in scope:
2543 * libxl__ao *ao; // set from ao_spec
2544 * libxl__gc *gc;
2545 */
2546 #define STATE_AO_GC(op_ao) \
2547 libxl__ao *const ao = (op_ao); \
2548 libxl__gc *const gc __attribute__((unused)) = libxl__ao_inprogress_gc(ao)
2549
2550
2551 /* All of these MUST be called with the ctx locked.
2552 * libxl__ao_inprogress MUST be called with the ctx locked exactly once. */
2553 _hidden libxl__ao *libxl__ao_create(libxl_ctx*, uint32_t domid,
2554 const libxl_asyncop_how*,
2555 const char *file, int line, const char *func);
2556 _hidden int libxl__ao_inprogress(libxl__ao *ao,
2557 const char *file, int line, const char *func); /* temporarily unlocks */
2558 _hidden void libxl__ao_create_fail(libxl__ao *ao);
2559 _hidden void libxl__ao_complete(libxl__egc *egc, libxl__ao *ao, int rc);
2560 _hidden libxl__gc *libxl__ao_inprogress_gc(libxl__ao *ao);
2561
2562 /* Can be called at any time. Use is essential for any aop user. */
2563 _hidden void libxl__ao_progress_gethow(libxl_asyncprogress_how *in_state,
2564 const libxl_asyncprogress_how *from_app);
2565
2566 /* Must be called with the ctx locked. Will fill in ev->for_user,
2567 * so caller need not do that. */
2568 _hidden void libxl__ao_progress_report(libxl__egc *egc, libxl__ao *ao,
2569 const libxl_asyncprogress_how *how, libxl_event *ev /* consumed */);
2570
2571 /* For use by ao machinery ONLY */
2572 _hidden void libxl__ao__destroy(libxl_ctx*, libxl__ao *ao);
2573 _hidden void libxl__ao_complete_check_progress_reports(libxl__egc*, libxl__ao*);
2574
2575
2576 /*
2577 * Short-lived sub-ao, aka "nested ao".
2578 *
2579 * Some asynchronous operations are very long-running. Generally,
2580 * since an ao has a gc, any allocations made in that ao will live
2581 * until the ao is completed. When this is not desirable, these
2582 * functions may be used to manage a "sub-ao".
2583 *
2584 * The returned sub-ao is suitable for passing to gc-related functions
2585 * and macros such as libxl__ao_inprogress_gc, AO_GC, and STATE_AO_GC.
2586 *
2587 * It MUST NOT be used with AO_INPROGRESS, AO_CREATE_FAIL,
2588 * libxl__ao_complete, libxl__ao_progress_report, and so on.
2589 *
2590 * The caller must ensure that all of the sub-ao's are freed before
2591 * the parent is. Multiple levels of nesting are OK (although
2592 * hopefully they won't be necessary).
2593 */
2594
2595 _hidden libxl__ao *libxl__nested_ao_create(libxl__ao *parent); /* cannot fail */
2596 _hidden void libxl__nested_ao_free(libxl__ao *child);
2597
2598
2599 /*
2600 * File descriptors and CLOEXEC
2601 */
2602
2603 /*
2604 * For libxl functions which create file descriptors, at least one
2605 * of the following must be true:
2606 * (a) libxl does not care if copies of this open-file are inherited
2607 * by random children and might remain open indefinitely
2608 * (b) libxl must take extra care for the fd (the actual descriptor,
2609 * not the open-file) as below. We call this a "carefd".
2610 *
2611 * The rules for opening a carefd are:
2612 * (i) Before bringing any carefds into existence,
2613 * libxl code must call libxl__carefd_begin.
2614 * (ii) Then for each carefd brought into existence,
2615 * libxl code must call libxl__carefd_record
2616 * and remember the libxl__carefd_record*.
2617 * (iii) Then it must call libxl__carefd_unlock.
2618 * (iv) When in a child process the fd is to be passed across
2619 * exec by libxl, the libxl code must unset FD_CLOEXEC
2620 * on the fd eg by using libxl_fd_set_cloexec.
2621 * (v) Later, when the fd is to be closed in the same process,
2622 * libxl code must not call close. Instead, it must call
2623 * libxl__carefd_close.
2624 * Steps (ii) and (iii) can be combined by calling the convenience
2625 * function libxl__carefd_opened.
2626 */
2627 /* libxl__carefd_begin and _unlock (or _opened) must be called always
2628 * in pairs. They may be called with the CTX lock held. In between
2629 * _begin and _unlock, the following are prohibited:
2630 * - anything which might block
2631 * - any callbacks to the application
2632 * - nested calls to libxl__carefd_begin
2633 * - fork (libxl__fork)
2634 * In general nothing should be done before _unlock that could be done
2635 * afterwards.
2636 */
2637
2638 _hidden void libxl__carefd_begin(void);
2639 _hidden void libxl__carefd_unlock(void);
2640
2641 /* fd may be -1, in which case this returns a dummy libxl__fd_record
2642 * on which it _carefd_close is a no-op. Cannot fail. */
2643 _hidden libxl__carefd *libxl__carefd_record(libxl_ctx *ctx, int fd);
2644
2645 /* Combines _record and _unlock in a single call. If fd==-1,
2646 * still does the unlock, but returns 0. */
2647 _hidden libxl__carefd *libxl__carefd_opened(libxl_ctx *ctx, int fd);
2648
2649 /* Works just like close(2). You may pass NULL, in which case it's
2650 * a successful no-op. */
2651 _hidden int libxl__carefd_close(libxl__carefd*);
2652
2653 /* You may pass NULL in which case the answer is -1. */
2654 _hidden int libxl__carefd_fd(const libxl__carefd*);
2655
2656 /* common paths */
2657 _hidden const char *libxl__private_bindir_path(void);
2658 _hidden const char *libxl__xenfirmwaredir_path(void);
2659 _hidden const char *libxl__xen_config_dir_path(void);
2660 _hidden const char *libxl__xen_script_dir_path(void);
2661 _hidden const char *libxl__lock_dir_path(void);
2662 _hidden const char *libxl__run_dir_path(void);
2663 _hidden const char *libxl__seabios_path(void);
2664 _hidden const char *libxl__ovmf_path(void);
2665 _hidden const char *libxl__ipxe_path(void);
2666
2667 /*----- subprocess execution with timeout -----*/
2668
2669 typedef struct libxl__async_exec_state libxl__async_exec_state;
2670
2671 typedef void libxl__async_exec_callback(libxl__egc *egc,
2672 libxl__async_exec_state *aes, int rc, int status);
2673 /*
2674 * Meaning of status and rc:
2675 * rc==0, status==0 all went well
2676 * rc==0, status!=0 everything OK except child exited nonzero (logged)
2677 * rc!=0 something else went wrong (status is real
2678 * exit status; maybe reflecting SIGKILL, and
2679 * therefore not very interesting, if aes code
2680 * killed the child). Logged unless ABORTED.
2681 */
2682
2683 struct libxl__async_exec_state {
2684 /* caller must fill these in */
2685 libxl__ao *ao;
2686 const char *what; /* for error msgs, what we're executing */
2687 int timeout_ms;
2688 libxl__async_exec_callback *callback;
2689 /* caller must fill in; as for libxl__exec */
2690 int stdfds[3];
2691 char **args; /* execution arguments */
2692 char **env; /* execution environment */
2693
2694 /* private */
2695 libxl__ev_time time;
2696 libxl__ev_child child;
2697 int rc;
2698 };
2699
2700 void libxl__async_exec_init(libxl__async_exec_state *aes);
2701 int libxl__async_exec_start(libxl__async_exec_state *aes);
2702 bool libxl__async_exec_inuse(const libxl__async_exec_state *aes);
2703
2704 _hidden void libxl__kill(libxl__gc *gc, pid_t pid, int sig, const char *what);
2705 /* kill SIGHUP a pid stored in xenstore */
2706 _hidden int libxl__kill_xs_path(libxl__gc *gc, const char *xs_path_pid,
2707 const char *what);
2708
2709 /*----- device addition/removal -----*/
2710
2711 typedef void libxl__device_callback(libxl__egc*, libxl__ao_device*);
2712
2713 /* This functions sets the necessary libxl__ao_device struct values to use
2714 * safely inside functions. It marks the operation as "active"
2715 * since we need to be sure that all device status structs are set
2716 * to active before start queueing events, or we might call
2717 * ao_complete before all devices had finished
2718 *
2719 * libxl__initiate_device_{remove/addition} should not be called without
2720 * calling libxl__prepare_ao_device first, since it initializes the private
2721 * fields of the struct libxl__ao_device to what this functions expect.
2722 *
2723 * Once _prepare has been called on a libxl__ao_device, it is safe to just
2724 * discard this struct, there's no need to call any destroy function.
2725 * _prepare can also be called multiple times with the same libxl__ao_device.
2726 *
2727 * But if any of the fields `backend_ds', `timeout', `xswait', `qmp' is
2728 * used by a caller of _prepare, the caller will have to arrange to clean
2729 * or dispose of them.
2730 */
2731 _hidden void libxl__prepare_ao_device(libxl__ao *ao, libxl__ao_device *aodev);
2732
2733 /* generic callback for devices that only need to set ao_complete */
2734 _hidden void device_addrm_aocomplete(libxl__egc *egc, libxl__ao_device *aodev);
2735
2736 struct libxl__ao_device {
2737 /* filled in by user */
2738 libxl__ao *ao;
2739 libxl__device_action action;
2740 libxl__device *dev;
2741 int force;
2742 libxl__device_callback *callback;
2743 /* return value, zeroed by user on entry, is valid on callback */
2744 int rc;
2745 /* private for multidev */
2746 int active;
2747 libxl__multidev *multidev; /* reference to the containing multidev */
2748 /* private for add/remove implementation */
2749 libxl__ev_devstate backend_ds;
2750 /* Bodge for Qemu devices */
2751 libxl__ev_time timeout;
2752 /* xenstore watch for backend path of driver domains */
2753 libxl__xswait_state xswait;
2754 int num_exec;
2755 /* for calling hotplug scripts */
2756 libxl__async_exec_state aes;
2757 /* If we need to update JSON config */
2758 bool update_json;
2759 /* for asynchronous execution of synchronous-only syscalls etc. */
2760 libxl__ev_child child;
2761 libxl__ev_qmp qmp;
2762 /* 'device_config' can be used to to pass to callbacks a pointer of one
2763 * of the type 'libxl_device_$type' corresponding to the device been
2764 * hotplug. 'device_type' should have the corresponding
2765 * 'libxl__$type_devtype'. */
2766 void *device_config;
2767 const libxl__device_type *device_type;
2768 };
2769
2770 /*
2771 * Multiple devices "multidev" handling.
2772 *
2773 * Firstly, you should
2774 * libxl__multidev_begin
2775 * multidev->callback = ...
2776 * Then zero or more times
2777 * libxl__multidev_prepare
2778 * libxl__initiate_device_{remove/addition}
2779 * (or some other thing which will eventually call
2780 * aodev->callback or libxl__multidev_one_callback)
2781 * Finally, once
2782 * libxl__multidev_prepared
2783 * which will result (perhaps reentrantly) in one call to
2784 * multidev->callback().
2785 */
2786
2787 /* Starts preparing to add/remove a bunch of devices. */
2788 _hidden void libxl__multidev_begin(libxl__ao *ao, libxl__multidev*);
2789
2790 /* Prepares to add/remove one of many devices.
2791 * Calls libxl__prepare_ao_device on libxl__ao_device argument provided and
2792 * also sets the aodev->callback (to libxl__multidev_one_callback)
2793 * The user should not mess with aodev->callback.
2794 */
2795 _hidden void libxl__multidev_prepare_with_aodev(libxl__multidev*,
2796 libxl__ao_device*);
2797
2798 /* A wrapper function around libxl__multidev_prepare_with_aodev.
2799 * Allocates a libxl__ao_device and prepares it for addition/removal.
2800 * Returns the newly allocated libxl__ao_dev.
2801 */
2802 _hidden libxl__ao_device *libxl__multidev_prepare(libxl__multidev*);
2803
2804 /* Indicates to multidev that this one device has been processed.
2805 * Normally the multidev user does not need to touch this function, as
2806 * multidev_prepare will name it in aodev->callback. However, if you
2807 * want to do something more complicated you can set aodev->callback
2808 * yourself to something else, so long as you eventually call
2809 * libxl__multidev_one_callback.
2810 */
2811 _hidden void libxl__multidev_one_callback(libxl__egc *egc,
2812 libxl__ao_device *aodev);
2813
2814 /* Notifies the multidev machinery that we have now finished preparing
2815 * and initiating devices. multidev->callback may then be called as
2816 * soon as there are no prepared but not completed operations
2817 * outstanding, perhaps reentrantly. If rc!=0 (error should have been
2818 * logged) multidev->callback will get a non-zero rc.
2819 * callback may be set by the user at any point before prepared. */
2820 _hidden void libxl__multidev_prepared(libxl__egc*, libxl__multidev*, int rc);
2821
2822 typedef void libxl__devices_callback(libxl__egc*, libxl__multidev*, int rc);
2823 struct libxl__multidev {
2824 /* set by user: */
2825 libxl__devices_callback *callback;
2826 /* for private use by libxl__...ao_devices... machinery: */
2827 libxl__ao *ao;
2828 libxl__ao_device **array;
2829 int used, allocd;
2830 libxl__ao_device *preparation;
2831 };
2832
2833 /*
2834 * Algorithm for handling device removal (including domain
2835 * destruction). This is somewhat subtle because we may already have
2836 * killed the domain and caused the death of qemu.
2837 *
2838 * In current versions of qemu there is no mechanism for ensuring that
2839 * the resources used by its devices (both emulated and any PV devices
2840 * provided by qemu) are freed (eg, fds closed) before it shuts down,
2841 * and no confirmation from a terminating qemu back to the toolstack.
2842 *
2843 * This will need to be fixed in future Xen versions. In the meantime
2844 * (Xen 4.2) we implement a bodge.
2845 *
2846 * WE WANT TO UNPLUG WE WANT TO SHUT DOWN OR DESTROY
2847 * | |
2848 * | LIBXL SENDS SIGHUP TO QEMU
2849 * | .....................|........................
2850 * | : XEN 4.3+ PLANNED | :
2851 * | : QEMU TEARS DOWN ALL DEVICES :
2852 * | : FREES RESOURCES (closing fds) :
2853 * | : SETS PV BACKENDS TO STATE 5, :
2854 * | : waits for PV frontends to shut down :
2855 * | : SETS PV BACKENDS TO STATE 6 :
2856 * | : | :
2857 * | : QEMU NOTIFIES TOOLSTACK (via :
2858 * | : xenstore) that it is exiting :
2859 * | : QEMU EXITS (parent may be init) :
2860 * | : | :
2861 * | : TOOLSTACK WAITS FOR QEMU :
2862 * | : notices qemu has finished :
2863 * | :....................|.......................:
2864 * | .--------------------'
2865 * V V
2866 * for each device
2867 * we want to unplug/remove
2868 * ..................|...........................................
2869 * : V XEN 4.2 RACY BODGE :
2870 * : device is provided by qemu :
2871 * : | `-----------. :
2872 * : something| V :
2873 * : else, eg| domain (that is domain for which :
2874 * : blkback| this PV device is the backend, :
2875 * : | which might be the stub dm) :
2876 * : | is still alive? :
2877 * : | | | :
2878 * : | |alive |dead :
2879 * : |<-----------------' | :
2880 * : | hopefully qemu is | :
2881 * : | still running | :
2882 * :............|................. | :
2883 * ,----->| : we may be racing :
2884 * | backend state? : with qemu's death :
2885 * ^ | | : | :
2886 * xenstore| |other |6 : WAIT 2.0s :
2887 * conflict| | | : TIMEOUT :
2888 * | WRITE B.E. | : | :
2889 * | STATE:=5 | : hopefully qemu has :
2890 * `---' | | : gone by now and :
2891 * |ok | : freed its resources :
2892 * | | : | :
2893 * WAIT FOR | : SET B.E. :
2894 * STATE==6 | : STATE:=6 :
2895 * / | | :..........|...................:
2896 * timeout/ ok| | |
2897 * / | | |
2898 * | RUN HOTPLUG <-'<----------------'
2899 * | SCRIPT
2900 * | |
2901 * `---> NUKE
2902 * BACKEND
2903 * |
2904 * DONE.
2905 */
2906
2907 /*
2908 * As of Xen 4.5 we maintain various information, including hotplug
2909 * device information, in JSON files, so that we can use this JSON
2910 * file as a template to reconstruct domain configuration.
2911 *
2912 * In essense there are now two views of device state, one is the
2913 * primary config (xenstore or QEMU), the other is JSON file.
2914 *
2915 * Here we maintain one invariant: every device in the primary config
2916 * must have an entry in JSON file.
2917 *
2918 * All device hotplug routines should comply to following pattern:
2919 * lock json config (json_lock)
2920 * read json config
2921 * update in-memory json config with new entry, replacing
2922 * any stale entry
2923 * for loop -- xs transaction
2924 * open xs transaction
2925 * check device existence, bail if it exists
2926 * write in-memory json config to disk
2927 * commit xs transaction
2928 * end for loop
2929 * unlock json config
2930 *
2931 * Or in case QEMU is the primary config, this pattern can be use:
2932 * qmp_lock (libxl__ev_devlock_init)
2933 * lock json config (json_lock)
2934 * read json config
2935 * update in-memory json config with new entry, replacing
2936 * any stale entry
2937 * unlock json config
2938 * apply new config to primary config
2939 * lock json config (json_lock)
2940 * read json config
2941 * update in-memory json config with new entry, replacing
2942 * any stale entry
2943 * write in-memory json config to disk
2944 * unlock json config
2945 * unlock qmp_lock
2946 * (CTX_LOCK can be acquired and released several time while holding the
2947 * qmp_lock)
2948 *
2949 * Device removal routines are not touched.
2950 *
2951 * Here is the proof that we always maintain that invariant and we
2952 * don't leak files during interaction of hotplug thread and other
2953 * threads / processes.
2954 *
2955 * # Safe against parallel add
2956 *
2957 * When another thread / process tries to add same device, it's
2958 * blocked by json_lock. The loser of two threads will bail at
2959 * existence check, so that we don't overwrite anything.
2960 *
2961 * # Safe against domain destruction
2962 *
2963 * If the thread / process trying to destroy domain loses the race, it's
2964 * blocked by json_lock. If the hotplug thread is loser, it bails at
2965 * acquiring lock because lock acquisition function checks existence of
2966 * the domain.
2967 *
2968 * # Safe against parallel removal
2969 *
2970 * When another thread / process tries to remove a device, it's _NOT_
2971 * blocked by json_lock, but xenstore transaction can help maintain
2972 * invariant. The removal threads either a) sees that device in
2973 * xenstore, b) doesn't see that device in xenstore.
2974 *
2975 * In a), it sees that device in xenstore. At that point hotplug is
2976 * already finished (both JSON and xenstore changes committed). So that
2977 * device can be safely removed. JSON entry is left untouched and
2978 * becomes stale, but this is a valid state -- next time when a
2979 * device with same identifier gets added, the stale entry gets
2980 * overwritten.
2981 *
2982 * In b), it doesn't see that device in xenstore, but it will commence
2983 * anyway. Eventually a forcibly removal is initiated, which will forcely
2984 * remove xenstore entry.
2985 *
2986 * If hotplug threads creates xenstore entry (therefore JSON entry as
2987 * well) before force removal, that xenstore entry is removed. We're
2988 * left with JSON stale entry but not xenstore entry, which is a valid
2989 * state.
2990 *
2991 * If hotplug thread has not created xenstore entry when the removal
2992 * is committed, we're obviously safe. Hotplug thread will add in
2993 * xenstore entry afterwards. We have both JSON and xenstore entry,
2994 * it's a valid state.
2995 */
2996
2997 /* Waits for the passed device to reach state XenbusStateInitWait.
2998 * This is not really useful by itself, but is important when executing
2999 * hotplug scripts, since we need to be sure the device is in the correct
3000 * state before executing them.
3001 *
3002 * Once finished, aodev->callback will be executed.
3003 */
3004 _hidden void libxl__wait_device_connection(libxl__egc*,
3005 libxl__ao_device *aodev);
3006
3007 /* Arranges that dev will be removed to the guest, and the
3008 * hotplug scripts will be executed (if necessary). When
3009 * this is done (or an error happens), the callback in
3010 * aodev->callback will be called.
3011 *
3012 * The libxl__ao_device passed to this function should be
3013 * prepared using libxl__prepare_ao_device prior to calling
3014 * this function.
3015 *
3016 * Once finished, aodev->callback will be executed.
3017 */
3018 _hidden void libxl__initiate_device_generic_remove(libxl__egc *egc,
3019 libxl__ao_device *aodev);
3020
3021 _hidden void libxl__initiate_device_usbctrl_remove(libxl__egc *egc,
3022 libxl__ao_device *aodev);
3023
3024 /*
3025 * libxl__get_hotplug_script_info returns the args and env that should
3026 * be passed to the hotplug script for the requested device.
3027 *
3028 * Since a device might not need to execute any hotplug script, this function
3029 * can return the following values:
3030 * < 0: Error
3031 * 0: No need to execute hotplug script
3032 * 1: Execute hotplug script
3033 *
3034 * The last parameter, "num_exec" refeers to the number of times hotplug
3035 * scripts have been called for this device.
3036 *
3037 * The main body of libxl will, for each device, keep calling
3038 * libxl__get_hotplug_script_info, with incrementing values of
3039 * num_exec, and executing the resulting script accordingly,
3040 * until libxl__get_hotplug_script_info returns<=0.
3041 */
3042 _hidden int libxl__get_hotplug_script_info(libxl__gc *gc, libxl__device *dev,
3043 char ***args, char ***env,
3044 libxl__device_action action,
3045 int num_exec);
3046
3047 /*----- local disk attach: attach a disk locally to run the bootloader -----*/
3048
3049 typedef struct libxl__disk_local_state libxl__disk_local_state;
3050 typedef void libxl__disk_local_state_callback(libxl__egc*,
3051 libxl__disk_local_state*,
3052 int rc);
3053
3054 /* A libxl__disk_local_state may be in the following states:
3055 * Undefined, Idle, Attaching, Attached, Detaching.
3056 */
3057 struct libxl__disk_local_state {
3058 /* filled by the user */
3059 libxl__ao *ao;
3060 const libxl_device_disk *in_disk;
3061 libxl_device_disk disk;
3062 const char *blkdev_start;
3063 libxl__disk_local_state_callback *callback;
3064 /* filled by libxl__device_disk_local_initiate_attach */
3065 char *diskpath;
3066 /* private for implementation of local detach */
3067 libxl__ao_device aodev;
3068 int rc;
3069 };
3070
3071 /*
3072 * Prepares a dls for use.
3073 * State Undefined -> Idle
3074 */
libxl__device_disk_local_init(libxl__disk_local_state * dls)3075 static inline void libxl__device_disk_local_init(libxl__disk_local_state *dls)
3076 {
3077 dls->rc = 0;
3078 }
3079
3080 /*
3081 * See if we can find a way to access a disk locally
3082 */
3083 _hidden char * libxl__device_disk_find_local_path(libxl__gc *gc,
3084 libxl_domid guest_domid,
3085 const libxl_device_disk *disk,
3086 bool qdisk_direct);
3087
3088
3089 /* Make a disk available in this (the control) domain. Always calls
3090 * dls->callback when finished.
3091 * State Idle -> Attaching
3092 *
3093 * The state of dls on entry to the callback depends on the value
3094 * of rc passed to the callback:
3095 * rc == 0: Attached if rc == 0
3096 * rc != 0: Idle
3097 */
3098 _hidden void libxl__device_disk_local_initiate_attach(libxl__egc *egc,
3099 libxl__disk_local_state *dls);
3100
3101 /* Disconnects a disk device form the control domain. If the passed
3102 * dls is not attached (or has already been detached),
3103 * libxl__device_disk_local_initiate_detach will just call the callback
3104 * directly.
3105 * State Idle/Attached -> Detaching
3106 *
3107 * The state of dls on entry to the callback is Idle.
3108 */
3109 _hidden void libxl__device_disk_local_initiate_detach(libxl__egc *egc,
3110 libxl__disk_local_state *dls);
3111
3112 /*----- datacopier: copies data from one fd to another -----*/
3113
3114 typedef struct libxl__datacopier_state libxl__datacopier_state;
3115 typedef struct libxl__datacopier_buf libxl__datacopier_buf;
3116
3117 /* onwrite==1 means problem happened when writing
3118 * rc==FAIL errnoval >0 we had a write error, logged
3119 * onwrite==0 means problem happened when reading
3120 * rc==0 errnoval==0 we got eof and all data was written
3121 * rc==FAIL errnoval >0 we had a read error, logged
3122 * onwrite==-1 means some other internal problem
3123 * rc==FAIL errnoval==EIO some other internal failure, logged
3124 * rc==ABORTED errnoval==0 abort requested, not logged
3125 * If we get POLLHUP, we call callback_pollhup with
3126 * rc==FAIL errnoval==-1 POLLHUP signalled
3127 * or if callback_pollhup==0 this is treated as eof (if POLLIN|POLLHUP
3128 * on the reading fd) or an internal failure (otherwise), as above.
3129 * In all cases copier is killed before calling this callback */
3130 typedef void libxl__datacopier_callback(libxl__egc *egc,
3131 libxl__datacopier_state *dc, int rc, int onwrite, int errnoval);
3132
3133 struct libxl__datacopier_buf {
3134 /* private to datacopier */
3135 LIBXL_TAILQ_ENTRY(libxl__datacopier_buf) entry;
3136 int used;
3137 char buf[1000];
3138 };
3139
3140 struct libxl__datacopier_state {
3141 /* caller must fill these in, and they must all remain valid */
3142 libxl__ao *ao;
3143 int readfd, writefd;
3144 ssize_t maxsz;
3145 ssize_t bytes_to_read; /* set to -1 to read until EOF */
3146 const char *copywhat, *readwhat, *writewhat; /* for error msgs */
3147 FILE *log; /* gets a copy of everything */
3148 libxl__datacopier_callback *callback;
3149 libxl__datacopier_callback *callback_pollhup;
3150 void *readbuf; /* Set this to read data into it without writing to an
3151 fd. The buffer should be at least as large as the
3152 bytes_to_read parameter, which should not be -1. */
3153 /* remaining fields are private to datacopier */
3154 libxl__ao_abortable abrt;
3155 libxl__ev_fd toread, towrite;
3156 ssize_t used;
3157 LIBXL_TAILQ_HEAD(libxl__datacopier_bufs, libxl__datacopier_buf) bufs;
3158 };
3159
3160 _hidden void libxl__datacopier_init(libxl__datacopier_state *dc);
3161 _hidden void libxl__datacopier_kill(libxl__datacopier_state *dc);
3162 _hidden int libxl__datacopier_start(libxl__datacopier_state *dc);
3163
3164 /* Inserts literal data into the output stream. The data is copied.
3165 * May safely be used only immediately after libxl__datacopier_start
3166 * (before the ctx is unlocked). But may be called multiple times.
3167 * NB exceeding maxsz will fail an assertion! */
3168 _hidden void libxl__datacopier_prefixdata(libxl__egc*, libxl__datacopier_state*,
3169 const void *data, size_t len);
3170
3171 /*----- Save/restore helper (used by creation and suspend) -----*/
3172
3173 typedef struct libxl__srm_save_callbacks {
3174 libxl__srm_save_autogen_callbacks a;
3175 } libxl__srm_save_callbacks;
3176
3177 typedef struct libxl__srm_restore_callbacks {
3178 libxl__srm_restore_autogen_callbacks a;
3179 } libxl__srm_restore_callbacks;
3180
3181 /* a pointer to this struct is also passed as "user" to the
3182 * save callout helper callback functions */
3183 typedef struct libxl__save_helper_state {
3184 /* public, caller of run_helper initialises */
3185 libxl__ao *ao;
3186 uint32_t domid;
3187 union {
3188 libxl__srm_save_callbacks save;
3189 libxl__srm_restore_callbacks restore;
3190 } callbacks;
3191 int (*recv_callback)(const unsigned char *msg, uint32_t len, void *user);
3192 void (*completion_callback)(libxl__egc *egc, void *caller_state,
3193 int rc, int retval, int errnoval);
3194 void *caller_state;
3195 int need_results; /* set to 0 or 1 by caller of run_helper;
3196 * if set to 1 then the ultimate caller's
3197 * results function must set it to 0 */
3198 /* private */
3199 int rc;
3200 int completed; /* retval/errnoval valid iff completed */
3201 int retval, errnoval; /* from xc_domain_save / xc_domain_restore */
3202 libxl__ao_abortable abrt;
3203 libxl__carefd *pipes[2]; /* 0 = helper's stdin, 1 = helper's stdout */
3204 libxl__ev_fd readable;
3205 libxl__ev_child child;
3206 const char *stdin_what, *stdout_what;
3207
3208 libxl__egc *egc; /* valid only for duration of each event callback;
3209 * is here in this struct for the benefit of the
3210 * marshalling and xc callback functions */
3211 } libxl__save_helper_state;
3212
3213 /*----- checkpoint device related state structure -----*/
3214 /*
3215 * The abstract checkpoint device layer exposes a common
3216 * set of API to [external] libxl for manipulating devices attached to
3217 * a guest protected by Remus/COLO. The device layer also exposes a set of
3218 * [internal] interfaces that every device type must implement.
3219 *
3220 * The following API are exposed to libxl:
3221 *
3222 * One-time configuration operations:
3223 * +libxl__checkpoint_devices_setup
3224 * > Enable output buffering for NICs, setup disk replication, etc.
3225 * +libxl__checkpoint_devices_teardown
3226 * > Disable output buffering and disk replication; teardown any
3227 * associated external setups like qdiscs for NICs.
3228 *
3229 * Operations executed every checkpoint (in order of invocation):
3230 * +libxl__checkpoint_devices_postsuspend
3231 * +libxl__checkpoint_devices_preresume
3232 * +libxl__checkpoint_devices_commit
3233 *
3234 * Each device type needs to implement the interfaces specified in
3235 * the libxl__checkpoint_device_instance_ops if it wishes to support Remus/COLO.
3236 *
3237 * The high-level control flow through the checkpoint device layer is shown
3238 * below:
3239 *
3240 * xl remus
3241 * |-> libxl_domain_remus_start
3242 * |-> libxl__checkpoint_devices_setup
3243 * |-> Per-checkpoint libxl__checkpoint_devices_[postsuspend,preresume,commit]
3244 * ...
3245 * |-> On backup failure, network error or other internal errors:
3246 * libxl__checkpoint_devices_teardown
3247 */
3248
3249 typedef struct libxl__checkpoint_device libxl__checkpoint_device;
3250 typedef struct libxl__checkpoint_devices_state libxl__checkpoint_devices_state;
3251 typedef struct libxl__checkpoint_device_instance_ops libxl__checkpoint_device_instance_ops;
3252
3253 /*
3254 * Interfaces to be implemented by every device subkind that wishes to
3255 * support Remus/COLO. Functions must be implemented unless otherwise
3256 * stated. Many of these functions are asynchronous. They call
3257 * dev->aodev.callback when done. The actual implementations may be
3258 * synchronous and call dev->aodev.callback directly (as the last
3259 * thing they do).
3260 */
3261 struct libxl__checkpoint_device_instance_ops {
3262 /* the device kind this ops belongs to... */
3263 libxl__device_kind kind;
3264
3265 /*
3266 * Checkpoint operations. May be NULL, meaning the op is not
3267 * implemented and the caller should treat them as a no-op (and do
3268 * nothing when checkpointing).
3269 * Asynchronous.
3270 */
3271
3272 void (*postsuspend)(libxl__egc *egc, libxl__checkpoint_device *dev);
3273 void (*preresume)(libxl__egc *egc, libxl__checkpoint_device *dev);
3274 void (*commit)(libxl__egc *egc, libxl__checkpoint_device *dev);
3275
3276 /*
3277 * setup() and teardown() are refer to the actual checkpoint device.
3278 * Asynchronous.
3279 * teardown is called even if setup fails.
3280 */
3281 /*
3282 * setup() should first determines whether the subkind matches the specific
3283 * device. If matched, the device will then be managed with this set of
3284 * subkind operations.
3285 * Yields 0 if the device successfully set up.
3286 * CHECKPOINT_DEVOPS_DOES_NOT_MATCH if the ops does not match the device.
3287 * any other rc indicates failure.
3288 */
3289 void (*setup)(libxl__egc *egc, libxl__checkpoint_device *dev);
3290 void (*teardown)(libxl__egc *egc, libxl__checkpoint_device *dev);
3291 };
3292
3293 int init_subkind_nic(libxl__checkpoint_devices_state *cds);
3294 void cleanup_subkind_nic(libxl__checkpoint_devices_state *cds);
3295 int init_subkind_drbd_disk(libxl__checkpoint_devices_state *cds);
3296 void cleanup_subkind_drbd_disk(libxl__checkpoint_devices_state *cds);
3297
3298 typedef void libxl__checkpoint_callback(libxl__egc *,
3299 libxl__checkpoint_devices_state *,
3300 int rc);
3301
3302 /*
3303 * State associated with a checkpoint invocation, including parameters
3304 * passed to the checkpoint abstract device layer by the remus
3305 * save/restore machinery.
3306 */
3307 struct libxl__checkpoint_devices_state {
3308 /*-- must be set by caller of libxl__checkpoint_device_(setup|teardown) --*/
3309
3310 libxl__ao *ao;
3311 uint32_t domid;
3312 libxl__checkpoint_callback *callback;
3313 void *concrete_data;
3314 int device_kind_flags;
3315 /* The ops must be pointer array, and the last ops must be NULL. */
3316 const libxl__checkpoint_device_instance_ops **ops;
3317
3318 /*----- private for abstract layer only -----*/
3319
3320 int num_devices;
3321 /*
3322 * this array is allocated before setup the checkpoint devices by the
3323 * checkpoint abstract layer.
3324 * devs may be NULL, means there's no checkpoint devices that has been
3325 * set up.
3326 * the size of this array is 'num_devices', which is the total number
3327 * of libxl nic devices and disk devices(num_nics + num_disks).
3328 */
3329 libxl__checkpoint_device **devs;
3330
3331 libxl_device_nic *nics;
3332 int num_nics;
3333 libxl_device_disk *disks;
3334 int num_disks;
3335
3336 libxl__multidev multidev;
3337 };
3338
3339 /*
3340 * Information about a single device being handled by remus.
3341 * Allocated by the checkpoint abstract layer.
3342 */
3343 struct libxl__checkpoint_device {
3344 /*----- shared between abstract and concrete layers -----*/
3345 /*
3346 * if this is true, that means the subkind ops match the device
3347 */
3348 bool matched;
3349
3350 /*----- set by checkpoint device abstruct layer -----*/
3351 /* libxl__device_* which this checkpoint device related to */
3352 const void *backend_dev;
3353 libxl__device_kind kind;
3354 libxl__checkpoint_devices_state *cds;
3355 libxl__ao_device aodev;
3356
3357 /*----- private for abstract layer only -----*/
3358
3359 /*
3360 * Control and state variables for the asynchronous callback
3361 * based loops which iterate over device subkinds, and over
3362 * individual devices.
3363 */
3364 int ops_index;
3365 const libxl__checkpoint_device_instance_ops *ops;
3366
3367 /*----- private for concrete (device-specific) layer -----*/
3368
3369 /* concrete device's private data */
3370 void *concrete_data;
3371 };
3372
3373 /* the following 5 APIs are async ops, call cds->callback when done */
3374 _hidden void libxl__checkpoint_devices_setup(libxl__egc *egc,
3375 libxl__checkpoint_devices_state *cds);
3376 _hidden void libxl__checkpoint_devices_teardown(libxl__egc *egc,
3377 libxl__checkpoint_devices_state *cds);
3378 _hidden void libxl__checkpoint_devices_postsuspend(libxl__egc *egc,
3379 libxl__checkpoint_devices_state *cds);
3380 _hidden void libxl__checkpoint_devices_preresume(libxl__egc *egc,
3381 libxl__checkpoint_devices_state *cds);
3382 _hidden void libxl__checkpoint_devices_commit(libxl__egc *egc,
3383 libxl__checkpoint_devices_state *cds);
3384
3385 /*----- Remus related state structure -----*/
3386 typedef struct libxl__remus_state libxl__remus_state;
3387 struct libxl__remus_state {
3388 /* private */
3389 libxl__ev_time checkpoint_timeout; /* used for Remus checkpoint */
3390 int interval; /* checkpoint interval */
3391
3392 /*----- private for concrete (device-specific) layer only -----*/
3393 /* private for nic device subkind ops */
3394 char *netbufscript;
3395 struct nl_sock *nlsock;
3396 struct nl_cache *qdisc_cache;
3397
3398 /* private for drbd disk subkind ops */
3399 char *drbd_probe_script;
3400 };
3401 _hidden int libxl__netbuffer_enabled(libxl__gc *gc);
3402
3403 /*----- Legacy conversion helper -----*/
3404 typedef struct libxl__conversion_helper_state libxl__conversion_helper_state;
3405
3406 struct libxl__conversion_helper_state {
3407 /* Public - Must be filled by caller unless noted. */
3408 libxl__ao *ao;
3409 int legacy_fd; /* fd to read the legacy stream from. */
3410 bool hvm; /* pv or hvm domain? */
3411 libxl__carefd *v2_carefd; /* Filled by successful call to
3412 * libxl__convert_legacy_stream(). Caller
3413 * assumes ownership of the fd. */
3414 void (*completion_callback)(
3415 libxl__egc *egc, libxl__conversion_helper_state *chs, int rc);
3416 /* private */
3417 int rc;
3418 libxl__ao_abortable abrt;
3419 libxl__ev_child child;
3420 };
3421
3422 _hidden void libxl__conversion_helper_init
3423 (libxl__conversion_helper_state *chs);
3424 _hidden int libxl__convert_legacy_stream(libxl__egc *egc,
3425 libxl__conversion_helper_state *chs);
3426 _hidden void libxl__conversion_helper_abort(libxl__egc *egc,
3427 libxl__conversion_helper_state *chs, int rc);
libxl__conversion_helper_inuse(const libxl__conversion_helper_state * chs)3428 static inline bool libxl__conversion_helper_inuse
3429 (const libxl__conversion_helper_state *chs)
3430 { return libxl__ev_child_inuse(&chs->child); }
3431
3432 /* State for reading a libxl migration v2 stream */
3433 typedef struct libxl__stream_read_state libxl__stream_read_state;
3434
3435 typedef struct libxl__sr_record_buf {
3436 /* private to stream read helper */
3437 LIBXL_STAILQ_ENTRY(struct libxl__sr_record_buf) entry;
3438 libxl__sr_rec_hdr hdr;
3439 void *body; /* iff hdr.length != 0 */
3440 } libxl__sr_record_buf;
3441
3442 struct libxl__stream_read_state {
3443 /* filled by the user */
3444 libxl__ao *ao;
3445 libxl__domain_create_state *dcs;
3446 int fd;
3447 bool legacy;
3448 bool back_channel;
3449 void (*completion_callback)(libxl__egc *egc,
3450 libxl__stream_read_state *srs,
3451 int rc);
3452 void (*checkpoint_callback)(libxl__egc *egc,
3453 libxl__stream_read_state *srs,
3454 int rc);
3455 /* Private */
3456 int rc;
3457 bool running;
3458 bool in_checkpoint;
3459 bool sync_teardown; /* Only used to coordinate shutdown on error path. */
3460 bool in_checkpoint_state;
3461 libxl__save_helper_state shs;
3462 libxl__conversion_helper_state chs;
3463
3464 /* Main stream-reading data. */
3465 libxl__datacopier_state dc; /* Only used when reading a record */
3466 libxl__sr_hdr hdr;
3467 LIBXL_STAILQ_HEAD(, libxl__sr_record_buf) record_queue; /* NOGC */
3468 enum {
3469 SRS_PHASE_NORMAL,
3470 SRS_PHASE_BUFFERING,
3471 SRS_PHASE_UNBUFFERING,
3472 } phase;
3473 bool recursion_guard;
3474
3475 /* Only used while actively reading a record from the stream. */
3476 libxl__sr_record_buf *incoming_record; /* NOGC */
3477
3478 /* Both only used when processing an EMULATOR record. */
3479 libxl__datacopier_state emu_dc;
3480 libxl__carefd *emu_carefd;
3481 };
3482
3483 _hidden void libxl__stream_read_init(libxl__stream_read_state *stream);
3484 _hidden void libxl__stream_read_start(libxl__egc *egc,
3485 libxl__stream_read_state *stream);
3486 _hidden void libxl__stream_read_start_checkpoint(libxl__egc *egc,
3487 libxl__stream_read_state *stream);
3488 _hidden void libxl__stream_read_checkpoint_state(libxl__egc *egc,
3489 libxl__stream_read_state *stream);
3490 _hidden void libxl__stream_read_abort(libxl__egc *egc,
3491 libxl__stream_read_state *stream, int rc);
3492 static inline bool
libxl__stream_read_inuse(const libxl__stream_read_state * stream)3493 libxl__stream_read_inuse(const libxl__stream_read_state *stream)
3494 {
3495 return stream->running;
3496 }
3497
3498 #include "libxl_colo.h"
3499
3500 /*----- Domain suspend (save) state structure -----*/
3501 /*
3502 * "suspend" refers to quiescing the VM, so pausing qemu, making a
3503 * remote_shutdown(SHUTDOWN_suspend) hypercall etc.
