[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Discussion] Xen grants and access permissions

To: Juergen Gross <jgross@xxxxxxxx>
From: Viresh Kumar <viresh.kumar@xxxxxxxxxx>
Date: Tue, 21 Feb 2023 15:25:25 +0530
Cc: Oleksandr Tyshchenko <olekstysh@xxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Stratos Mailing List <stratos-dev@xxxxxxxxxxxxxxxxxxx>, Alex Bennée <alex.bennee@xxxxxxxxxx>, Mathieu Poirier <mathieu.poirier@xxxxxxxxxx>, Vincent Guittot <vincent.guittot@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxx
Delivery-date: Tue, 21 Feb 2023 09:55:33 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 20-02-23, 07:13, Juergen Gross wrote:
> There are no permission flags in Xen PV device protocols either. The kind of a
> mapping (RO or RW) in the backend is selected via the I/O operation: in case 
> it
> is a write type operation (guest writing data to a device), the related grants
> are mapper as RO in the backend, in all other cases they are mapped as RW.
> 
> The same applies to granted pages for virtio: the frontend side will grant the
> page as RO in case the I/O operation is flagged as "DMA_TO_DEVICE", and as RW
> in all other cases. The backend should always know, which direction the data 
> is
> flowing, so it should be able to do the mapping with the correct access mode.

Right, so the back-end actually knows the permission details, but it
is getting lost while we do some vhost-user operations.

Anyway, I have taken this in a different direction now and suggested a
change to vhost-user protocol itself. That lets the back-end know that
it is actually running on Xen and then it can do the mapping itself
instead of asking the front-end, which doesn't make us loose the
permission details.

This also lets us write the backends in hypervisor agnostic way,
hypervisor specific stuff is handled in vhost-user protocol's
implementation now.

https://lists.gnu.org/archive/html/qemu-devel/2023-02/msg05946.html

-- 
viresh

References:
- [Discussion] Xen grants and access permissions
  - From: Viresh Kumar
- Re: [Discussion] Xen grants and access permissions
  - From: Andrew Cooper
- Re: [Discussion] Xen grants and access permissions
  - From: Oleksandr Tyshchenko
- Re: [Discussion] Xen grants and access permissions
  - From: Juergen Gross

Prev by Date: [RFC QEMU] docs: vhost-user: Add custom memory mapping support
Next by Date: Re: [PATCH v4 2/3] Build system: Replace git:// and http:// with https://
Previous by thread: Re: [Discussion] Xen grants and access permissions
Next by thread: [xen-unstable-smoke test] 177483: tolerable trouble: pass/starved - PUSHED
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.