[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 2/6] xen: pci: introduce reference counting for pdev

  • To: Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Mon, 24 Apr 2023 09:46:26 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mOigmP19IwE7vzgMkR7QKeTE0ExJfx78fcPYeV2EqxQ=; b=GtyXVqYJwBDQ+q2srdoKQWix4NyY3CJztjDgVzIO1yNGF8CUG86XZREhO6bAkjPZZlgqgqvxrJQObkGE8awP5WIQDEhLWbmmoPpar6niW28BCunZmhSLo7sWV4yZw2Fl7DrOx5jwPQ5ahnDW4ydBBHjrW3dfr2cnkPjFeWbFuZxzGWKPjep0ak85r27JfiQ2wmzyGIosYweRakpS6FJl8FnpP18s5gf0UoPtTtwX4HTRbOgMeUr4hszA/kIzqGJwroHVAiKMLPv6glbe4rkdr4UwgKuxlsONH1GDZpsitRKoIelg7LXDBOx7cwhWUtWiNgcf/PQ9Idv7gC6HUtgYLg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KGvhsRyLCMzFUKtWfqS1g2tPuQZ5CnTP3PPX7nK1ABgDT5daAMWzUmebo0v+BgAcpqFU+U9tvGTtv/zb2aQfUyjiIHWMBH5KtGNvtNV2T5Oxl1GJNGC99YMFsU1sbfa6QmdAcn+Z5JiFyoQmCuH5IddqIt+a/drvEO7yVSBrv8Vpn/zCtO12WYirhscpTqB5fe6Ok3NMOhG9W4u74SM7OJ0aYstKcbn39PC6eEGx7ODXXKrhejzGtW+hIg0GtdrGwxgu7Q06b2pQikjE/gOOyFS+t7CR5mXtu5IvW70OmOsWa2J/+OXtIlCXzG8UU4JbvEA2R47IasDa+i15dK15hw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Paul Durrant <paul@xxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Mon, 24 Apr 2023 07:46:32 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 21.04.2023 16:13, Volodymyr Babchuk wrote:
> 
> Hi Roger,
> 
> Roger Pau Monné <roger.pau@xxxxxxxxxx> writes:
> 
>> On Fri, Apr 21, 2023 at 11:00:23AM +0000, Volodymyr Babchuk wrote:
>>>
>>> Hello Roger,
>>>
>>> Roger Pau Monné <roger.pau@xxxxxxxxxx> writes:
>>>
>>>> On Mon, Apr 17, 2023 at 12:34:31PM +0200, Jan Beulich wrote:
>>>>> On 17.04.2023 12:17, Roger Pau Monné wrote:
>>>>>> On Fri, Apr 14, 2023 at 01:30:39AM +0000, Volodymyr Babchuk wrote:
>>>>>>> Above I have proposed another view on this. I hope, it will work for
>>>>>>> you. Just to reiterate, idea is to allow "harmless" refcounts to be left
>>>>>>> after returning from pci_remove_device(). By "harmless" I mean that
>>>>>>> owners of those refcounts will not try to access the physical PCI
>>>>>>> device if pci_remove_device() is already finished.
>>>>>>
>>>>>> I'm not strictly a maintainer of this piece code, albeit I have an
>>>>>> opinion.  I will like to also hear Jans opinion, since he is the
>>>>>> maintainer.
>>>>>
>>>>> I'm afraid I can't really appreciate the term "harmless refcounts". 
>>>>> Whoever
>>>>> holds a ref is entitled to access the device. As stated before, I see only
>>>>> two ways of getting things consistent: Either pci_remove_device() is
>>>>> invoked upon dropping of the last ref,
>>>>
>>>> With this approach, what would be the implementation of
>>>> PHYSDEVOP_manage_pci_remove?  Would it just check whether the pdev
>>>> exist and either return 0 or -EBUSY?
>>>>
>>>
>>> Okay, I am preparing patches with the behavior you proposed. To test it,
>>> I artificially set refcount to 2 and indeed PHYSDEVOP_manage_pci_remove
>>> returned -EBUSY, which propagated to the linux driver. Problem is that
>>> Linux driver can't do anything with this. It just displayed an error
>>> message and removed device anyways. This is because Linux sends
>>> PHYSDEVOP_manage_pci_remove in device_remove() call path and there is no
>>> way to prevent the device removal. So, admin is not capable to try this
>>> again.
>>
>> Ideally Linux won't remove the device, and then the admin would get to
>> retry.  Maybe the way the Linux hook is placed is not the best one?
>> The hypervisor should be authoritative on whether a device can be
>> removed or not, and hence PHYSDEVOP_manage_pci_remove returning an
>> error (EBUSY or otherwise) shouldn't allow the device unplug in Linux
>> to continue.
> 
> Yes, it would be ideally, but Linux driver/device model is written in a
> such way, that PCI subsystem tracks all the PCI device usage, so it can
> be certain that it can remove the device. Thus, functions in the device
> removal path either return void or 0. Of course, kernel does not know that
> hypervisor has additional uses for the device, so there is no mechanisms
> to prevent removal.

Could pciback obtain a reference on behalf of the hypervisor, dropping it
when device removal is requested (i.e. much closer to the start of that
operation), and only if it finds that no guests use the device anymore?

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.