3504 *
3505 * "save" refers to the actions involved in actually shuffling the
3506 * state of the VM, so xc_domain_save() etc.
3507 */
3508
3509 typedef struct libxl__domain_suspend_state libxl__domain_suspend_state;
3510 typedef struct libxl__domain_save_state libxl__domain_save_state;
3511
3512 typedef void libxl__domain_save_cb(libxl__egc*,
3513 libxl__domain_save_state*, int rc);
3514 typedef void libxl__save_device_model_cb(libxl__egc*,
3515 libxl__domain_save_state*, int rc);
3516
3517 /* State for writing a libxl migration v2 stream */
3518 typedef struct libxl__stream_write_state libxl__stream_write_state;
3519 typedef void (*sws_record_done_cb)(libxl__egc *egc,
3520 libxl__stream_write_state *sws);
3521 struct libxl__stream_write_state {
3522 /* filled by the user */
3523 libxl__ao *ao;
3524 libxl__domain_save_state *dss;
3525 int fd;
3526 bool back_channel;
3527 void (*completion_callback)(libxl__egc *egc,
3528 libxl__stream_write_state *sws,
3529 int rc);
3530 void (*checkpoint_callback)(libxl__egc *egc,
3531 libxl__stream_write_state *sws,
3532 int rc);
3533 /* Private */
3534 int rc;
3535 bool running;
3536 bool in_checkpoint;
3537 bool sync_teardown; /* Only used to coordinate shutdown on error path. */
3538 bool in_checkpoint_state;
3539 libxl__save_helper_state shs;
3540
3541 /* Main stream-writing data. */
3542 libxl__datacopier_state dc;
3543 sws_record_done_cb record_done_callback;
3544
3545 /* Cache device model version. */
3546 libxl_device_model_version device_model_version;
3547
3548 /* Only used when constructing EMULATOR records. */
3549 libxl__datacopier_state emu_dc;
3550 libxl__carefd *emu_carefd;
3551 libxl__sr_rec_hdr emu_rec_hdr;
3552 libxl__sr_emulator_hdr emu_sub_hdr;
3553 void *emu_body;
3554 };
3555
3556 _hidden void libxl__stream_write_init(libxl__stream_write_state *stream);
3557 _hidden void libxl__stream_write_start(libxl__egc *egc,
3558 libxl__stream_write_state *stream);
3559 _hidden void
3560 libxl__stream_write_start_checkpoint(libxl__egc *egc,
3561 libxl__stream_write_state *stream);
3562 _hidden void
3563 libxl__stream_write_checkpoint_state(libxl__egc *egc,
3564 libxl__stream_write_state *stream,
3565 libxl_sr_checkpoint_state *srcs);
3566 _hidden void libxl__stream_write_abort(libxl__egc *egc,
3567 libxl__stream_write_state *stream,
3568 int rc);
3569 static inline bool
libxl__stream_write_inuse(const libxl__stream_write_state * stream)3570 libxl__stream_write_inuse(const libxl__stream_write_state *stream)
3571 {
3572 return stream->running;
3573 }
3574
3575 typedef struct libxl__logdirty_switch {
3576 /* Set by caller of libxl__domain_common_switch_qemu_logdirty */
3577 libxl__ao *ao;
3578 void (*callback)(libxl__egc *egc, struct libxl__logdirty_switch *lds,
3579 int rc);
3580
3581 const char *cmd;
3582 const char *cmd_path;
3583 const char *ret_path;
3584 libxl__ev_xswatch watch;
3585 libxl__ev_time timeout;
3586 libxl__ev_qmp qmp;
3587 } libxl__logdirty_switch;
3588
3589 _hidden void libxl__logdirty_init(libxl__logdirty_switch *lds);
3590
3591 struct libxl__domain_suspend_state {
3592 /* set by caller of libxl__domain_suspend_init */
3593 libxl__ao *ao;
3594 uint32_t domid;
3595 bool live;
3596
3597 /* private */
3598 libxl_domain_type type;
3599
3600 libxl__ev_evtchn guest_evtchn;
3601 int guest_evtchn_lockfd;
3602 int guest_responded;
3603
3604 libxl__xswait_state pvcontrol;
3605 libxl__ev_xswatch guest_watch;
3606 libxl__ev_time guest_timeout;
3607 libxl__ev_qmp qmp;
3608
3609 const char *dm_savefile;
3610 void (*callback_device_model_done)(libxl__egc*,
3611 struct libxl__domain_suspend_state*, int rc);
3612 void (*callback_common_done)(libxl__egc*,
3613 struct libxl__domain_suspend_state*, int ok);
3614 };
3615 int libxl__domain_suspend_init(libxl__egc *egc,
3616 libxl__domain_suspend_state *dsps,
3617 libxl_domain_type type);
3618
3619 /* calls dsps->callback_device_model_done when done
3620 * may synchronously calls this callback */
3621 _hidden void libxl__qmp_suspend_save(libxl__egc *egc,
3622 libxl__domain_suspend_state *dsps);
3623
3624 struct libxl__domain_save_state {
3625 /* set by caller of libxl__domain_save */
3626 libxl__ao *ao;
3627 libxl__domain_save_cb *callback;
3628
3629 uint32_t domid;
3630 int fd;
3631 int fdfl; /* original flags on fd */
3632 int recv_fd;
3633 libxl_domain_type type;
3634 int live;
3635 int debug;
3636 int checkpointed_stream;
3637 const libxl_domain_remus_info *remus;
3638 /* private */
3639 int rc;
3640 int xcflags;
3641 libxl__domain_suspend_state dsps;
3642 union {
3643 /* for Remus */
3644 libxl__remus_state rs;
3645 /* for COLO */
3646 libxl__colo_save_state css;
3647 };
3648 libxl__checkpoint_devices_state cds;
3649 libxl__stream_write_state sws;
3650 libxl__logdirty_switch logdirty;
3651 };
3652
3653
3654 /*----- openpty -----*/
3655
3656 /*
3657 * opens count (>0) ptys like count calls to openpty, and then
3658 * calls back. On entry, all op[].master and op[].slave must be
3659 * 0. On callback, either rc==0 and master and slave are non-0,
3660 * or rc is a libxl error and they are both 0. If libxl__openpty
3661 * returns non-0 no callback will happen and everything is left
3662 * cleaned up.
3663 */
3664
3665 typedef struct libxl__openpty_state libxl__openpty_state;
3666 typedef struct libxl__openpty_result libxl__openpty_result;
3667 typedef void libxl__openpty_callback(libxl__egc *egc, libxl__openpty_state *op);
3668
3669 struct libxl__openpty_state {
3670 /* caller must fill these in, and they must all remain valid */
3671 libxl__ao *ao;
3672 libxl__openpty_callback *callback;
3673 int count;
3674 libxl__openpty_result *results; /* actual size is count, out parameter */
3675 /* public, result, caller may only read in callback */
3676 int rc;
3677 /* private for implementation */
3678 libxl__ev_child child;
3679 };
3680
3681 struct libxl__openpty_result {
3682 libxl__carefd *master, *slave;
3683 };
3684
3685 int libxl__openptys(libxl__openpty_state *op,
3686 struct termios *termp,
3687 struct winsize *winp);
3688
3689
3690 /*----- bootloader -----*/
3691
3692 typedef struct libxl__bootloader_state libxl__bootloader_state;
3693 typedef void libxl__run_bootloader_callback(libxl__egc*,
3694 libxl__bootloader_state*, int rc);
3695 typedef void libxl__bootloader_console_callback(libxl__egc*,
3696 libxl__bootloader_state*);
3697
3698 struct libxl__bootloader_state {
3699 /* caller must fill these in, and they must all remain valid */
3700 libxl__ao *ao;
3701 libxl__run_bootloader_callback *callback;
3702 libxl__bootloader_console_callback *console_available;
3703 const libxl_domain_build_info *info;
3704 libxl_device_disk *disk;
3705 /* Should be zeroed by caller on entry. Will be filled in by
3706 * bootloader machinery; represents the local attachment of the
3707 * disk for the benefit of the bootloader. Must be detached by
3708 * the caller using libxl__device_disk_local_initiate_detach.
3709 * (This is safe to do after ->callback() has happened since
3710 * the domain's kernel and initramfs will have been copied
3711 * out of the guest's disk into a temporary directory, mapped
3712 * as file references, and deleted. */
3713 libxl__disk_local_state dls;
3714 uint32_t domid;
3715 /* outputs:
3716 * - caller must initialise kernel and ramdisk to point to file
3717 * references, these will be updated and mapped;
3718 * - caller must initialise cmdline to NULL, it will be updated with a
3719 * string allocated from the gc;
3720 */
3721 libxl__file_reference *kernel, *ramdisk;
3722 const char *cmdline;
3723 /* private to libxl__run_bootloader */
3724 char *outputpath, *outputdir, *logfile;
3725 libxl__openpty_state openpty;
3726 libxl__openpty_result ptys[2]; /* [0] is for bootloader */
3727 libxl__ev_child child;
3728 libxl__domaindeathcheck deathcheck;
3729 int nargs, argsspace;
3730 const char **args;
3731 libxl__datacopier_state keystrokes, display;
3732 int rc, got_pollhup;
3733 };
3734
3735 _hidden void libxl__bootloader_init(libxl__bootloader_state *bl);
3736
3737 /* Will definitely call st->callback, perhaps reentrantly.
3738 * If callback is passed rc==0, will have updated st->info appropriately */
3739 _hidden void libxl__bootloader_run(libxl__egc*, libxl__bootloader_state *st);
3740
3741 /*----- Generic Device Handling -----*/
3742 #define LIBXL_DEFINE_DEVICE_ADD(type) \
3743 int libxl_device_##type##_add(libxl_ctx *ctx, \
3744 uint32_t domid, libxl_device_##type *type, \
3745 const libxl_asyncop_how *ao_how) \
3746 { \
3747 AO_CREATE(ctx, domid, ao_how); \
3748 libxl__ao_device *aodev; \
3749 \
3750 GCNEW(aodev); \
3751 libxl__prepare_ao_device(ao, aodev); \
3752 aodev->action = LIBXL__DEVICE_ACTION_ADD; \
3753 aodev->callback = device_addrm_aocomplete; \
3754 aodev->update_json = true; \
3755 libxl__device_##type##_add(egc, domid, type, aodev); \
3756 \
3757 return AO_INPROGRESS; \
3758 }
3759
3760 #define LIBXL_DEFINE_DEVICES_ADD(type) \
3761 void libxl__add_##type##s(libxl__egc *egc, libxl__ao *ao, uint32_t domid, \
3762 libxl_domain_config *d_config, \
3763 libxl__multidev *multidev) \
3764 { \
3765 AO_GC; \
3766 int i; \
3767 for (i = 0; i < d_config->num_##type##s; i++) { \
3768 libxl__ao_device *aodev = libxl__multidev_prepare(multidev); \
3769 libxl__device_##type##_add(egc, domid, &d_config->type##s[i], \
3770 aodev); \
3771 } \
3772 }
3773
3774 #define LIBXL_DEFINE_DEVICE_REMOVE_EXT(type, remtype, removedestroy, f) \
3775 int libxl_device_##type##_##removedestroy(libxl_ctx *ctx, \
3776 uint32_t domid, libxl_device_##type *type, \
3777 const libxl_asyncop_how *ao_how) \
3778 { \
3779 AO_CREATE(ctx, domid, ao_how); \
3780 libxl__device *device; \
3781 libxl__ao_device *aodev; \
3782 int rc; \
3783 \
3784 GCNEW(device); \
3785 rc = libxl__device_from_##type(gc, domid, type, device); \
3786 if (rc != 0) goto out; \
3787 \
3788 GCNEW(aodev); \
3789 libxl__prepare_ao_device(ao, aodev); \
3790 aodev->action = LIBXL__DEVICE_ACTION_REMOVE; \
3791 aodev->dev = device; \
3792 aodev->callback = device_addrm_aocomplete; \
3793 aodev->force = f; \
3794 libxl__initiate_device_##remtype##_remove(egc, aodev); \
3795 \
3796 out: \
3797 if (rc) return AO_CREATE_FAIL(rc); \
3798 return AO_INPROGRESS; \
3799 }
3800
3801 #define LIBXL_DEFINE_UPDATE_DEVID(name) \
3802 int libxl__device_##name##_update_devid(libxl__gc *gc, \
3803 uint32_t domid, \
3804 libxl_device_##name *type) \
3805 { \
3806 if (type->devid == -1) \
3807 type->devid = libxl__device_nextid(gc, domid, \
3808 libxl__##name##_devtype.type); \
3809 if (type->devid < 0) \
3810 return ERROR_FAIL; \
3811 return 0; \
3812 }
3813
3814 #define LIBXL_DEFINE_DEVICE_FROM_TYPE(name) \
3815 int libxl__device_from_##name(libxl__gc *gc, uint32_t domid, \
3816 libxl_device_##name *type, \
3817 libxl__device *device) \
3818 { \
3819 device->backend_devid = type->devid; \
3820 device->backend_domid = type->backend_domid; \
3821 device->backend_kind = libxl__##name##_devtype.type; \
3822 device->devid = type->devid; \
3823 device->domid = domid; \
3824 device->kind = libxl__##name##_devtype.type; \
3825 \
3826 return 0; \
3827 }
3828
3829 #define LIBXL_DEFINE_DEVID_TO_DEVICE(name) \
3830 int libxl_devid_to_device_##name(libxl_ctx *ctx, uint32_t domid, \
3831 int devid, \
3832 libxl_device_##name *type) \
3833 { \
3834 GC_INIT(ctx); \
3835 \
3836 char *device_path; \
3837 const char *tmp; \
3838 int rc; \
3839 \
3840 libxl_device_##name##_init(type); \
3841 \
3842 device_path = GCSPRINTF("%s/device/%s/%d", \
3843 libxl__xs_libxl_path(gc, domid), \
3844 libxl__device_kind_to_string( \
3845 libxl__##name##_devtype.type), \
3846 devid); \
3847 \
3848 if (libxl__xs_read_mandatory(gc, XBT_NULL, device_path, &tmp)) {\
3849 rc = ERROR_NOTFOUND; goto out; \
3850 } \
3851 \
3852 if (libxl__##name##_devtype.from_xenstore) { \
3853 rc = libxl__##name##_devtype.from_xenstore(gc, device_path, \
3854 devid, type); \
3855 if (rc) goto out; \
3856 } \
3857 \
3858 rc = 0; \
3859 \
3860 out: \
3861 \
3862 GC_FREE; \
3863 return rc; \
3864 }
3865
3866
3867 #define LIBXL_DEFINE_DEVICE_REMOVE(type) \
3868 LIBXL_DEFINE_DEVICE_REMOVE_EXT(type, generic, remove, 0) \
3869 LIBXL_DEFINE_DEVICE_REMOVE_EXT(type, generic, destroy, 1)
3870
3871 #define LIBXL_DEFINE_DEVICE_REMOVE_CUSTOM(type) \
3872 LIBXL_DEFINE_DEVICE_REMOVE_EXT(type, type, remove, 0) \
3873 LIBXL_DEFINE_DEVICE_REMOVE_EXT(type, type, destroy, 1)
3874
3875 #define LIBXL_DEFINE_DEVICE_LIST(type) \
3876 libxl_device_##type *libxl_device_##type##_list(libxl_ctx *ctx, \
3877 uint32_t domid, \
3878 int *num) \
3879 { \
3880 libxl_device_##type *r; \
3881 GC_INIT(ctx); \
3882 r = libxl__device_list(gc, &libxl__##type##_devtype, \
3883 domid, num); \
3884 GC_FREE; \
3885 return r; \
3886 } \
3887 \
3888 void libxl_device_##type##_list_free(libxl_device_##type *list, \
3889 int num) \
3890 { \
3891 libxl__device_list_free(&libxl__##type##_devtype, list, num); \
3892 }
3893
3894 typedef void (*device_add_fn_t)(libxl__egc *, libxl__ao *, uint32_t,
3895 libxl_domain_config *, libxl__multidev *);
3896 typedef int (*device_set_default_fn_t)(libxl__gc *, uint32_t, void *, bool);
3897 typedef int (*device_to_device_fn_t)(libxl__gc *, uint32_t, void *,
3898 libxl__device *);
3899 typedef void (*device_init_fn_t)(void *);
3900 typedef void (*device_copy_fn_t)(libxl_ctx *, void *dst, const void *src);
3901 typedef void (*device_dispose_fn_t)(void *);
3902 typedef int (*device_compare_fn_t)(const void *, const void *);
3903 typedef void (*device_merge_fn_t)(libxl_ctx *, void *, void *);
3904 typedef int (*device_dm_needed_fn_t)(void *, unsigned);
3905 typedef void (*device_update_config_fn_t)(libxl__gc *, void *, void *);
3906 typedef int (*device_update_devid_fn_t)(libxl__gc *, uint32_t, void *);
3907 typedef int (*device_get_num_fn_t)(libxl__gc *, const char *, unsigned int *);
3908 typedef int (*device_from_xenstore_fn_t)(libxl__gc *, const char *,
3909 libxl_devid, void *);
3910 typedef int (*device_set_xenstore_config_fn_t)(libxl__gc *, uint32_t, void *,
3911 flexarray_t *, flexarray_t *,
3912 flexarray_t *);
3913
3914 struct libxl__device_type {
3915 libxl__device_kind type;
3916 int skip_attach; /* Skip entry in domcreate_attach_devices() if 1 */
3917 int ptr_offset; /* Offset of device array ptr in libxl_domain_config */
3918 int num_offset; /* Offset of # of devices in libxl_domain_config */
3919 int dev_elem_size; /* Size of one device element in array */
3920 device_add_fn_t add;
3921 device_set_default_fn_t set_default;
3922 device_to_device_fn_t to_device;
3923 device_init_fn_t init;
3924 device_copy_fn_t copy;
3925 device_dispose_fn_t dispose;
3926 device_compare_fn_t compare;
3927 device_merge_fn_t merge;
3928 device_dm_needed_fn_t dm_needed;
3929 device_update_config_fn_t update_config;
3930 device_update_devid_fn_t update_devid;
3931 device_get_num_fn_t get_num;
3932 device_from_xenstore_fn_t from_xenstore;
3933 device_set_xenstore_config_fn_t set_xenstore_config;
3934 };
3935
3936 #define DEFINE_DEVICE_TYPE_STRUCT_X(name, sname, kind, ...) \
3937 const libxl__device_type libxl__ ## name ## _devtype = { \
3938 .type = LIBXL__DEVICE_KIND_ ## kind, \
3939 .ptr_offset = offsetof(libxl_domain_config, name ## s), \
3940 .num_offset = offsetof(libxl_domain_config, num_ ## name ## s), \
3941 .dev_elem_size = sizeof(libxl_device_ ## sname), \
3942 .add = libxl__add_ ## name ## s, \
3943 .set_default = (device_set_default_fn_t) \
3944 libxl__device_ ## sname ## _setdefault, \
3945 .to_device = (device_to_device_fn_t)libxl__device_from_ ## name, \
3946 .init = (device_init_fn_t)libxl_device_ ## sname ## _init, \
3947 .copy = (device_copy_fn_t)libxl_device_ ## sname ## _copy, \
3948 .dispose = (device_dispose_fn_t) \
3949 libxl_device_ ## sname ## _dispose, \
3950 .compare = (device_compare_fn_t) \
3951 libxl_device_ ## sname ## _compare, \
3952 .update_devid = (device_update_devid_fn_t) \
3953 libxl__device_ ## sname ## _update_devid, \
3954 __VA_ARGS__ \
3955 }
3956
3957 #define DEFINE_DEVICE_TYPE_STRUCT(name, kind, ...) \
3958 DEFINE_DEVICE_TYPE_STRUCT_X(name, name, kind, __VA_ARGS__)
3959
libxl__device_type_get_ptr(const libxl__device_type * dt,const libxl_domain_config * d_config)3960 static inline void **libxl__device_type_get_ptr(
3961 const libxl__device_type *dt, const libxl_domain_config *d_config)
3962 {
3963 return (void **)((void *)d_config + dt->ptr_offset);
3964 }
3965
libxl__device_type_get_elem(const libxl__device_type * dt,const libxl_domain_config * d_config,int e)3966 static inline void *libxl__device_type_get_elem(
3967 const libxl__device_type *dt, const libxl_domain_config *d_config,
3968 int e)
3969 {
3970 return *libxl__device_type_get_ptr(dt, d_config) + dt->dev_elem_size * e;
3971 }
3972
libxl__device_type_get_num(const libxl__device_type * dt,const libxl_domain_config * d_config)3973 static inline int *libxl__device_type_get_num(
3974 const libxl__device_type *dt, const libxl_domain_config *d_config)
3975 {
3976 return (int *)((void *)d_config + dt->num_offset);
3977 }
3978
3979 extern const libxl__device_type libxl__vfb_devtype;
3980 extern const libxl__device_type libxl__vkb_devtype;
3981 extern const libxl__device_type libxl__disk_devtype;
3982 extern const libxl__device_type libxl__nic_devtype;
3983 extern const libxl__device_type libxl__vtpm_devtype;
3984 extern const libxl__device_type libxl__usbctrl_devtype;
3985 extern const libxl__device_type libxl__usbdev_devtype;
3986 extern const libxl__device_type libxl__pcidev_devtype;
3987 extern const libxl__device_type libxl__vdispl_devtype;
3988 extern const libxl__device_type libxl__p9_devtype;
3989 extern const libxl__device_type libxl__pvcallsif_devtype;
3990 extern const libxl__device_type libxl__vsnd_devtype;
3991
3992 extern const libxl__device_type *device_type_tbl[];
3993
3994 /*----- Domain destruction -----*/
3995
3996 /* Domain destruction has been split into two functions:
3997 *
3998 * libxl__domain_destroy is the main destroy function, which detects
3999 * stubdoms and calls libxl__destroy_domid on the domain and its
4000 * stubdom if present, creating a different libxl__destroy_domid_state
4001 * for each one of them.
4002 *
4003 * libxl__destroy_domid actually destroys the domain, but it
4004 * doesn't check for stubdomains, since that would involve
4005 * recursion, which we want to avoid.
