|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [RFC PATCH 2/2] x86/mm: Add mem access rights to NPT
> -----Original Message----- > From: George Dunlap [mailto:george.dunlap@xxxxxxxxxx] > Sent: 27 September 2018 11:38 > To: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>; xen- > devel@xxxxxxxxxxxxxxxxxxxx > Cc: Isaila Alexandru <aisaila@xxxxxxxxxxxxxxx>; Jan Beulich > <jbeulich@xxxxxxxx>; Tim (Xen.org) <tim@xxxxxxx>; Tamas K Lengyel > <tamas.lengyel@xxxxxxxxxxxx>; Paul Durrant <Paul.Durrant@xxxxxxxxxx>; > Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>; Suravee Suthikulpanit > <suravee.suthikulpanit@xxxxxxx>; Brian Woods <brian.woods@xxxxxxx>; Boris > Ostrovsky <boris.ostrovsky@xxxxxxxxxx> > Subject: Re: [RFC PATCH 2/2] x86/mm: Add mem access rights to NPT > > On 09/26/2018 06:22 PM, Andrew Cooper wrote: > > On 26/09/18 17:47, George Dunlap wrote: > >> From: Isaila Alexandru <aisaila@xxxxxxxxxxxxxxx> > >> > >> This patch adds access control for NPT mode. > >> > >> There aren’t enough extra bits to store the access rights in the NPT > p2m > >> table, so we add a radix tree to store extra information. > > > > I'm sorry to re-open this argument, but why? > > > > ISTR there being some argument based on pagetable sharing with the > > IOMMU, but that doesn't work at the moment and can't reasonably be made > > to work. For one, attempting to use pt sharing will break as soon as > > you try and DMA to a mapped grant. > > > > I'm disinclined to let a broken vestigial feature get in the way of real > > improvements. > > > > Beyond that, an NPT PTE has basically the same number of software > > available bits as an EPT PTE. > > > > Am I missing anything? > > Wow -- looks like IOMMU/p2m sharing has been disabled unconditionally > since 2014. If nobody has complained since then, that seems like a good > enough reason to me to rip it out. > > Suravee / Brian / Boris -- any opinions? > > The main reason to go with the 'extra bits' solution rather than the > 'rip out iommu/p2m sharing' solution is because people have been > prognosticating for years that we would be running out of bits and need > more at some point in the future. I thought Paul, for instance, might > have a use for the extra bits. But I'm happy to wait until such time as > we need it and then fish this patch out of the mail archives. > The main angle I had was to have a more generic page-to-type mapping such that it would be suitable to allow steering of accesses to certain pages to distinct IOREQ servers. Paul > -George _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |