[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH RFC 2/4] xen: grant_table: implement grant_table_soft_reset()

To: "Jan Beulich" <JBeulich@xxxxxxxx>
From: Vitaly Kuznetsov <vkuznets@xxxxxxxxxx>
Date: Mon, 08 Jun 2015 16:58:41 +0200
Cc: Olaf Hering <olaf@xxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Ian Campbell <ian.campbell@xxxxxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Julien Grall <julien.grall@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Andrew Jones <drjones@xxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, David Vrabel <david.vrabel@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, Keir Fraser <keir@xxxxxxx>
Delivery-date: Mon, 08 Jun 2015 14:58:53 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

"Jan Beulich" <JBeulich@xxxxxxxx> writes:

>>>> On 03.06.15 at 15:35, <vkuznets@xxxxxxxxxx> wrote:
>> When soft reset is being performed we need to replace all actively
>> granted pages with empty pages to prevent possible future memory
>> corruption as the newly started kernel won't be aware of these
>> granted pages.
>> 
>> We make the tot_pages < max_pages assumption here: previously granted pages
>> need to belong to someone and we don't want to implement possible DoS by
>> reassigning them to the grantee/anonymous domain/xen/.. (the malicious guest
>> will be able to consume all host's memory).
>
> How is that going to look in practice? I.e. won't this cause frequent
> failures?
>

I'm not sure we actually need that in practice. In my testing backends
(even with persistent grants enabled) collaborate nicely and release all
grants. I can see a single page still being held and I suppose it's
being held by QEMU (haven't checked what that but I think it is the
console ring). In case we go for the toolstack-assisted approach we can
restart qemu and add some warning when there are active grants.

-- 
  Vitaly

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH RFC 2/4] xen: grant_table: implement grant_table_soft_reset()
  - From: Jan Beulich

References:
- [Xen-devel] [PATCH RFC 0/4] 'reset everything' approach to PVHVM guest kexec
  - From: Vitaly Kuznetsov
- [Xen-devel] [PATCH RFC 2/4] xen: grant_table: implement grant_table_soft_reset()
  - From: Vitaly Kuznetsov
- Re: [Xen-devel] [PATCH RFC 2/4] xen: grant_table: implement grant_table_soft_reset()
  - From: Jan Beulich

Prev by Date: [Xen-devel] [PATCH 10/17] x86/hvm: remove HVMIO_dispatched I/O state
Next by Date: Re: [Xen-devel] xen-unstable build fails with XEN_DUMP_DIR undeclader in xl_cmdimpl.c
Previous by thread: Re: [Xen-devel] [PATCH RFC 2/4] xen: grant_table: implement grant_table_soft_reset()
Next by thread: Re: [Xen-devel] [PATCH RFC 2/4] xen: grant_table: implement grant_table_soft_reset()
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.