4006 */
4007
4008 typedef struct libxl__domain_destroy_state libxl__domain_destroy_state;
4009 typedef struct libxl__destroy_domid_state libxl__destroy_domid_state;
4010 typedef struct libxl__destroy_devicemodel_state libxl__destroy_devicemodel_state;
4011 typedef struct libxl__devices_remove_state libxl__devices_remove_state;
4012
4013 typedef void libxl__domain_destroy_cb(libxl__egc *egc,
4014 libxl__domain_destroy_state *dds,
4015 int rc);
4016
4017 typedef void libxl__domid_destroy_cb(libxl__egc *egc,
4018 libxl__destroy_domid_state *dis,
4019 int rc);
4020
4021 typedef void libxl__devicemodel_destroy_cb(libxl__egc *egc,
4022 libxl__destroy_devicemodel_state *ddms,
4023 int rc);
4024
4025 typedef void libxl__devices_remove_callback(libxl__egc *egc,
4026 libxl__devices_remove_state *drs,
4027 int rc);
4028
4029 struct libxl__devices_remove_state {
4030 /* filled in by user */
4031 libxl__ao *ao;
4032 uint32_t domid;
4033 libxl__devices_remove_callback *callback;
4034 int force; /* libxl_device_TYPE_destroy rather than _remove */
4035 /* private */
4036 libxl__multidev multidev;
4037 int num_devices;
4038 };
4039
4040 struct libxl__destroy_devicemodel_state {
4041 /* filled in by user */
4042 libxl__ao *ao;
4043 uint32_t domid;
4044 libxl__devicemodel_destroy_cb *callback; /* May be called re-entrantly */
4045 /* private to implementation */
4046 libxl__ev_child destroyer;
4047 int rc; /* Accumulated return value for the destroy operation */
4048 };
4049
4050 struct libxl__destroy_domid_state {
4051 /* filled in by user */
4052 libxl__ao *ao;
4053 uint32_t domid;
4054 libxl__domid_destroy_cb *callback;
4055 /* private to implementation */
4056 libxl__devices_remove_state drs;
4057 libxl__destroy_devicemodel_state ddms;
4058 libxl__ev_child destroyer;
4059 bool soft_reset;
4060 libxl__multidev multidev;
4061 };
4062
4063 struct libxl__domain_destroy_state {
4064 /* filled by the user */
4065 libxl__ao *ao;
4066 uint32_t domid;
4067 libxl__domain_destroy_cb *callback;
4068 /* Private */
4069 int rc;
4070 uint32_t stubdomid;
4071 libxl__destroy_domid_state stubdom;
4072 int stubdom_finished;
4073 libxl__destroy_domid_state domain;
4074 int domain_finished;
4075 bool soft_reset;
4076 };
4077
4078 /*
4079 * Entry point for domain destruction
4080 * This function checks for stubdom presence and then calls
4081 * libxl__destroy_domid on the passed domain and its stubdom if found.
4082 */
4083 _hidden void libxl__domain_destroy(libxl__egc *egc,
4084 libxl__domain_destroy_state *dds);
4085
4086 /* Used to destroy a domain with the passed id (it doesn't check for stubs) */
4087 _hidden void libxl__destroy_domid(libxl__egc *egc,
4088 libxl__destroy_domid_state *dis);
4089
4090 /* Used to detroy the device model */
4091 _hidden void libxl__destroy_device_model(libxl__egc *egc,
4092 libxl__destroy_devicemodel_state *ddms);
4093
4094 /* Entry point for devices destruction */
4095 _hidden void libxl__devices_destroy(libxl__egc *egc,
4096 libxl__devices_remove_state *drs);
4097
4098 /* Helper function to add a bunch of disks. This should be used when
4099 * the caller is inside an async op. "multidev" will NOT be prepared by
4100 * this function, so the caller must make sure to call
4101 * libxl__multidev_begin before calling this function.
4102 *
4103 * The "callback" will be called for each device, and the user is responsible
4104 * for calling libxl__ao_device_check_last on the callback.
4105 */
4106 _hidden void libxl__add_disks(libxl__egc *egc, libxl__ao *ao, uint32_t domid,
4107 libxl_domain_config *d_config,
4108 libxl__multidev *multidev);
4109
4110 _hidden void libxl__add_nics(libxl__egc *egc, libxl__ao *ao, uint32_t domid,
4111 libxl_domain_config *d_config,
4112 libxl__multidev *multidev);
4113
4114 /*----- device model creation -----*/
4115
4116 /* First layer; wraps libxl__spawn_spawn. */
4117
4118 typedef struct libxl__dm_spawn_state libxl__dm_spawn_state;
4119
4120 typedef void libxl__dm_spawn_cb(libxl__egc *egc, libxl__dm_spawn_state*,
4121 int rc /* if !0, error was logged */);
4122
4123 /* Call dmss_init and dmss_dispose to initialise and dispose of
4124 * libxl__dm_spawn_state */
4125 struct libxl__dm_spawn_state {
4126 /* mixed - spawn.ao must be initialised by user; rest is private: */
4127 libxl__spawn_state spawn;
4128 libxl__ev_qmp qmp;
4129 libxl__ev_time timeout;
4130 libxl__dm_resume_state dmrs;
4131 /* filled in by user, must remain valid: */
4132 uint32_t guest_domid; /* domain being served */
4133 libxl_domain_config *guest_config;
4134 libxl__domain_build_state *build_state; /* relates to guest_domid */
4135 libxl__dm_spawn_cb *callback;
4136 };
4137
4138 _hidden void libxl__spawn_local_dm(libxl__egc *egc, libxl__dm_spawn_state*);
4139
4140 /*
4141 * Called after forking but before executing the local devicemodel.
4142 */
4143 _hidden int libxl__local_dm_preexec_restrict(libxl__gc *gc);
4144
4145 /* Stubdom device models. */
4146
4147 typedef struct {
4148 /* Mixed - user must fill in public parts EXCEPT callback,
4149 * which may be undefined on entry. (See above for details) */
4150 libxl__dm_spawn_state dm; /* the stub domain device model */
4151 /* filled in by user, must remain valid: */
4152 libxl__dm_spawn_cb *callback; /* called as callback(,&sdss->dm,) */
4153 /* private to libxl__spawn_stub_dm: */
4154 libxl_domain_config dm_config;
4155 libxl__domain_build_state dm_state;
4156 libxl__dm_spawn_state pvqemu;
4157 libxl__destroy_domid_state dis;
4158 libxl__multidev multidev;
4159 libxl__xswait_state xswait;
4160 libxl__spawn_state qmp_proxy_spawn;
4161 } libxl__stub_dm_spawn_state;
4162
4163 _hidden void libxl__spawn_stub_dm(libxl__egc *egc, libxl__stub_dm_spawn_state*);
4164
4165 _hidden char *libxl__stub_dm_name(libxl__gc *gc, const char * guest_name);
4166
4167 /* Qdisk backend launch helpers */
4168
4169 _hidden void libxl__spawn_qdisk_backend(libxl__egc *egc,
4170 libxl__dm_spawn_state *dmss);
4171 _hidden int libxl__destroy_qdisk_backend(libxl__gc *gc, uint32_t domid);
4172
4173 /*----- Domain creation -----*/
4174
4175
4176 struct libxl__domain_create_state {
4177 /* filled in by user */
4178 libxl__ao *ao;
4179 libxl_domain_config *guest_config;
4180 libxl_domain_config guest_config_saved; /* vanilla config */
4181 int restore_fd, libxc_fd;
4182 int restore_fdfl; /* original flags of restore_fd */
4183 int send_back_fd;
4184 libxl_domain_restore_params restore_params;
4185 uint32_t domid;
4186 bool soft_reset;
4187 libxl__domain_create_cb *callback;
4188 libxl_asyncprogress_how aop_console_how;
4189 /* private to domain_create */
4190 int guest_domid;
4191 int device_type_idx;
4192 const char *colo_proxy_script;
4193 libxl__domain_build_state build_state;
4194 libxl__colo_restore_state crs;
4195 libxl__checkpoint_devices_state cds;
4196 libxl__bootloader_state bl;
4197 libxl__stub_dm_spawn_state sdss;
4198 /* If we're not doing stubdom, we use only sdss.dm,
4199 * for the non-stubdom device model. */
4200 libxl__stream_read_state srs;
4201 /* necessary if the domain creation failed and we have to destroy it */
4202 libxl__domain_destroy_state dds;
4203 libxl__multidev multidev;
4204 libxl__xswait_state console_xswait;
4205 };
4206
4207 _hidden int libxl__device_nic_set_devids(libxl__gc *gc,
4208 libxl_domain_config *d_config,
4209 uint32_t domid);
4210
4211 /*----- Domain suspend (save) functions -----*/
4212
4213 /* calls dss->callback when done */
4214 _hidden void libxl__domain_save(libxl__egc *egc,
4215 libxl__domain_save_state *dss);
4216
4217
4218 /* calls libxl__xc_domain_suspend_done when done */
4219 _hidden void libxl__xc_domain_save(libxl__egc *egc,
4220 libxl__domain_save_state *dss,
4221 libxl__save_helper_state *shs);
4222 /* If rc==0 then retval is the return value from xc_domain_save
4223 * and errnoval is the errno value it provided.
4224 * If rc!=0, retval and errnoval are undefined. */
4225 _hidden void libxl__xc_domain_save_done(libxl__egc*, void *dss_void,
4226 int rc, int retval, int errnoval);
4227
4228 /* Used by asynchronous callbacks: ie ones which xc regards as
4229 * returning a value, but which we want to handle asynchronously.
4230 * Such functions' actual callback function return void in libxl
4231 * When they are ready to indicate completion, they call this. */
4232 void libxl__xc_domain_saverestore_async_callback_done(libxl__egc *egc,
4233 libxl__save_helper_state *shs, int return_value);
4234
4235
4236 _hidden void libxl__domain_suspend_common_switch_qemu_logdirty
4237 (uint32_t domid, unsigned int enable, void *data);
4238 _hidden void libxl__domain_common_switch_qemu_logdirty(libxl__egc *egc,
4239 int domid, unsigned enable,
4240 libxl__logdirty_switch *lds);
4241 _hidden int libxl__save_emulator_xenstore_data(libxl__domain_save_state *dss,
4242 char **buf, uint32_t *len);
4243 _hidden int libxl__restore_emulator_xenstore_data
4244 (libxl__domain_create_state *dcs, const char *ptr, uint32_t size);
4245
4246
4247 /* calls libxl__xc_domain_restore_done when done */
4248 _hidden void libxl__xc_domain_restore(libxl__egc *egc,
4249 libxl__domain_create_state *dcs,
4250 libxl__save_helper_state *shs);
4251 /* If rc==0 then retval is the return value from xc_domain_save
4252 * and errnoval is the errno value it provided.
4253 * If rc!=0, retval and errnoval are undefined. */
4254 _hidden void libxl__xc_domain_restore_done(libxl__egc *egc, void *dcs_void,
4255 int rc, int retval, int errnoval);
4256
4257 _hidden void libxl__save_helper_init(libxl__save_helper_state *shs);
4258 _hidden void libxl__save_helper_abort(libxl__egc *egc,
4259 libxl__save_helper_state *shs);
4260
libxl__save_helper_inuse(const libxl__save_helper_state * shs)4261 static inline bool libxl__save_helper_inuse(const libxl__save_helper_state *shs)
4262 {
4263 return libxl__ev_child_inuse(&shs->child);
4264 }
4265
4266 /* Each time the dm needs to be saved, we must call suspend and then save
4267 * calls dsps->callback_device_model_done when done */
4268 _hidden void libxl__domain_suspend_device_model(libxl__egc *egc,
4269 libxl__domain_suspend_state *dsps);
4270
4271 _hidden const char *libxl__device_model_savefile(libxl__gc *gc, uint32_t domid);
4272
4273 /* calls dsps->callback_common_done when done */
4274 _hidden void libxl__domain_suspend(libxl__egc *egc,
4275 libxl__domain_suspend_state *dsps);
4276 /* used by libxc to suspend the guest during migration */
4277 _hidden void libxl__domain_suspend_callback(void *data);
4278
4279 /* Remus setup and teardown */
4280 _hidden void libxl__remus_setup(libxl__egc *egc,
4281 libxl__remus_state *rs);
4282 _hidden void libxl__remus_teardown(libxl__egc *egc,
4283 libxl__remus_state *rs,
4284 int rc);
4285 _hidden void libxl__remus_restore_setup(libxl__egc *egc,
4286 libxl__domain_create_state *dcs);
4287
4288 _hidden char *libxl__domid_history_path(libxl__gc *gc,
4289 const char *suffix);
4290
4291 /*
4292 * Convenience macros.
4293 */
4294
4295 #define FILLZERO LIBXL_FILLZERO
4296
4297
4298 /*
4299 * All of these assume (or define)
4300 * libxl__gc *gc;
4301 * as a local variable.
4302 */
4303
4304 #define GC_INIT(ctx) libxl__gc gc[1]; LIBXL_INIT_GC(gc[0],ctx)
4305 #define GC_FREE libxl__free_all(gc)
4306 #define CTX libxl__gc_owner(gc)
4307 #define NOGC (&CTX->nogc_gc) /* pass only to consenting functions */
4308
4309 /* Allocation macros all of which use the gc. */
4310
4311 #define ARRAY_SIZE_OK(ptr, nmemb) ((nmemb) < INT_MAX / (sizeof(*(ptr)) * 2))
4312
4313 /*
4314 * Expression statement <type> *GCNEW(<type> *var);
4315 * Uses libxl__gc *gc;
4316 *
4317 * Allocates a new object of type <type> from the gc and zeroes it
4318 * with memset. Sets var to point to the new object or zero (setting
4319 * errno). Returns the new value of var.
4320 */
4321 #define GCNEW(var) \
4322 (((var) = libxl__zalloc((gc),sizeof(*(var)))))
4323
4324 /*
4325 * Expression statement <type> *GCNEW_ARRAY(<type> *var, ssize_t nmemb);
4326 * Uses libxl__gc *gc;
4327 *
4328 * Like GCNEW but allocates an array of nmemb elements, as if from
4329 * calloc. Does check for integer overflow due to large nmemb. If
4330 * nmemb is 0 may succeed by returning 0.
