[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Enhancing Xen's Kconfig infrastructure to support tailored solutions


  • To: Jan Beulich <JBeulich@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Thu, 14 Feb 2019 18:52:18 +0000
  • Autocrypt: addr=andrew.cooper3@xxxxxxxxxx; prefer-encrypt=mutual; keydata= mQINBFLhNn8BEADVhE+Hb8i0GV6mihnnr/uiQQdPF8kUoFzCOPXkf7jQ5sLYeJa0cQi6Penp VtiFYznTairnVsN5J+ujSTIb+OlMSJUWV4opS7WVNnxHbFTPYZVQ3erv7NKc2iVizCRZ2Kxn srM1oPXWRic8BIAdYOKOloF2300SL/bIpeD+x7h3w9B/qez7nOin5NzkxgFoaUeIal12pXSR Q354FKFoy6Vh96gc4VRqte3jw8mPuJQpfws+Pb+swvSf/i1q1+1I4jsRQQh2m6OTADHIqg2E ofTYAEh7R5HfPx0EXoEDMdRjOeKn8+vvkAwhviWXTHlG3R1QkbE5M/oywnZ83udJmi+lxjJ5 YhQ5IzomvJ16H0Bq+TLyVLO/VRksp1VR9HxCzItLNCS8PdpYYz5TC204ViycobYU65WMpzWe LFAGn8jSS25XIpqv0Y9k87dLbctKKA14Ifw2kq5OIVu2FuX+3i446JOa2vpCI9GcjCzi3oHV e00bzYiHMIl0FICrNJU0Kjho8pdo0m2uxkn6SYEpogAy9pnatUlO+erL4LqFUO7GXSdBRbw5 gNt25XTLdSFuZtMxkY3tq8MFss5QnjhehCVPEpE6y9ZjI4XB8ad1G4oBHVGK5LMsvg22PfMJ ISWFSHoF/B5+lHkCKWkFxZ0gZn33ju5n6/FOdEx4B8cMJt+cWwARAQABtClBbmRyZXcgQ29v cGVyIDxhbmRyZXcuY29vcGVyM0BjaXRyaXguY29tPokCOgQTAQgAJAIbAwULCQgHAwUVCgkI CwUWAgMBAAIeAQIXgAUCWKD95wIZAQAKCRBlw/kGpdefoHbdD/9AIoR3k6fKl+RFiFpyAhvO 59ttDFI7nIAnlYngev2XUR3acFElJATHSDO0ju+hqWqAb8kVijXLops0gOfqt3VPZq9cuHlh IMDquatGLzAadfFx2eQYIYT+FYuMoPZy/aTUazmJIDVxP7L383grjIkn+7tAv+qeDfE+txL4 SAm1UHNvmdfgL2/lcmL3xRh7sub3nJilM93RWX1Pe5LBSDXO45uzCGEdst6uSlzYR/MEr+5Z JQQ32JV64zwvf/aKaagSQSQMYNX9JFgfZ3TKWC1KJQbX5ssoX/5hNLqxMcZV3TN7kU8I3kjK mPec9+1nECOjjJSO/h4P0sBZyIUGfguwzhEeGf4sMCuSEM4xjCnwiBwftR17sr0spYcOpqET ZGcAmyYcNjy6CYadNCnfR40vhhWuCfNCBzWnUW0lFoo12wb0YnzoOLjvfD6OL3JjIUJNOmJy RCsJ5IA/Iz33RhSVRmROu+TztwuThClw63g7+hoyewv7BemKyuU6FTVhjjW+XUWmS/FzknSi dAG+insr0746cTPpSkGl3KAXeWDGJzve7/SBBfyznWCMGaf8E2P1oOdIZRxHgWj0zNr1+ooF /PzgLPiCI4OMUttTlEKChgbUTQ+5o0P080JojqfXwbPAyumbaYcQNiH1/xYbJdOFSiBv9rpt TQTBLzDKXok86LkCDQRS4TZ/ARAAkgqudHsp+hd82UVkvgnlqZjzz2vyrYfz7bkPtXaGb9H4 Rfo7mQsEQavEBdWWjbga6eMnDqtu+FC+qeTGYebToxEyp2lKDSoAsvt8w82tIlP/EbmRbDVn 7bhjBlfRcFjVYw8uVDPptT0TV47vpoCVkTwcyb6OltJrvg/QzV9f07DJswuda1JH3/qvYu0p vjPnYvCq4NsqY2XSdAJ02HrdYPFtNyPEntu1n1KK+gJrstjtw7KsZ4ygXYrsm/oCBiVW/OgU g/XIlGErkrxe4vQvJyVwg6YH653YTX5hLLUEL1NS4TCo47RP+wi6y+TnuAL36UtK/uFyEuPy wwrDVcC4cIFhYSfsO0BumEI65yu7a8aHbGfq2lW251UcoU48Z27ZUUZd2Dr6O/n8poQHbaTd 6bJJSjzGGHZVbRP9UQ3lkmkmc0+XCHmj5WhwNNYjgbbmML7y0fsJT5RgvefAIFfHBg7fTY/i kBEimoUsTEQz+N4hbKwo1hULfVxDJStE4sbPhjbsPCrlXf6W9CxSyQ0qmZ2bXsLQYRj2xqd1 bpA+1o1j2N4/au1R/uSiUFjewJdT/LX1EklKDcQwpk06Af/N7VZtSfEJeRV04unbsKVXWZAk uAJyDDKN99ziC0Wz5kcPyVD1HNf8bgaqGDzrv3TfYjwqayRFcMf7xJaL9xXedMcAEQEAAYkC HwQYAQgACQUCUuE2fwIbDAAKCRBlw/kGpdefoG4XEACD1Qf/er8EA7g23HMxYWd3FXHThrVQ HgiGdk5Yh632vjOm9L4sd/GCEACVQKjsu98e8o3ysitFlznEns5EAAXEbITrgKWXDDUWGYxd pnjj2u+GkVdsOAGk0kxczX6s+VRBhpbBI2PWnOsRJgU2n10PZ3mZD4Xu9kU2IXYmuW+e5KCA vTArRUdCrAtIa1k01sPipPPw6dfxx2e5asy21YOytzxuWFfJTGnVxZZSCyLUO83sh6OZhJkk b9rxL9wPmpN/t2IPaEKoAc0FTQZS36wAMOXkBh24PQ9gaLJvfPKpNzGD8XWR5HHF0NLIJhgg 4ZlEXQ2fVp3XrtocHqhu4UZR4koCijgB8sB7Tb0GCpwK+C4UePdFLfhKyRdSXuvY3AHJd4CP 4JzW0Bzq/WXY3XMOzUTYApGQpnUpdOmuQSfpV9MQO+/jo7r6yPbxT7CwRS5dcQPzUiuHLK9i nvjREdh84qycnx0/6dDroYhp0DFv4udxuAvt1h4wGwTPRQZerSm4xaYegEFusyhbZrI0U9tJ B8WrhBLXDiYlyJT6zOV2yZFuW47VrLsjYnHwn27hmxTC/7tvG3euCklmkn9Sl9IAKFu29RSo d5bD8kMSCYsTqtTfT6W4A3qHGvIDta3ptLYpIAOD2sY3GYq2nf3Bbzx81wZK14JdDDHUX2Rs 6+ahAA==
  • Cc: James McKenzie <james.mckenzie@xxxxxxxxxxx>, robin.randhawa@xxxxxxx, Wei Liu <wei.liu2@xxxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, Daniel Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, Christopher Clark <christopher.w.clark@xxxxxxxxx>, Marek Marczykowski <marmarek@xxxxxxxxxxxxxxxxxxxxxx>, "Daniel P.Smith" <dpsmith.dev@xxxxxxxxx>, Lars Kurth <lars.kurth.xen@xxxxxxxxx>, Paul Durrant <paul.durrant@xxxxxxxxxx>, committers@xxxxxxxxxxxxxx, Suravee Suthikulpanit <suravee.suthikulpanit@xxxxxxx>, Stewart Hildebrand <Stewart.Hildebrand@xxxxxxxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxx>
  • Delivery-date: Thu, 14 Feb 2019 18:53:10 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Openpgp: preference=signencrypt

On 14/02/2019 09:53, Jan Beulich wrote:
>>>> On 13.02.19 at 20:11, <sstabellini@xxxxxxxxxx> wrote:
>> On Wed, 13 Feb 2019, Wei Liu wrote:
>>> On Tue, Feb 12, 2019 at 09:34:25PM -0500, Daniel P. Smith wrote:
>>>> Greetings,
>>>>
>>>> On the 11/14/18 Xen x86 community call a discussion was initiated about
>>>> using Kconfig to build minimized versions of Xen for security, safety
>>>> and other certification requirements. After some offline discussions
>>>> with Xen contributors I realized that a variety of efforts each with
>>>> their own respective goals are underway,
>>>>
>>>>  - nested virtualization
>>>>  - mixed criticality architectures
>>>>  - reducing trusted componentary
>>>>  - combining hardware protection of virtualization with performance and
>>>> ease-of-use of containers
>>>>
>>>> These efforts use hypervisors in different roles, all which Xen is
>>>> capable of meeting. Today Xen's utility comes at the expense of carrying
>>>> features necessary for one role to be present in another role where it
>>>> is not required, e.g. PV interfaces that may not be essential in an ARM
>>>> mixed criticality deployment.
>>>>
>>>> The initial focus will be to explore and document the range of possible
>>>> use cases that are of interest to the Xen community. This will be the
>>>> input to a design document that is crafted in conjunction with the Xen
>>>> maintainers, to identify possible approaches to extend the existing
>>>> Kconfig infrastructure to produce tailored instances of Xen.
>>>>
>>>> If you are interested in participating in this effort, please reply to
>>>> this thread to outline possible use cases, design constraints and other
>>>> considerations for improving Xen's Kconfig infrastructure to support
>>>> tailoring for specific use cases.
>>>>
>>> My impression from the community call is that you want to provide
>>> smallish configurations for different use cases.
>>>
>>> The Kconfig infrastructure is already able to do what you want as far as
>>> I can tell.  You can easily feed it a base config file -- see files
>>> under automation/configs/x86/.  What sort of extension is needed in your
>>> opinion?
>>>
>>> As use case goes, it would be a good start if you just submit something
>>> you care about.
>> I mentioned on the call that a good first start could be a kconfig that
>> allows to build an hypervisor binary with only support for PVH and only
>> support for recent Intel machines, with the goal of minimizing the code
>> base to less than 100K LOC.
> "With only support for PVH" (which really means HVM) we already have.
> "With only support for recent Intel machines" would require adding new
> Kconfig options first, to control Intel, AMD, etc separately

This was always the longterm plan, after making CONFIG_{PV,HVM} work
(thanks Wei!).

Not because I expect many people to disable them in production builds,
but because it is an excellent way for CI/Randconfig to enforce that we
keep our vendor neutral and vendor specific code cleanly separated.

> and to then
> further somehow separate "old" from "new" (which may turn out not
> very easy to do without a lot of #ifdef-ary or other code churn).

I agree this is harder.  One area where we could already make a
substantial chunk of cleanup is to drop the final remnants of the UP
boot, and pre-APIC hardware.  We're long past this already, since
dropping the 32bit hypervisor build.

> I'm not aware of something like this existing on Linux either - all I'm aware
> of there is a means to control what -m<arch> option might be passed
> to the compiler, but without disabling any source code from getting
> compiled.
>
> And then "with only support for recent Intel machines" could also imply
> HAP-only; disabling shadow code (which also is already possible) will
> alone save almost 10k LOC (counting .c files only).

There are perhaps some improvements which could be made by compiling out
support for older generations of VT-x/SVM (dropping pre-Westmere Intel
hardware which allows us to depend on the unrestricted_guest feature in
hardware), but I suspect we are getting into diminishing returns here.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.