[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH V7 2/2] xen/gnttab: Store frame GFN in struct page_info on Arm

  • To: Julien Grall <julien@xxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Mon, 17 Oct 2022 15:46:09 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=10dkC5RrwW9w0NQDW4sC5vJnO/FKco350v19QrmcmD4=; b=jviU1BNNv3yzN88cuRQXJOtakwGdBYYFMUFSdKhnuh/qgWr7HRMNlIaOP24VObDrvXZzL0ogK9pb8o+G+1WP9BSYrD++SM376GgwYFPMVJbcm9z5v9c5tYGYk4MNud87PAM8TL8xERg4XWqjDC0WiidIJBuAmmjDahPYE1aMkCv2//R25115/LDfbmT99CLwk9FmG3e7QlQIN9w1f6l4pnrWpcBf3rv7q2ARN8ZDGOFANeTfs1tHMNNl5FzyBiR7GAqRSTs+dB+LFTHd09uwxbeqPeRuD4VHQDwYBLIthbLSB5uzbIRPC2E9J+1eVOPGBwbpx1EEkG68rmBxxM6KeQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=V29v2/F5Kxrasr2fVeo1VdOunl+S7QhYK8ALKZnjzHi5l0VgR8376RGIWpG+uTB5zmIoOhMeR/uPi4TxdJPgvcT+lWCziHf7g8O24hPAiO4q0FJsAXoZgH64OoJPUsMsz5vnZhvLD42SC6CW44YO89vyYgU9zmnog+asmPnb8ULxIp8TRbLdHzok/9E569xGFwr6H3u9zsEOAh4opiqLqn+TIQmRyXOhq6LNDs42pspdElnilxuXT0YiJZFUZ12yRn6JU6QswG+jhHL2mLwG3DvwwAVITPO21xkaOG+4sPN0JQMBTO8hKdnsjRM04z4yFP9XxdqqiYAGhw42YTK8VQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Oleksandr Tyshchenko <oleksandr_tyshchenko@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Julien Grall <jgrall@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Henry Wang <Henry.Wang@xxxxxxx>, Oleksandr Tyshchenko <olekstysh@xxxxxxxxx>
  • Delivery-date: Mon, 17 Oct 2022 13:46:20 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 11.10.2022 15:33, Julien Grall wrote:
> On 11/10/2022 14:28, Jan Beulich wrote:
>> On 11.10.2022 15:01, Julien Grall wrote:
>>> On 11/10/2022 12:59, Jan Beulich wrote:
>>>> On 16.07.2022 16:56, Oleksandr Tyshchenko wrote:
>>>>> From: Oleksandr Tyshchenko <oleksandr_tyshchenko@xxxxxxxx>
>>>>>
>>>>> Rework Arm implementation to store grant table frame GFN
>>>>> in struct page_info directly instead of keeping it in
>>>>> standalone status/shared arrays. This patch is based on
>>>>> the assumption that a grant table page is a xenheap page.
>>>>>
>>>>> To cover 64-bit/40-bit IPA on Arm64/Arm32 we need the space
>>>>> to hold 52-bit/28-bit + extra bit value respectively. In order
>>>>> to not grow the size of struct page_info borrow the required
>>>>> amount of bits from type_info's count portion which current
>>>>> context won't suffer (currently only 1 bit is used on Arm).
>>>>
>>>> I'm afraid this isn't true: There's no requirement for a guest to pass
>>>> all different GFNs to VCPUOP_register_vcpu_info, yet map_vcpu_info()
>>>> tries to obtain a reference for every vCPU.
>>>
>>> AFAIU, this would be a reference of the **count_info** not **type_info**
>>> (which BTW will never be incremented on Arm because we have no type
>>> support).
>>
>> I should have said "obtain a writable type reference".
> 
> Thanks for the clarification.
> 
>>
>>> The commit message is only referring to the 'type_info's count'. So...
>>>
>>>> With my adding of GFN
>>>> (really gaddr) based registration of the runstate area (already
>>>> looking towards 4.18) the maximum possible count is to further grow.
>>>
>>> ... I am not sure which problem you are referring too.
>>
>> Wow - a mere stub (but not inline) function to make the build happy.
>> Then why is the description talking about one bit that's needed on
>> Arm?
> 
> Because share_xen_page_with_guest() will always set the type info's 
> count to 1.
> 
> TBH I don't exactly know why we set it. I always assumed this was a 
> requirement for the common code but never checked.

So my first thought was that this type-ref handling all being no-ops
would be an issue with gnttab v2, but besides that not being security
supported on Arm the code also passes SHARE_rw (for a reason that
escapes me) when sharing the status pages.

It does however mean that Dom0 can map the trace buffers r/w (unless
there's some special code in Arm preventing that), despite them being
shared with SHARE_ro. Not a big problem considering all the power Dom0
has, but still against the intentions.

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.