|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH v9 3/3] xen/domain: introduce CONFIG_MAX_DOMID
On Wed, 28 May 2025, dmkhn@xxxxxxxxx wrote:
> From: Denis Mukhin <dmkhn@xxxxxxxxx>
>
> From: Denis Mukhin <dmukhin@xxxxxxxx>
>
> Embedded deployments of Xen do not need to have support for more than dozen of
> domains.
>
> Introduce build-time configuration option to limit the number of domains
> during
> run-time.
>
> Suggested-by: Julien Grall <julien@xxxxxxx>
> Signed-off-by: Denis Mukhin <dmukhin@xxxxxxxx>
There is one DOMID_FIRST_RESERVED check in xen/arch/arm/tee/ffa.c that
should be changed too
> ---
> Changes since v8:
> - dropped hunk w/ compile-time check for DOMID_FIRST_RESERVED
> - updated CONFIG_MAX_DOMID explanation
> - dropped public header file changes
> ---
> xen/arch/x86/cpu/mcheck/mce.c | 2 +-
> xen/arch/x86/cpu/vpmu.c | 2 +-
> xen/common/Kconfig | 8 ++++++++
> xen/common/domain.c | 20 +++++++++++---------
> xen/common/sched/core.c | 4 ++--
> xen/drivers/passthrough/vtd/iommu.c | 2 +-
> 6 files changed, 24 insertions(+), 14 deletions(-)
>
> diff --git a/xen/arch/x86/cpu/mcheck/mce.c b/xen/arch/x86/cpu/mcheck/mce.c
> index 1c348e557d..ee8ddd33b0 100644
> --- a/xen/arch/x86/cpu/mcheck/mce.c
> +++ b/xen/arch/x86/cpu/mcheck/mce.c
> @@ -1493,7 +1493,7 @@ long do_mca(XEN_GUEST_HANDLE_PARAM(xen_mc_t) u_xen_mc)
> d = rcu_lock_domain_by_any_id(mc_msrinject->mcinj_domid);
> if ( d == NULL )
> {
> - if ( mc_msrinject->mcinj_domid >= DOMID_FIRST_RESERVED )
> + if ( mc_msrinject->mcinj_domid >= CONFIG_MAX_DOMID )
> return x86_mcerr("do_mca inject: incompatible flag "
> "MC_MSRINJ_F_GPADDR with domain %d",
> -EINVAL, domid);
> diff --git a/xen/arch/x86/cpu/vpmu.c b/xen/arch/x86/cpu/vpmu.c
> index c28192ea26..67d423e088 100644
> --- a/xen/arch/x86/cpu/vpmu.c
> +++ b/xen/arch/x86/cpu/vpmu.c
> @@ -174,7 +174,7 @@ void vpmu_do_interrupt(void)
> * in XENPMU_MODE_ALL, for everyone.
> */
> if ( (vpmu_mode & XENPMU_MODE_ALL) ||
> - (sampled->domain->domain_id >= DOMID_FIRST_RESERVED) )
> + (sampled->domain->domain_id >= CONFIG_MAX_DOMID) )
> {
> sampling = choose_hwdom_vcpu();
> if ( !sampling )
> diff --git a/xen/common/Kconfig b/xen/common/Kconfig
> index 3d66d09397..ef083856b8 100644
> --- a/xen/common/Kconfig
> +++ b/xen/common/Kconfig
> @@ -579,4 +579,12 @@ config BUDDY_ALLOCATOR_SIZE
> Amount of memory reserved for the buddy allocator to serve Xen heap,
> working alongside the colored one.
>
> +config MAX_DOMID
> + int "Maximum domain ID"
> + range 1 32752
> + default 32752
> + help
> + Specifies the maximum domain ID (dom0 or late hwdom, predefined
> + domains, post-boot domains, excluding Xen system domains).
Written like this it would seem that the maximum domain ID is usable,
e.g. that 32752 is a valid domid number. Actually 32752 is 0x7ff0 which
is DOMID_FIRST_RESERVED == DOMID_SELF and cannot be used.
I think we should change the description:
Specifies the maximum domain ID (dom0 or late hwdom, predefined domains,
post-boot domains, excluding Xen system domains). This value indicates
the first domain ID that is out of bounds and cannot be used for domain
allocation.
