[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/8] xen/evtchn: modify evtchn_alloc_unbound to allocate specified port

To: Jan Beulich <jbeulich@xxxxxxxx>, Rahul Singh <Rahul.Singh@xxxxxxx>
From: Julien Grall <julien@xxxxxxx>
Date: Wed, 13 Jul 2022 10:35:59 +0100
Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
Delivery-date: Wed, 13 Jul 2022 09:36:10 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi,

On 13/07/2022 07:21, Jan Beulich wrote:

For the FIFO issue, we can introduce the new config option to restrict the 
maximum number of static
port supported in Xen. We can check the user-defined static port when we parse 
the device tree and if
a user-defined static port is greater than the maximum allowed static port will 
return an error to the user.
In this way, we can avoid allocating a lot of memory to fill the hole.

Let me know your view on this.

config MAX_STATIC_PORT
      int "Maximum number of static ports”
      range 1 4095
      help
         Controls the build-time maximum number of static port supported


The problem is not exclusive to the static event channel. So I don't
think this is right to introduce MAX_STATIC_PORT to mitigate the issue
(even though this is the only user today).

A few of alternative solutions:
    1) Handle preemption in alloc_evtchn_bucket()
    2) Allocate all the buckets when the domain is created (the max
numbers event channel is known). We may need to think about preemption
    3) Tweak is_port_valid() to check if the bucket is valid. This would
introduce a couple of extra memory access (might be OK as the bucket
would be accessed afterwards) and we would need to update some users.

At the moment, 3) is appealing me the most. I would be interested to
have an opionions from the other maintainers.


Fwiw of the named alternatives I would also prefer 3. Whether things
really need generalizing at this point I'm not sure, though.

I am worry that we may end up to forget that we had non-generaic way(e.g. MAX_STATIC_PORT) to prevent trigger the issue. So we could end upto mistakenly introduce a security issue.

However, my point was less about generalization but more aboutintroducing CONFIG_MAX_STATIC_PORT.

It seems strange to let the admin to decide the maximum number of staticport supported.

If we want to rely on non-generic mechanism, then I think the right wayto go is to restrict max_evtchn_port for domUs to 4096 (it is -1 at themoment). If we want to give more flexibility then it should be aper-domain property in the DT.


Cheers,

--
Julien Grall

Follow-Ups:
- Re: [PATCH 2/8] xen/evtchn: modify evtchn_alloc_unbound to allocate specified port
  - From: Jan Beulich

References:
- Re: [PATCH 2/8] xen/evtchn: modify evtchn_alloc_unbound to allocate specified port
  - From: Rahul Singh
- Re: [PATCH 2/8] xen/evtchn: modify evtchn_alloc_unbound to allocate specified port
  - From: Julien Grall
- Re: [PATCH 2/8] xen/evtchn: modify evtchn_alloc_unbound to allocate specified port
  - From: Jan Beulich

Prev by Date: Re: [PATCH] xen/netback: handle empty rx queue in xenvif_rx_next_skb()
Next by Date: Re: [PATCH v2 4/9] console: support multiple serial console simultaneously
Previous by thread: Re: [PATCH 2/8] xen/evtchn: modify evtchn_alloc_unbound to allocate specified port
Next by thread: Re: [PATCH 2/8] xen/evtchn: modify evtchn_alloc_unbound to allocate specified port
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.