|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH 1/2] x86: correct is_pv_domain() when !CONFIG_PV
On 12.04.2021 17:40, Roger Pau Monné wrote:
> On Mon, Apr 12, 2021 at 05:24:41PM +0200, Jan Beulich wrote:
>> On 12.04.2021 16:49, Roger Pau Monné wrote:
>>> On Mon, Apr 12, 2021 at 12:07:12PM +0200, Jan Beulich wrote:
>>>> On 12.04.2021 11:34, Roger Pau Monné wrote:
>>>>> On Fri, Nov 27, 2020 at 05:54:57PM +0100, Jan Beulich wrote:
>>>>>> --- a/xen/include/xen/sched.h
>>>>>> +++ b/xen/include/xen/sched.h
>>>>>> @@ -985,7 +985,7 @@ static always_inline bool is_control_dom
>>>>>>
>>>>>> static always_inline bool is_pv_domain(const struct domain *d)
>>>>>> {
>>>>>> - return IS_ENABLED(CONFIG_PV) &&
>>>>>> + return IS_ENABLED(CONFIG_X86) &&
>>>>>> evaluate_nospec(!(d->options & XEN_DOMCTL_CDF_hvm));
>>>>>> }
>>>>>>
>>>>>> @@ -1011,7 +1011,7 @@ static always_inline bool is_pv_32bit_vc
>>>>>>
>>>>>> static always_inline bool is_pv_64bit_domain(const struct domain *d)
>>>>>> {
>>>>>> - if ( !is_pv_domain(d) )
>>>>>> + if ( !IS_ENABLED(CONFIG_PV) || !is_pv_domain(d) )
>>>>>> return false;
>>>>>
>>>>> I think overall is confusing to have a domain that returns true for
>>>>> is_pv_domain but false for both is_pv_{64,32}bit_domain checks.
>>>>>
>>>>> I know those are only the system domains, but it feels confusing and
>>>>> could cause mistakes in the future IMO, as then we would have to
>>>>> carefully think where to use ( is_pv_64bit_domain(d)
>>>>> || is_pv_32bit_domain(d) ) vs just using is_pv_domain(d), or
>>>>> IS_ENABLED(CONFIG_PV) && is_pv_domain(d)
>>>>
>>>> Imo it's not "then we would have to carefully think where to use ..."
>>>> but instead this patch is an indication that we should have been for
>>>> quite some time. For this reason (coming back to your first comment
>>>> at the top) I'm not sure adding a comment _there_ is actually useful.
>>>> Every use of is_pv_*() needs carefully considering which domains are
>>>> really meant.
>>>
>>> Maybe we shouldn't have used is_pv_domain as a way to hide code from
>>> the compiler and instead always provide dummy functions, as even with
>>> PV support compiled out we still need some of it for system domains.
>>>
>>> I'm not sure I have a good proposal to make, but it seems wrong to me
>>> that is_pv_domain(d) could be different than is_pv_64bit_domain(d) ||
>>> is_pv_32bit_domain(d).
>>
>> Hmm, so we're of opposite opinions - not sure what to do. Short of
>> having / introducing is_system_domain() or some such (with all the
>> needed auditing) I can't see how assuming the two would mean the
>> same could ever have been true. With what we have is_pv_domain() is
>> legitimately true for them, and both is_pv_{32,64}bit_domain() ought
>> to be false (as there's no specific bitness associated with them)
>> imo _at least_ when !PV.
>
> It's all quite ugly, but I wasn't really getting your reasoning that
> system domains can be considered PV domains without a bitness.
>
> I think we both agree that long term having is_system_domain would be
> the cleanest solution, but it needs a lot of auditing.
Yes.
> I think I would
> be fine if you could add a comment somewhere noting that system
> domains can be identified as PV domains without a bitness, so that
> it's likely less confusing in the future.
I've added
/*
* Note that is_pv_domain() can return true (for system domains) even when
* both is_pv_64bit_domain() and is_pv_32bit_domain() return false. IOW
* system domains can be considered PV without specific bitness.
*/
immediately ahead of is_pv_domain(). Does this sound okay?
Jan
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |