[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH RFC v2 1/4] x86/mm: Shadow and p2m changes for PV mem_access

>> >To avoid touching them before shadow mode is actually enabled you
>> >could reshuffle the encodings so that 0 is 'default' (shadow code
>> >absolutely relies on this field being 0 when shadow more is enabled
>> >so any other user will have to maintain that).
>> Do you mean the p2m_access_t enum when you say encoding?
>Not necessarily - but you _could_ reorder the enum (and add a comment so
>make sure that other people don't reorder it again) if that does what you
>want.  Alternatively, you could use one more bit of the shadow flags as a
>'valid' bit for the access bits, where readers would replace invalid mappings
>with whatever the correct default value is.
>One other question occurs to me: what about the case of enabling, disabling
>and re-enabling the mem-access feature?  Is it OK that access permissions will
>be retained from the first use into the second or do they need to be reset

With HVM guests, the mem-access listener does the following every time it 
enables the feature:

1. Set the default access value: 
        xc_set_mem_access(xch, domain_id, default_access, ~0ull, 0). 
        All this does is set p2m->default_access. None of the individual page 
permissions are changed.
2. Convert  individual pages to the default access value:
        xc_set_mem_access(xch, domain_id, default_access, 0, domain_max_pages);
In the PV case step 2 is problematic as the range of pages that belong to the 
PV guest is unknown to the mem-access listener. I tried adding another PV 
specific API for setting default access that will walk the page_list and set 
the shadow_flag to default. But Jan rightly pointed out issues surrounding 
hypercall preemption / continuation during which, the page_list could be 
modified. So my current plan is to blow all shadow pages every time the API for 
setting default access is called. The on the subsequent page-faults where the 
PTE is marked not present, set the shadow_flag to the default access as part of 
creating the PTE. The mem-access listener for PV guests hence need not call 
step 2. Given that I only check for mem-access violation for present pages, 
this should work. Then on disabling mem-access, I will set p2m->default_access 
back to RWX and turn off shadow paging. So anytime mem-access is enabled again, 
the default value that will be set by the listener will be honored. Does this 
sound viable?


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.