[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] block FE/BE grant table support for initial shared memory page

Hello!

  Attached is a patch that fully 'grant-table-ifies' the block front and 
backends.  It is necessary to do a make clean in the tools directory and 
then rebuild the tree.

Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx>




xen-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 07/04/2005 03:11:40 PM:

> > You are right, it's not the grant tables per se that need the 
privileged
> > bit to be set, but other functions need it and keep backends from 
working.
> >
> > Here are two code paths from the network backend:
> 
> I suspected it might be something like this.  There's no reason for 
those to 
> require privilege either: they can fairly trivially be converted to use 
grant 
> tables too.  Once it's fully grant-table-ified it shouldn't be necessary 
to 
> make such domains be privileged.
> 
> Full grant tables support also a pre-req for the point to point 
"snappable 
> frontend" connections directly between domains with high bandwidth 
> requirements.
> 
> Cheers,
> Mark
> 
> > from netback/interface.c calls
> >
> > 
linux-2.6.11-xen-sparse/arch/xen/i386/mm/ioremap.c:direct_remap_area_pages(
> >) calls
> >       HYPERVISOR_mmu_update calls
> >          xen/arch/x86/mm.c:do_mmu_update calls
> >            set_foreigndom() which has an IS_PRIV() in the path
> >
> > -> The direct_remap_area_pages call fails if a domain does not have 
the
> > privilege bit set.
> >
> >
> > netback/netback.c: alloc_mfn() calls
> >    HYPERVISOR_dom_mem_op(MEMOP_increase_reservation, mfn_list,
> > MAX_MFN_ALLOC, 0);
> >      xen/common/dom_mem_ops.c:do_dom_mem_op() is called which has a
> > IS_PRIV() in the path
> >
> >
> >
> >  Stefan
> >
> > > What I meant was that since grant tables are an explicit capability 
(you
> >
> > can
> >
> > > only map a page of another dom if it gave you an explicit grant) 
there's
> >
> > no
> >
> > > need for mappings in the IO path to require special privileges at 
all.
> >
> > If
> >
> > > someone gave you a grant, they must trust you enough to access that
> >
> > page.
> >
> > > Cheers,
> > > Mark
> > >
> > > >     Stefan
> > > >
> > > > > Cheers,
> > > > > Mark
> > > > >
> > > > > > The privilege does so far not
> > > > > > only mean to do dom 0 ops, but seems to also limit guest 
domains
> >
> > of
> >
> > > > doing
> > > >
> > > > > > other things - like the backend problem I see. I agree, 
though,
> >
> > that
> >
> > > > for
> > > >
> > > > > > grant table support a backend should not need privileges.
> > > > > >
> > > > > > > Cheers,
> > > > > > > Mark
> > > > > >
> > > > > > Cheers,
> > > > > >    Stefan
> > > > >
> > > > > _______________________________________________
> > > > > Xen-devel mailing list
> > > > > Xen-devel@xxxxxxxxxxxxxxxxxxx
> > > > > http://lists.xensource.com/xen-devel
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel

Attachment: blkif_grant.patch
Description: Binary data

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.