From 59bb62aa888cd4b94510e4d16003077ab1d77e9b Mon Sep 17 00:00:00 2001
From: Vincent Bernardoff <vincent.bernardoff@citrix.com>
Date: Fri, 24 Mar 2017 16:57:02 +0000
Subject: [PATCH 03/30] oxenstored: exempt dom0 from domU node quotas

If a domU has exhausted its quota we still want the toolstack in dom0 to
be able to create new nodes in places like
  /local/domain/%d/control/shutdown

Without this patch, a domU which has exhausted its quota can only be
powered off, which is not as good as being able to request a clean
shutdown.

Reported-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Thomas Sanders <thomas.sanders@citrix.com>
Signed-off-by: Euan Harris <euan.harris@citrix.com>
Acked-by: David Scott <dave.scott@citrix.com>
---
 tools/ocaml/xenstored/store.ml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tools/ocaml/xenstored/store.ml b/tools/ocaml/xenstored/store.ml
index cac0b44..3efe515 100644
--- a/tools/ocaml/xenstored/store.ml
+++ b/tools/ocaml/xenstored/store.ml
@@ -383,7 +383,7 @@ let set_node store path node =
 let write store perm path value =
 	let node, existing = get_deepest_existing_node store path in
 	let owner = Node.get_owner node in
-	if existing then
+	if existing || (Perms.Connection.is_dom0 perm) then
 		(* Only check the string length limit *)
 		Quota.check store.quota (-1) (String.length value)
 	else
@@ -398,7 +398,7 @@ let mkdir store perm path =
 	let node, existing = get_deepest_existing_node store path in
 	let owner = Node.get_owner node in
 	(* It's upt to the mkdir logic to decide what to do with existing path *)
-	if not existing then Quota.check store.quota owner 0;
+	if not (existing || (Perms.Connection.is_dom0 perm)) then Quota.check store.quota owner 0;
 	store.root <- path_mkdir store perm path;
 	Quota.add_entry store.quota owner
 
@@ -416,7 +416,7 @@ let setperms store perm path nperms =
 	| Some node ->
 		let old_owner = Node.get_owner node in
 		let new_owner = Perms.Node.get_owner nperms in
-		if old_owner <> new_owner then Quota.check store.quota new_owner 0;
+		if not ((old_owner = new_owner) || (Perms.Connection.is_dom0 perm)) then Quota.check store.quota new_owner 0;
 		store.root <- path_setperms store perm path nperms;
 		Quota.del_entry store.quota old_owner;
 		Quota.add_entry store.quota new_owner
-- 
2.1.4