Hi, Dan On Thu, 22 Feb 2007 22:10:02 +0000 "Daniel P. Berrange" wrote: > The current code for stuffing the VNC port number into the XML looks in > XenStore for the VNC port number, and if it does not find it there falls > back to using 5900+domid. This is a problem because it leaves open a > race condition where the VNC daemon for a guest may not have started up > yet, and so if an app requests the XML at this time it'll get potentially > bogus port number info. In the best case there will be nothing listening > on the bogus port, in the worst case a completely different domain will > be listening on that port. > > This scenario is described here > > http://www.redhat.com/archives/et-mgmt-tools/2007-February/msg00115.html > > The reason we have the 5900+domid rule in there is to support Xen 3.0.2 > or earlier, where the port number was never stored in XenStore. For any > Xen 3.0.3 or later, we should basically never use the 5900+domid fallback > rule. So the attached patch makes it conditional on xendConfigVersion < 2 The patch is only for PV, isn't it? I think we need to fix for HVM too, like the one you have. How does that sound? Signed-off-by: Saori Fukuta <fukuta.saori@xxxxxxxxxxxxxx> Thanks, Saori Fukuta. Index: src/xend_internal.c =================================================================== --- xend_internal.c 2007-02-27 03:53:05.000000000 +0900 +++ xend_internal.c.new 2007-02-27 03:51:30.000000000 +0900 @@ -1617,7 +1617,7 @@ xend_parse_sexp_desc(virConnectPtr conn, if (tmp[0] == '1') { int port = xenStoreDomainGetVNCPort(conn, domid); const char *listenAddr = sexpr_fmt_node(root, "domain/image/%s/vnclisten", hvm ? "hvm" : "linux"); - if (port == -1) + if (port == -1 && xendConfigVersion < 2) port = 5900 + domid; if (listenAddr) virBufferVSprintf(&buf, " <graphics type='vnc' port='%d' listen='%s'/>\n", port, listenAddr);