[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH v1 02/13] xen/arm: introduce a special domain DOMID_SHARED
On Fri, 18 Mar 2022, Jan Beulich wrote: > Further (there's no particularly good place to mention this) I'm > afraid I don't view "shared" as a good name: It's not the domain > which is shared, but it's the domain to hold shared memory. To be honest I thought the same thing when reading this patch but couldn't easily come up with a better name. > For this > my first consideration would be to see whether an existing special > domain can be re-used; after all the set of reserved domain IDs is > a very limited one, and hence each value taken from there should come > with a very good reason. We did such re-use e.g. when introducing > quarantining for PCI devices, by associating them with DOM_IO rather > than inventing a new DOM_QUARANTINE. If there are good reasons > speaking against such re-use, then I'd like to ask to consider e.g. > DOMID_SHM / DOMID_SHMEM plus associated predicate. >From my point of view is totally fine to reuse one of the existing special domains if we can. DOMID_IO seems to be the closest match but its current definition doesn't cover what Penny is trying to achieve. I am happy to change its definition and make it wider to support this use-case too. It is not trivial to come up with an appropriate description though. I took a stab at it but I couldn't come up with anything better: * DOMID_IO is used for mapping memory and MMIO regions when no explicit * Domain need to be specified. * * For instance, DOMID_IO is the owner of memory pre-shared among * multiple domains at boot time, when no explicit owner is specified. * * Also, DOMID_IO is used to restrict page-table updates to mapping I/O * memory. Although no Foreign Domain need be specified to map I/O * pages, DOMID_IO is useful to ensure that no mappings to the OS's own * heap are accidentally installed. (e.g., in Linux this could cause * havoc as reference counts aren't adjusted on the I/O-mapping code * path). This only makes sense as HYPERVISOR_mmu_update()'s and * HYPERVISOR_update_va_mapping_otherdomain()'s "foreigndom" argument. * For HYPERVISOR_mmu_update() context it can be specified by any * calling domain, otherwise it's only permitted if the caller is * privileged.
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |