[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v7 7/8] xen/riscv: page table handling

  • To: oleksii.kurochko@xxxxxxxxx
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Fri, 27 Sep 2024 11:15:42 +0200
  • Autocrypt: addr=jbeulich@xxxxxxxx; keydata= xsDiBFk3nEQRBADAEaSw6zC/EJkiwGPXbWtPxl2xCdSoeepS07jW8UgcHNurfHvUzogEq5xk hu507c3BarVjyWCJOylMNR98Yd8VqD9UfmX0Hb8/BrA+Hl6/DB/eqGptrf4BSRwcZQM32aZK 7Pj2XbGWIUrZrd70x1eAP9QE3P79Y2oLrsCgbZJfEwCgvz9JjGmQqQkRiTVzlZVCJYcyGGsD /0tbFCzD2h20ahe8rC1gbb3K3qk+LpBtvjBu1RY9drYk0NymiGbJWZgab6t1jM7sk2vuf0Py O9Hf9XBmK0uE9IgMaiCpc32XV9oASz6UJebwkX+zF2jG5I1BfnO9g7KlotcA/v5ClMjgo6Gl MDY4HxoSRu3i1cqqSDtVlt+AOVBJBACrZcnHAUSuCXBPy0jOlBhxPqRWv6ND4c9PH1xjQ3NP nxJuMBS8rnNg22uyfAgmBKNLpLgAGVRMZGaGoJObGf72s6TeIqKJo/LtggAS9qAUiuKVnygo 3wjfkS9A3DRO+SpU7JqWdsveeIQyeyEJ/8PTowmSQLakF+3fote9ybzd880fSmFuIEJldWxp Y2ggPGpiZXVsaWNoQHN1c2UuY29tPsJgBBMRAgAgBQJZN5xEAhsDBgsJCAcDAgQVAggDBBYC AwECHgECF4AACgkQoDSui/t3IH4J+wCfQ5jHdEjCRHj23O/5ttg9r9OIruwAn3103WUITZee e7Sbg12UgcQ5lv7SzsFNBFk3nEQQCACCuTjCjFOUdi5Nm244F+78kLghRcin/awv+IrTcIWF hUpSs1Y91iQQ7KItirz5uwCPlwejSJDQJLIS+QtJHaXDXeV6NI0Uef1hP20+y8qydDiVkv6l IreXjTb7DvksRgJNvCkWtYnlS3mYvQ9NzS9PhyALWbXnH6sIJd2O9lKS1Mrfq+y0IXCP10eS FFGg+Av3IQeFatkJAyju0PPthyTqxSI4lZYuJVPknzgaeuJv/2NccrPvmeDg6Coe7ZIeQ8Yj t0ARxu2xytAkkLCel1Lz1WLmwLstV30g80nkgZf/wr+/BXJW/oIvRlonUkxv+IbBM3dX2OV8 AmRv1ySWPTP7AAMFB/9PQK/VtlNUJvg8GXj9ootzrteGfVZVVT4XBJkfwBcpC/XcPzldjv+3 HYudvpdNK3lLujXeA5fLOH+Z/G9WBc5pFVSMocI71I8bT8lIAzreg0WvkWg5V2WZsUMlnDL9 mpwIGFhlbM3gfDMs7MPMu8YQRFVdUvtSpaAs8OFfGQ0ia3LGZcjA6Ik2+xcqscEJzNH+qh8V m5jjp28yZgaqTaRbg3M/+MTbMpicpZuqF4rnB0AQD12/3BNWDR6bmh+EkYSMcEIpQmBM51qM EKYTQGybRCjpnKHGOxG0rfFY1085mBDZCH5Kx0cl0HVJuQKC+dV2ZY5AqjcKwAxpE75MLFkr wkkEGBECAAkFAlk3nEQCGwwACgkQoDSui/t3IH7nnwCfcJWUDUFKdCsBH/E5d+0ZnMQi+G0A nAuWpQkjM1ASeQwSHEeAWPgskBQL
  • Cc: Alistair Francis <alistair.francis@xxxxxxx>, Bob Eshleman <bobbyeshleman@xxxxxxxxx>, Connor Davis <connojdavis@xxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Fri, 27 Sep 2024 09:15:53 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 27.09.2024 10:49, oleksii.kurochko@xxxxxxxxx wrote:
> On Wed, 2024-09-25 at 16:58 +0200, Jan Beulich wrote:
>> On 25.09.2024 16:50, oleksii.kurochko@xxxxxxxxx wrote:
>>> On Wed, 2024-09-25 at 16:22 +0200, Jan Beulich wrote:
>>>> On 25.09.2024 12:07, oleksii.kurochko@xxxxxxxxx wrote:
>>>>> On Tue, 2024-09-24 at 15:31 +0200, Jan Beulich wrote:
>>>>>> On 24.09.2024 13:30, oleksii.kurochko@xxxxxxxxx wrote:
>>>>>>> On Tue, 2024-09-24 at 12:49 +0200, Jan Beulich wrote:
>>>>>>>> On 13.09.2024 17:57, Oleksii Kurochko wrote:
>>>>>>>>> +static int pt_next_level(bool alloc_tbl, pte_t
>>>>>>>>> **table,
>>>>>>>>> unsigned
>>>>>>>>> int offset)
>>>>>>>>> +{
>>>>>>>>> +    pte_t *entry;
>>>>>>>>> +    mfn_t mfn;
>>>>>>>>> +
>>>>>>>>> +    entry = *table + offset;
>>>>>>>>> +
>>>>>>>>> +    if ( !pte_is_valid(*entry) )
>>>>>>>>> +    {
>>>>>>>>> +        if ( !alloc_tbl )
>>>>>>>>> +            return XEN_TABLE_MAP_FAILED;
>>>>>>>>> +
>>>>>>>>> +        if ( create_table(entry) )
>>>>>>>>> +            return XEN_TABLE_MAP_FAILED;
>>>>>>>>
>>>>>>>> You're still losing the -ENOMEM here.
>>>>>>> Agree, I will save the return value of create_table and
>>>>>>> return
>>>>>>> it.
>>>>>>
>>>>>> That won't work very well, will it? 
>>>>> I think it will work, just will be needed another one check in
>>>>> pt_update_entry() where pt_next_level() is called:
>>>>>         if ( (rc == XEN_TABLE_MAP_FAILED) || (rc == -ENOMEM) )
>>>>>         ...
>>>>
>>>> Yet that's precisely why I said "won't work very well": You're
>>>> now
>>>> having
>>>> rc in two entirely distinct number spaces (XEN_TABLE_MAP_* and -
>>>> E*).
>>>> That's imo just calling for trouble down the road. Unless you
>>>> emphasized
>>>> this aspect pretty well in a comment.
>>>>
>>>>>> Imo you need a new XEN_TABLE_MAP_NOMEM.
>>>>>> (And then XEN_TABLE_MAP_FAILED may want renaming to e.g.
>>>>>> XEN_TABLE_MAP_NONE).
>>>>> I am still curious if we really need this separation. If to in
>>>>> this
>>>>> way
>>>>> then it should be updated the check in pt_update_entry():
>>>>>    --- a/xen/arch/riscv/pt.c
>>>>>    +++ b/xen/arch/riscv/pt.c
>>>>>    @@ -165,10 +165,10 @@ static int pt_next_level(bool
>>>>> alloc_tbl,
>>>>> pte_t
>>>>>    **table, unsigned int offset)
>>>>>         if ( !pte_is_valid(*entry) )
>>>>>         {
>>>>>             if ( !alloc_tbl )
>>>>>    -            return XEN_TABLE_MAP_FAILED;
>>>>>    +            return XEN_TABLE_MAP_NONE;
>>>>>     
>>>>>             if ( create_table(entry) )
>>>>>    -            return XEN_TABLE_MAP_FAILED;
>>>>>    +            return XEN_TABLE_MAP_NOMEM;
>>>>>         }
>>>>>     
>>>>>         if ( pte_is_mapping(*entry) )
>>>>>    @@ -209,7 +209,7 @@ static int pt_update_entry(mfn_t root,
>>>>> unsigned
>>>>>    long virt,
>>>>>         for ( ; level > target; level-- )
>>>>>         {
>>>>>             rc = pt_next_level(alloc_tbl, &table,
>>>>> offsets[level]);
>>>>>    -        if ( rc == XEN_TABLE_MAP_FAILED )
>>>>>    +        if ( (rc == XEN_TABLE_MAP_NONE) && (rc ==
>>>>> XEN_TABLE_MAP_NOMEM)
>>>>>    )
>>>>>             {
>>>>>                 rc = 0;
>>>>> But the handling of XEN_TABLE_MAP_NONE and XEN_TABLE_MAP_NOMEM
>>>>> seems to
>>>>> me should be left the same as this one part of the code
>>>>> actually
>>>>> catching the case when create_table() returns -ENOMEM:
>>>>>    pt_next_level()
>>>>>    {
>>>>>    ...
>>>>>                if ( flags & (PTE_VALID | PTE_POPULATE) )
>>>>>                {
>>>>>                    dprintk(XENLOG_ERR,
>>>>>                            "%s: Unable to map level %u\n",
>>>>> __func__,
>>>>>    level);
>>>>>                    rc = -ENOMEM;
>>>>>                }
>>>>
>>>> Except that you want to avoid "inventing" an error code when you
>>>> were
>>>> handed one. Just consider what happens to this code if another -
>>>> E...
>>>> could also come back from the helper.
>>> I think we can drop the usage of -ENOMEM in the helper
>>> create_table()
>>> by returning XEN_TABLE_MAP_FAILED in case of failure, with a
>>> redefinition of XEN_TABLE_MAP_FAILED = 1, XEN_TABLE_SUPER_PAGE = 2,
>>> and
>>> XEN_TABLE_NORMAL = 3, as value 0 is used to indicate that
>>> everything is
>>> okay.
>>>
>>> We can leave the pt_update() code as it is now:
>>> ...
>>>             if ( flags & (PTE_VALID | PTE_POPULATE) )
>>>             {
>>>                 dprintk(XENLOG_ERR,
>>>                       "%s: Unable to map level %u\n", __func__,
>>> level);
>>>                 rc = -ENOMEM;
>>>             }
>>> ...
>>>
>>> Because for the end user, it's better to receive the error code
>>> from
>>> xen/errno.h rather than a custom error code introduced nearby the
>>> helper.
>>>
>>> Does it make sense?
>>
>> While I think I see where you're coming from, I still don't agree.
>> And
>> I never suggested to bubble up some custom error indication. Up the
>> call
>> chain it wants to be -ENOMEM, sure. Yet keying its generation to
>> flags & (PTE_VALID | PTE_POPULATE) is both less obvious and more
>> fragile
>> (towards future code changes) than keying it to rc ==
>> XEN_TABLE_MAP_NOMEM.
> I am not sure that (rc == XEN_TABLE_MAP_NOMEM) is equal to (flags &
> (PTE_VALID | PTE_POPULATE) as XEN_TABLE_MAP_NOMEM miss the case (flags
> & PTE_VALID) == 0 ( removing a mapping case ) and for which should be
> returned 0 but not -ENOMEM.

The intention is quite clear: Return -ENOMEM if and only if an allocation
failed. Hence why I think the XEN_TABLE_MAP_NOMEM approach is preferable.

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.