4331 */
4332 #define GCNEW_ARRAY(var, nmemb) \
4333 ((var) = libxl__calloc((gc), (nmemb), sizeof(*(var))))
4334
4335 /*
4336 * Expression statement <type> *GCREALLOC_ARRAY(<type> *var, size_t nmemb);
4337 * Uses libxl__gc *gc;
4338 *
4339 * Reallocates the array var to be of size nmemb elements. Updates
4340 * var and returns the new value of var. Does check for integer
4341 * overflow due to large nmemb.
4342 *
4343 * Do not pass nmemb==0. old may be 0 on entry.
4344 */
4345 #define GCREALLOC_ARRAY(var, nmemb) \
4346 (assert(nmemb > 0), \
4347 assert(ARRAY_SIZE_OK((var), (nmemb))), \
4348 (var) = libxl__realloc((gc), (var), (nmemb)*sizeof(*(var))))
4349
4350
4351 /*
4352 * Expression char *GCSPRINTF(const char *fmt, ...);
4353 * Uses libxl__gc *gc;
4354 *
4355 * Trivial convenience wrapper for libxl__sprintf.
4356 */
4357 #define GCSPRINTF(fmt, ...) (libxl__sprintf((gc), (fmt), __VA_ARGS__))
4358
4359
4360 /*
4361 * Expression statements
4362 * void LOG(<xtl_level_suffix>, const char *fmt, ...);
4363 * void LOGE(<xtl_level_suffix>, const char *fmt, ...);
4364 * void LOGEV(<xtl_level_suffix>, int errnoval, const char *fmt, ...);
4365 *
4366 * void LOGD(<xtl_level_suffix>, uint32_t domid, const char *fmt, ...);
4367 * void LOGED(<xtl_level_suffix>, uint32_t domid, const char *fmt, ...);
4368 * void LOGEVD(<xtl_level_suffix>, int errnoval, uint32_t domid, const char *fmt, ...);
4369 * Use
4370 * libxl__gc *gc;
4371 *
4372 * Trivial convenience wrappers for LIBXL__LOG, LIBXL__LOG_ERRNO,
4373 * LIBXL__LOG_ERRNOVAL, LIBXL__LOGD, LIBXL__LOGD_ERRNO and
4374 * LIBXL__LOGD_ERRNOVAL respectively (and thus for libxl__log).
4375 *
4376 * XTL_<xtl_level_suffix> should exist and be an xentoollog.h log level
4377 * So <xtl_level_suffix> should be one of
4378 * DEBUG VERBOSE DETAIL PROGRESS INFO NOTICE WARN ERROR ERROR CRITICAL
4379 * Of these, most of libxl uses
4380 * DEBUG INFO WARN ERROR
4381 *
4382 * The LOG*D family will preprend the log message with a string formatted
4383 * as follows: 'Domain %PRIu32:'. This should help better automatic sorting
4384 * of log messages per domain.
4385 */
4386 #define LOG(l,f, ...) LIBXL__LOG(CTX,XTL_##l,(f),##__VA_ARGS__)
4387 #define LOGE(l,f, ...) LIBXL__LOG_ERRNO(CTX,XTL_##l,(f),##__VA_ARGS__)
4388 #define LOGEV(l,e,f, ...) LIBXL__LOG_ERRNOVAL(CTX,XTL_##l,(e),(f),##__VA_ARGS__)
4389
4390 #define LOGD(l,d,f, ...) LIBXL__LOGD(CTX,XTL_##l,(d),(f),##__VA_ARGS__)
4391 #define LOGED(l,d,f, ...) LIBXL__LOGD_ERRNO(CTX,XTL_##l,(d),(f),##__VA_ARGS__)
4392 #define LOGEVD(l,e,d,f, ...) LIBXL__LOGD_ERRNOVAL(CTX,XTL_##l,(e),(d),(f),##__VA_ARGS__)
4393
4394
4395 /* Locking functions. See comment for "lock" member of libxl__ctx. */
4396
libxl__ctx_lock(libxl_ctx * ctx)4397 static inline void libxl__ctx_lock(libxl_ctx *ctx) {
4398 int r = pthread_mutex_lock(&ctx->lock);
4399 assert(!r);
4400 }
4401
libxl__ctx_unlock(libxl_ctx * ctx)4402 static inline void libxl__ctx_unlock(libxl_ctx *ctx) {
4403 int r = pthread_mutex_unlock(&ctx->lock);
4404 assert(!r);
4405 }
4406
4407 #define CTX_LOCK (libxl__ctx_lock(CTX))
4408 #define CTX_UNLOCK (libxl__ctx_unlock(CTX))
4409
4410 /*
4411 * Automatic NUMA placement
4412 *
4413 * These functions and data structures deal with the initial placement of a
4414 * domain onto the host NUMA nodes.
4415 *
4416 * The key concept here is the one of "NUMA placement candidate", which is
4417 * basically a set of nodes whose characteristics have been successfully
4418 * checked against some specific requirements. More precisely, a candidate
4419 * is the nodemap associated with one of the possible subset of the host
4420 * NUMA nodes providing a certain amount of free memory, or a given number
4421 * of cpus, or even both (depending in what the caller wants). For
4422 * convenience of use, some of this information are stored within the
4423 * candidate itself, instead of always being dynamically computed. A single
4424 * node can be valid placement candidate, as well as it is possible for a
4425 * candidate to contain all the nodes of the host. The fewer nodes there
4426 * are in a candidate, the better performance a domain placed onto it
4427 * should get (at least from a NUMA point of view). For instance, looking
4428 * for a numa candidates with 2GB of free memory means we want the subsets
4429 * of the host NUMA nodes with, cumulatively, at least 2GB of free memory.
4430 * This condition can be satisfied by just one particular node, or it may
4431 * require more nodes, depending on the characteristics of the host, on how
4432 * many domains have been created already, on how big they are, etc.
4433 *
4434 * The intended usage is as follows:
4435 * 1. first of all, call libxl__get_numa_candidates(), and specify the
4436 * proper constraints to it (e.g., the amount of memory a domain need
4437 * as the minimum amount of free memory for the candidates). If a
4438 * candidate comparison function is provided, the candidate with fewer
4439 * nodes that is found to be best according to what such fucntion says
4440 * is returned. If no comparison function is passed, the very first
4441 * candidate is.
4442 * 2. The chosen candidate's nodemap should be utilized for computing the
4443 * actual affinity of the domain which, given the current NUMA support
4444 * in the hypervisor, is what determines the placement of the domain's
4445 * vcpus and memory.
4446 */
4447
4448 typedef struct {
4449 int nr_cpus, nr_nodes;
4450 int nr_vcpus;
4451 uint64_t free_memkb;
4452 libxl_bitmap nodemap;
4453 } libxl__numa_candidate;
4454
4455 /* Signature for the comparison function between two candidates */
4456 typedef int (*libxl__numa_candidate_cmpf)(const libxl__numa_candidate *c1,
4457 const libxl__numa_candidate *c2);
4458
4459 /*
4460 * This looks for the best NUMA placement candidate satisfying some
4461 * specific conditions. If min_nodes and/or max_nodes are not 0, their
4462 * value is used to determine the minimum and maximum number of nodes the
4463 * candidate can have. If they are 0, it means the candidate can contain
4464 * from 1 node (min_nodes=0) to the total number of nodes of the host
4465 * (max_ndoes=0). If min_free_memkb and/or min_cpus are not 0, the caller
4466 * only wants candidates with at least the amount of free memory and the
4467 * number of cpus they specify, respectively. If they are 0, the
4468 * candidates' free memory and/or number of cpus won't be checked at all.
4469 *
4470 * Candidates are compared among each others by calling numa_cmpf(), which
4471 * is where the heuristics for determining which candidate is the best
4472 * one is actually implemented. The only bit of it that is hardcoded in
4473 * this function is the fact that candidates with fewer nodes are always
4474 * preferrable.
4475 *
4476 * If at least one suitable candidate is found, it is returned in cndt_out,
4477 * cndt_found is set to one, and the function returns successfully. On the
4478 * other hand, if not even one single candidate can be found, the function
4479 * still returns successfully but cndt_found will be zero.
4480 *
4481 * Finally, suitable_cpumap is useful for telling that only the cpus in that
4482 * mask should be considered when generating placement candidates (for
4483 * example because of cpupools).
4484 *
4485 * It is up to the function to properly allocate cndt_out (by calling
4486 * libxl__numa_candidate_alloc()), while it is the caller that should init
4487 * (libxl__numa_candidate_init()) and free (libxl__numa_candidate_dispose())
4488 * it.
4489 */
4490 _hidden int libxl__get_numa_candidate(libxl__gc *gc,
4491 uint64_t min_free_memkb, int min_cpus,
4492 int min_nodes, int max_nodes,
4493 const libxl_bitmap *suitable_cpumap,
4494 libxl__numa_candidate_cmpf numa_cmpf,
4495 libxl__numa_candidate *cndt_out,
4496 int *cndt_found);
4497
4498 /* Initialization, allocation and deallocation for placement candidates */
libxl__numa_candidate_init(libxl__numa_candidate * cndt)4499 static inline void libxl__numa_candidate_init(libxl__numa_candidate *cndt)
4500 {
4501 cndt->free_memkb = 0;
4502 cndt->nr_cpus = cndt->nr_nodes = cndt->nr_vcpus = 0;
4503 libxl_bitmap_init(&cndt->nodemap);
4504 }
4505
libxl__numa_candidate_alloc(libxl__gc * gc,libxl__numa_candidate * cndt)4506 static inline int libxl__numa_candidate_alloc(libxl__gc *gc,
4507 libxl__numa_candidate *cndt)
4508 {
4509 return libxl_node_bitmap_alloc(CTX, &cndt->nodemap, 0);
4510 }
libxl__numa_candidate_dispose(libxl__numa_candidate * cndt)4511 static inline void libxl__numa_candidate_dispose(libxl__numa_candidate *cndt)
4512 {
4513 libxl_bitmap_dispose(&cndt->nodemap);
4514 }
4515
4516 /* Retrieve (in nodemap) the node map associated to placement candidate cndt */
4517 static inline
libxl__numa_candidate_get_nodemap(libxl__gc * gc,const libxl__numa_candidate * cndt,libxl_bitmap * nodemap)4518 void libxl__numa_candidate_get_nodemap(libxl__gc *gc,
4519 const libxl__numa_candidate *cndt,
4520 libxl_bitmap *nodemap)
4521 {
4522 libxl_bitmap_copy(CTX, nodemap, &cndt->nodemap);
4523 }
4524 /* Set the node map of placement candidate cndt to match nodemap */
4525 static inline
libxl__numa_candidate_put_nodemap(libxl__gc * gc,libxl__numa_candidate * cndt,const libxl_bitmap * nodemap)4526 void libxl__numa_candidate_put_nodemap(libxl__gc *gc,
4527 libxl__numa_candidate *cndt,
4528 const libxl_bitmap *nodemap)
4529 {
4530 libxl_bitmap_copy(CTX, &cndt->nodemap, nodemap);
4531 }
4532
4533 /* Check if vNUMA config is valid. Returns 0 if valid,
4534 * ERROR_VNUMA_CONFIG_INVALID otherwise.
4535 */
4536 int libxl__vnuma_config_check(libxl__gc *gc,
4537 const libxl_domain_build_info *b_info,
4538 const libxl__domain_build_state *state);
4539 int libxl__vnuma_build_vmemrange_pv_generic(libxl__gc *gc,
4540 uint32_t domid,
4541 libxl_domain_build_info *b_info,
4542 libxl__domain_build_state *state);
4543 int libxl__vnuma_build_vmemrange_pv(libxl__gc *gc,
4544 uint32_t domid,
4545 libxl_domain_build_info *b_info,
4546 libxl__domain_build_state *state);
4547 int libxl__vnuma_build_vmemrange_hvm(libxl__gc *gc,
4548 uint32_t domid,
4549 libxl_domain_build_info *b_info,
4550 libxl__domain_build_state *state,
4551 struct xc_dom_image *dom);
4552 bool libxl__vnuma_configured(const libxl_domain_build_info *b_info);
4553
4554 _hidden int libxl__ms_vm_genid_set(libxl__gc *gc, uint32_t domid,
4555 const libxl_ms_vm_genid *id);
4556
4557
4558 /* Som handy macros for defbool type. */
4559 #define LIBXL__DEFBOOL_DEFAULT (0)
4560 #define LIBXL__DEFBOOL_FALSE (-1)
4561 #define LIBXL__DEFBOOL_TRUE (1)
4562 #define LIBXL__DEFBOOL_STR_DEFAULT "<default>"
4563 #define LIBXL__DEFBOOL_STR_FALSE "False"
4564 #define LIBXL__DEFBOOL_STR_TRUE "True"
libxl__defbool_is_default(libxl_defbool * db)4565 static inline int libxl__defbool_is_default(libxl_defbool *db)
4566 {
4567 return !db->val;
4568 }
4569
4570 /*
4571 * Inserts "elm_new" into the sorted list "head".
