[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH RFC 9/9] mm: mark pages that have their permissions controlled by a domain

  • To: Jan Beulich <JBeulich@xxxxxxxx>
  • From: Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>
  • Date: Thu, 03 Jul 2014 14:27:08 +0300
  • Cc: Mihai Dontu <mdontu@xxxxxxxxxxxxxxx>, tim@xxxxxxx, xen-devel@xxxxxxxxxxxxx
  • Comment: DomainKeys? See http://domainkeys.sourceforge.net/
  • Delivery-date: Thu, 03 Jul 2014 11:26:20 +0000
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=bitdefender.com; b=gevtaraZbvHqkZIjNMsMwlIZalYsNqAqfBd6LJUwygi2+VKuWzJhTlDpT1a/fQr73e/VN2MdM1u48CTCIPWV72uJXQC7woaS/F0e/Y94YT9/fFORurCudGF9eYn7tSyF96hLUJOvfIcVj3obDK2QFLObL+Cau0Kop/DpcPZKdGJWZ9WVFOmrO7BzRoDxBQ+lb5/jkh4NukZ5qYwOPJ7XaoOp/0s/CLwjVP7EBbTXxYG1ZFvcFz4z7mi9YzPYfgx+pXuqxXTFsXO4ETrNGh9w5/DGBik5FLlz2n6nkioHFpzibI8zhysMV58DgtxBye99rEUFkDDyH0yhgvjUha03AA==; h=Received:Received:Received:Received:Message-ID:Date:From:User-Agent:MIME-Version:To:CC:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-BitDefender-Scanner:X-BitDefender-Spam:X-BitDefender-SpamStamp:X-BitDefender-CF-Stamp;
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 07/03/2014 01:19 PM, Jan Beulich wrote:
>>>> On 02.07.14 at 15:34, <rcojocaru@xxxxxxxxxxxxxxx> wrote:
>> This goes together with the mem-event API changes and marks certain
>> pages as being controlled from outside the HV (a user domain in our
>> case). This prevents Xen from resetting the permissions in certain
>> cases, enforcing the previously expressed intention of receiving a
>> memory event everytime the owning domain triggers a fault.
> These "certain cases" would clearly benefit from being named in a
> more precise fashion - it's not been that long ago that for some of
> the cases where the access permissions got reset as a side effect
> we decided to remove that side effect, and it was discussed to also
> be done for at least one more case. I.e. perhaps you would not
> need extensive changes like the ones here if that was done?

Could you please point us to these discussions? It would definitely be
very nice if the problem has been fixed in the meantime.

We're not entirely sure what the trigger for the resets was in our case.
We've so far ruled out live migration and ballooning, by disabling them
in the .conf files for the guests.

We hook into the guest fairly early, almost immediately after it starts
running, and occasionally (quite rarely, actually), we lost the
permissions set on some pages, apparently during the boot process (or
very shortly after).

Razvan Cojocaru

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.