diff options
Diffstat (limited to '0081-docs-enhance-xenstore.txt-with-permissions-descripti.patch')
| -rw-r--r-- | 0081-docs-enhance-xenstore.txt-with-permissions-descripti.patch | 50 |
1 files changed, 0 insertions, 50 deletions
diff --git a/0081-docs-enhance-xenstore.txt-with-permissions-descripti.patch b/0081-docs-enhance-xenstore.txt-with-permissions-descripti.patch deleted file mode 100644 index c0b9c4a..0000000 --- a/0081-docs-enhance-xenstore.txt-with-permissions-descripti.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 1f5b394d6ed0ee26b5878bd0cdf4a698bbc4294f Mon Sep 17 00:00:00 2001 -From: Juergen Gross <jgross@suse.com> -Date: Tue, 13 Sep 2022 07:35:13 +0200 -Subject: [PATCH 81/87] docs: enhance xenstore.txt with permissions description -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The permission scheme of Xenstore nodes is not really covered by -docs/misc/xenstore.txt, other than referring to the Xen wiki. - -Add a paragraph explaining the permissions of nodes, and especially -mentioning removal of nodes when a domain has been removed from -Xenstore. - -This is part of XSA-419. - -Signed-off-by: Juergen Gross <jgross@suse.com> -Reviewed-by: Edwin Török <edvin.torok@citrix.com> -Acked-by: Julien Grall <jgrall@amazon.com> -(cherry picked from commit d084d2c6dff7044956ebdf83a259ad6081a1d921) ---- - docs/misc/xenstore.txt | 11 +++++++++++ - 1 file changed, 11 insertions(+) - -diff --git a/docs/misc/xenstore.txt b/docs/misc/xenstore.txt -index a7d006519ae8..eccd596ee38c 100644 ---- a/docs/misc/xenstore.txt -+++ b/docs/misc/xenstore.txt -@@ -43,6 +43,17 @@ bytes are forbidden; clients specifying relative paths should keep - them to within 2048 bytes. (See XENSTORE_*_PATH_MAX in xs_wire.h.) - - -+Each node has one or multiple permission entries. Permissions are -+granted by domain-id, the first permission entry of each node specifies -+the owner of the node. Permissions of a node can be changed by the -+owner of the node, the owner can only be modified by the control -+domain (usually domain id 0). The owner always has the right to read -+and write the node, while other permissions can be setup to allow -+read and/or write access. When a domain is being removed from Xenstore -+nodes owned by that domain will be removed together with all of those -+nodes' children. -+ -+ - Communication with xenstore is via either sockets, or event channel - and shared memory, as specified in io/xs_wire.h: each message in - either direction is a header formatted as a struct xsd_sockmsg --- -2.37.4 - |