4572 *
4573 * "elm_search" must be a loop search variable of the same type as
4574 * "elm_new". "new_after_search_p" must be an expression which is
4575 * true iff the element "elm_new" sorts after the element
4576 * "elm_search".
4577 *
4578 * "search_body" can be empty, or some declaration(s) and statement(s)
4579 * needed for "new_after_search_p".
4580 */
4581 #define LIBXL_TAILQ_INSERT_SORTED(head, entry, elm_new, elm_search, \
4582 search_body, new_after_search_p) \
4583 do { \
4584 for ((elm_search) = LIBXL_TAILQ_FIRST((head)); \
4585 (elm_search); \
4586 (elm_search) = LIBXL_TAILQ_NEXT((elm_search), entry)) { \
4587 search_body; \
4588 if (!(new_after_search_p)) \
4589 break; \
4590 } \
4591 /* now elm_search is either the element before which we want \
4592 * to place elm_new, or NULL meaning we want to put elm_new at \
4593 * the end */ \
4594 if ((elm_search)) \
4595 LIBXL_TAILQ_INSERT_BEFORE((elm_search), (elm_new), entry); \
4596 else \
4597 LIBXL_TAILQ_INSERT_TAIL((head), (elm_new), entry); \
4598 } while(0)
4599
4600
4601 /*
4602 * int CTYPE(ISFOO, char c);
4603 * int CTYPE(toupper, char c);
4604 * int CTYPE(tolower, char c);
4605 *
4606 * This is necessary because passing a simple char to a ctype.h
4607 * is forbidden. ctype.h macros take ints derived from _unsigned_ chars.
4608 *
4609 * If you have a char which might be EOF then you should already have
4610 * it in an int representing an unsigned char, and you can use the
4611 * <ctype.h> macros directly. This generally happens only with values
4612 * from fgetc et al.
4613 *
4614 * For any value known to be a character (eg, anything that came from
4615 * a char[]), use CTYPE.
4616 */
4617 #define CTYPE(isfoo,c) (isfoo((unsigned char)(c)))
4618
4619 int libxl__defbool_parse_json(libxl__gc *gc, const libxl__json_object *o,
4620 libxl_defbool *p);
4621 int libxl__bool_parse_json(libxl__gc *gc, const libxl__json_object *o,
4622 bool *p);
4623 int libxl__mac_parse_json(libxl__gc *gc, const libxl__json_object *o,
4624 libxl_mac *p);
4625 int libxl__bitmap_parse_json(libxl__gc *gc, const libxl__json_object *o,
4626 libxl_bitmap *p);
4627 int libxl__uuid_parse_json(libxl__gc *gc, const libxl__json_object *o,
4628 libxl_uuid *p);
4629 int libxl__cpuid_policy_list_parse_json(libxl__gc *gc,
4630 const libxl__json_object *o,
4631 libxl_cpuid_policy_list *p);
4632 int libxl__string_list_parse_json(libxl__gc *gc, const libxl__json_object *o,
4633 libxl_string_list *p);
4634 int libxl__key_value_list_parse_json(libxl__gc *gc,
4635 const libxl__json_object *o,
4636 libxl_key_value_list *p);
4637 int libxl__hwcap_parse_json(libxl__gc *gc, const libxl__json_object *o,
4638 libxl_hwcap *p);
4639 int libxl__ms_vm_genid_parse_json(libxl__gc *gc, const libxl__json_object *o,
4640 libxl_ms_vm_genid *p);
4641 int libxl__int_parse_json(libxl__gc *gc, const libxl__json_object *o,
4642 void *p);
4643 int libxl__uint8_parse_json(libxl__gc *gc, const libxl__json_object *o,
4644 void *p);
4645 int libxl__uint16_parse_json(libxl__gc *gc, const libxl__json_object *o,
4646 void *p);
4647 int libxl__uint32_parse_json(libxl__gc *gc, const libxl__json_object *o,
4648 void *p);
4649 int libxl__uint64_parse_json(libxl__gc *gc, const libxl__json_object *o,
4650 void *p);
4651 int libxl__string_parse_json(libxl__gc *gc, const libxl__json_object *o,
4652 char **p);
4653
4654 int libxl__random_bytes(libxl__gc *gc, uint8_t *buf, size_t len);
4655
4656 #include "_libxl_types_private.h"
4657 #include "_libxl_types_internal_private.h"
4658
4659 /* This always return false, there's no "default value" for hw cap */
libxl__hwcap_is_default(libxl_hwcap * hwcap)4660 static inline int libxl__hwcap_is_default(libxl_hwcap *hwcap)
4661 {
4662 return 0;
4663 }
4664
libxl__string_list_is_empty(libxl_string_list * psl)4665 static inline int libxl__string_list_is_empty(libxl_string_list *psl)
4666 {
4667 return !libxl_string_list_length(psl);
4668 }
4669
libxl__key_value_list_is_empty(libxl_key_value_list * pkvl)4670 static inline int libxl__key_value_list_is_empty(libxl_key_value_list *pkvl)
4671 {
4672 return !libxl_key_value_list_length(pkvl);
4673 }
4674
4675 int libxl__cpuid_policy_is_empty(libxl_cpuid_policy_list *pl);
4676
4677 /* Portability note: a proper flock(2) implementation is required */
4678 typedef struct {
4679 libxl__carefd *carefd;
4680 char *path; /* path of the lock file itself */
4681 } libxl__flock;
4682 /* The CTX_LOCK must be held around uses of this lock */
4683
4684 libxl__flock *libxl__lock_file(libxl__gc *gc, const char *filename);
4685 void libxl__unlock_file(libxl__flock *lock);
4686
4687 libxl__flock *libxl__lock_domain_userdata(libxl__gc *gc, uint32_t domid);
4688 libxl__flock *libxl__lock_domid_history(libxl__gc *gc);
4689
4690 /*
4691 * Retrieve / store domain configuration from / to libxl private
4692 * data store. The registry entry in libxl private data store
4693 * is "libxl-json".
4694 * Caller must hold user data lock.
4695 *
4696 * Other names used for this lock throughout the libxl code are json_lock,
4697 * libxl__domain_userdata_lock, "libxl-json", data store lock.
4698 *
4699 * See the comment for libxl__ao_device, and "Algorithm for handling device
4700 * removal", for information about using the libxl-json lock / json_lock.
4701 */
4702 int libxl__get_domain_configuration(libxl__gc *gc, uint32_t domid,
4703 libxl_domain_config *d_config);
4704 int libxl__set_domain_configuration(libxl__gc *gc, uint32_t domid,
4705 libxl_domain_config *d_config);
4706
4707 /* ------ Things related to updating domain configurations ----- */
4708 void libxl__update_domain_configuration(libxl__gc *gc,
4709 libxl_domain_config *dst,
4710 const libxl_domain_config *src);
4711
4712 /* Target memory in xenstore is different from what user has
4713 * asked for. The difference is video_memkb + (possible) fudge.
4714 * See libxl_set_memory_target.
4715 */
4716 static inline
libxl__get_targetmem_fudge(libxl__gc * gc,const libxl_domain_build_info * info)4717 uint64_t libxl__get_targetmem_fudge(libxl__gc *gc,
4718 const libxl_domain_build_info *info)
4719 {
4720 int64_t mem_target_fudge = (info->type == LIBXL_DOMAIN_TYPE_HVM &&
4721 info->max_memkb > info->target_memkb)
4722 ? LIBXL_MAXMEM_CONSTANT : 0;
4723
4724 return info->video_memkb + mem_target_fudge;
4725 }
4726
4727 int libxl__get_memory_target(libxl__gc *gc, uint32_t domid,
4728 uint64_t *out_target_memkb,
4729 uint64_t *out_max_memkb);
4730 void libxl__xcinfo2xlinfo(libxl_ctx *ctx,
4731 const xc_domaininfo_t *xcinfo,
4732 libxl_dominfo *xlinfo);
4733
4734 /* Macros used to compare device identifier. Returns true if the two
4735 * devices have same identifier. */
4736 #define COMPARE_DEVID(a, b) ((a)->devid == (b)->devid)
4737 #define COMPARE_DISK(a, b) (!strcmp((a)->vdev, (b)->vdev))
4738 #define COMPARE_PCI(a, b) ((a)->func == (b)->func && \
4739 (a)->bus == (b)->bus && \
4740 (a)->dev == (b)->dev)
4741 #define COMPARE_USB(a, b) ((a)->ctrl == (b)->ctrl && \
4742 (a)->port == (b)->port)
4743 #define COMPARE_USBCTRL(a, b) ((a)->devid == (b)->devid)
4744
4745 /* This function copies X bytes from source to destination bitmap,
4746 * where X is the smaller of the two sizes.
4747 *
4748 * If destination's size is larger than source, the extra bytes are
4749 * untouched.
4750 *
4751 * XXX This is introduced to fix a regression for 4.5. It shall
4752 * be revisited in 4.6 time frame.
4753 */
4754 void libxl__bitmap_copy_best_effort(libxl__gc *gc, libxl_bitmap *dptr,
4755 const libxl_bitmap *sptr);
4756
4757 int libxl__count_physical_sockets(libxl__gc *gc, int *sockets);
4758
4759 _hidden int libxl__read_sysfs_file_contents(libxl__gc *gc,
4760 const char *filename,
4761 void **data_r,
4762 int *datalen_r);
4763
4764 #define LIBXL_QEMU_USER_PREFIX "xen-qemuuser"
4765 #define LIBXL_QEMU_USER_SHARED LIBXL_QEMU_USER_PREFIX"-shared"
4766 #define LIBXL_QEMU_USER_RANGE_BASE LIBXL_QEMU_USER_PREFIX"-range-base"
4767 #define LIBXL_QEMU_USER_REAPER LIBXL_QEMU_USER_PREFIX"-reaper"
4768
libxl__acpi_defbool_val(const libxl_domain_build_info * b_info)4769 static inline bool libxl__acpi_defbool_val(const libxl_domain_build_info *b_info)
4770 {
4771 return libxl_defbool_val(b_info->acpi) &&
4772 libxl_defbool_val(b_info->u.hvm.acpi);
4773 }
4774
4775 /*
4776 * Add a device in libxl_domain_config structure
4777 *
4778 * If there is already a device with the same identifier in d_config,
4779 * that entry is updated.
4780 *
4781 * parameters:
4782 * d_config: pointer to template domain config
4783 * dt: type of `dev'
4784 * dev: the device that is to be added / removed / updated
4785 * (a copy of `dev' will be made)
4786 */
4787 void device_add_domain_config(libxl__gc *gc, libxl_domain_config *d_config,
4788 const libxl__device_type *dt,
4789 const void *dev);
4790
4791 void libxl__device_add_async(libxl__egc *egc, uint32_t domid,
4792 const libxl__device_type *dt, void *type,
4793 libxl__ao_device *aodev);
4794 int libxl__device_add(libxl__gc *gc, uint32_t domid,
4795 const libxl__device_type *dt, void *type);
4796
4797 /* Caller is responsible for freeing the memory by calling
4798 * libxl__device_list_free
4799 */
4800 void* libxl__device_list(libxl__gc *gc, const libxl__device_type *dt,
4801 uint32_t domid, int *num);
4802 void libxl__device_list_free(const libxl__device_type *dt,
4803 void *list, int num);
4804
libxl__timer_mode_is_default(libxl_timer_mode * tm)4805 static inline bool libxl__timer_mode_is_default(libxl_timer_mode *tm)
4806 {
4807 return *tm == LIBXL_TIMER_MODE_DEFAULT;
4808 }
4809
libxl__string_is_default(char ** s)4810 static inline bool libxl__string_is_default(char **s)
4811 {
4812 return *s == NULL;
4813 }
4814
4815 _hidden int libxl__prepare_sockaddr_un(libxl__gc *gc, struct sockaddr_un *un,
4816 const char *path, const char *what);
libxl__qemu_qmp_path(libxl__gc * gc,int domid)4817 static inline const char *libxl__qemu_qmp_path(libxl__gc *gc, int domid)
4818 {
4819 return GCSPRINTF("%s/qmp-libxl-%d", libxl__run_dir_path(), domid);
4820 }
4821
4822 /* Send control commands over xenstore and wait for an Ack. */
4823 _hidden int libxl__domain_pvcontrol(libxl__egc *egc,
4824 libxl__xswait_state *pvcontrol,
4825 domid_t domid, const char *cmd);
4826
4827 /*
4828 * Maximum number of seconds after desctruction then a domid remains
4829 * 'recent'. Recent domids are not allowed to be re-used. This can be
4830 * overidden, for debugging purposes, by the environment variable of the
4831 * same name.
4832 */
4833 #define LIBXL_DOMID_REUSE_TIMEOUT 60
4834
4835 /* Check whether a domid is recent */
4836 int libxl__is_domid_recent(libxl__gc *gc, uint32_t domid, bool *recent);
4837
4838 #endif
4839
4840 /*
4841 * Local variables:
4842 * mode: C
4843 * c-basic-offset: 4
4844 * indent-tabs-mode: nil
4845 * End:
4846 */
4847