> endmenu
> diff --git a/xen/common/domain.c b/xen/common/domain.c
> index 129b4fcb37..87e5be35e5 100644
> --- a/xen/common/domain.c
> +++ b/xen/common/domain.c
> @@ -68,7 +68,7 @@ struct domain *domain_list;
>
> /* Non-system domain ID allocator. */
> static DEFINE_SPINLOCK(domid_lock);
> -static DECLARE_BITMAP(domid_bitmap, DOMID_FIRST_RESERVED);
> +static DECLARE_BITMAP(domid_bitmap, CONFIG_MAX_DOMID);
>
> /*
> * Insert a domain into the domlist/hash. This allows the domain to be
> looked
> @@ -154,7 +154,7 @@ int domain_init_states(void)
> ASSERT(rw_is_write_locked_by_me(¤t->domain->event_lock));
>
> dom_state_changed = xvzalloc_array(unsigned long,
> - BITS_TO_LONGS(DOMID_FIRST_RESERVED));
> + BITS_TO_LONGS(CONFIG_MAX_DOMID));
> if ( !dom_state_changed )
> return -ENOMEM;
>
> @@ -234,7 +234,7 @@ int get_domain_state(struct xen_domctl_get_domain_state
> *info, struct domain *d,
> while ( dom_state_changed )
> {
> dom = find_first_bit(dom_state_changed, DOMID_MASK + 1);
> - if ( dom >= DOMID_FIRST_RESERVED )
> + if ( dom >= CONFIG_MAX_DOMID )
> break;
> if ( test_and_clear_bit(dom, dom_state_changed) )
> {
> @@ -823,7 +823,7 @@ struct domain *domain_create(domid_t domid,
> /* Sort out our idea of is_hardware_domain(). */
> if ( (flags & CDF_hardware) || domid == hardware_domid )
> {
> - if ( hardware_domid < 0 || hardware_domid >= DOMID_FIRST_RESERVED )
> + if ( hardware_domid < 0 || hardware_domid >= CONFIG_MAX_DOMID )
> panic("The value of hardware_dom must be a valid domain ID\n");
>
> /* late_hwdom is only allowed for dom0. */
> @@ -2413,9 +2413,11 @@ domid_t get_initial_domain_id(void)
>
> domid_t domid_alloc(domid_t domid)
> {
> + BUILD_BUG_ON(DOMID_FIRST_RESERVED < CONFIG_MAX_DOMID);
> +
> spin_lock(&domid_lock);
>
> - if ( domid < DOMID_FIRST_RESERVED )
> + if ( domid < CONFIG_MAX_DOMID )
> {
> if ( __test_and_set_bit(domid, domid_bitmap) )
> domid = DOMID_INVALID;
> @@ -2427,13 +2429,13 @@ domid_t domid_alloc(domid_t domid)
> const domid_t reserved_domid = get_initial_domain_id();
> const bool reserved = __test_and_set_bit(reserved_domid,
> domid_bitmap);
>
> - domid = find_next_zero_bit(domid_bitmap, DOMID_FIRST_RESERVED,
> + domid = find_next_zero_bit(domid_bitmap, CONFIG_MAX_DOMID,
> domid_last);
>
> - if ( domid == DOMID_FIRST_RESERVED )
> - domid = find_next_zero_bit(domid_bitmap, DOMID_FIRST_RESERVED,
> 0);
> + if ( domid == CONFIG_MAX_DOMID )
> + domid = find_next_zero_bit(domid_bitmap, CONFIG_MAX_DOMID, 0);
>
> - if ( domid == DOMID_FIRST_RESERVED )
> + if ( domid == CONFIG_MAX_DOMID )
> {
> domid = DOMID_INVALID;
> }
> diff --git a/xen/common/sched/core.c b/xen/common/sched/core.c
> index 9043414290..f1bfb6f6a2 100644
> --- a/xen/common/sched/core.c
> +++ b/xen/common/sched/core.c
> @@ -867,7 +867,7 @@ int sched_init_domain(struct domain *d, unsigned int
> poolid)
> int ret;
>
> ASSERT(d->cpupool == NULL);
> - ASSERT(d->domain_id < DOMID_FIRST_RESERVED);
> + ASSERT(d->domain_id < CONFIG_MAX_DOMID);
>
> if ( (ret = cpupool_add_domain(d, poolid)) )
> return ret;
> @@ -891,7 +891,7 @@ int sched_init_domain(struct domain *d, unsigned int
> poolid)
>
> void sched_destroy_domain(struct domain *d)
> {
> - ASSERT(d->domain_id < DOMID_FIRST_RESERVED);
> + ASSERT(d->domain_id < CONFIG_MAX_DOMID);
>
> if ( d->cpupool )
> {
> diff --git a/xen/drivers/passthrough/vtd/iommu.c
> b/xen/drivers/passthrough/vtd/iommu.c
> index c55f02c97e..5df85ca629 100644
> --- a/xen/drivers/passthrough/vtd/iommu.c
> +++ b/xen/drivers/passthrough/vtd/iommu.c
> @@ -1509,7 +1509,7 @@ int domain_context_mapping_one(
>
> prev_did = context_domain_id(lctxt);
> domid = did_to_domain_id(iommu, prev_did);
> - if ( domid < DOMID_FIRST_RESERVED )
> + if ( domid < CONFIG_MAX_DOMID )
> prev_dom = rcu_lock_domain_by_id(domid);
> else if ( pdev ? domid == pdev->arch.pseudo_domid : domid >
> DOMID_MASK )
> prev_dom = rcu_lock_domain(dom_io);
> --
> 2.34.1
>
>
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |