[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v4 3/5] xen/arm: clean and invalidate all guest caches by VMID after domain build.

To: Jan Beulich <JBeulich@xxxxxxxx>
From: Ian Campbell <Ian.Campbell@xxxxxxxxxx>
Date: Mon, 10 Feb 2014 14:02:04 +0000
Cc: keir@xxxxxxx, stefano.stabellini@xxxxxxxxxxxxx, tim@xxxxxxx, julien.grall@xxxxxxxxxx, ian.jackson@xxxxxxxxxxxxx, xen-devel@xxxxxxxxxxxxx
Delivery-date: Mon, 10 Feb 2014 14:02:30 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Mon, 2014-02-10 at 13:49 +0000, Jan Beulich wrote:
> >>> On 07.02.14 at 13:57, "Jan Beulich" <JBeulich@xxxxxxxx> wrote:
> >>>> On 07.02.14 at 13:12, Ian Campbell <ian.campbell@xxxxxxxxxx> wrote:
> >> --- a/xen/include/public/domctl.h
> >> +++ b/xen/include/public/domctl.h
> >> @@ -885,6 +885,17 @@ struct xen_domctl_set_max_evtchn {
> >>  typedef struct xen_domctl_set_max_evtchn xen_domctl_set_max_evtchn_t;
> >>  DEFINE_XEN_GUEST_HANDLE(xen_domctl_set_max_evtchn_t);
> >>  
> >> +/*
> >> + * ARM: Clean and invalidate caches associated with given region of
> >> + * guest memory.
> >> + */
> >> +struct xen_domctl_cacheflush {
> >> +    /* IN: page range to flush. */
> >> +    xen_pfn_t start_pfn, nr_pfns;
> >> +};
> > 
> > The name here (and of the libxc interface) is now certainly
> > counterintuitive. But it's a domctl (and an internal interface),
> > which we can change post-4.4 (I'd envision it to actually take
> > a flags parameter indicating the kind of flush that's wanted).
> 
> Actually the naming of things in the hypervisor part of the patch
> is now bogus too - sysc_page_to_ram(), for example, does in no
> way imply that the cache needs not just flushing, but also
> invalidating.

sync_and_clean_page ? Not quite right I think.

>  The need for which, btw, I continue to not
> understand: Are there ways in ARM for one guest to observe
> cache contents put in place by another guest (incl Dom0)?

The data cache is physically tagged on armv7+ (which is all we support),
so if I understand your question correctly the answer is: a guest cannot
see cache contents placed by another guest *unless* that page is freed
back to the hypervisor and recycled as a new page for that guest, which
is why we want to clean+invalidate in the allocation path, after the
page has been scrubbed if required.

If you don't invalidate the cache then a guest which starts without
caches enabled and writes to RAM may be surprised when it enables the
cache and finds the data it wrote is now shadowed by some stale cache
entries.

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v4 3/5] xen/arm: clean and invalidate all guest caches by VMID after domain build.
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH v4 3/5] xen/arm: clean and invalidate all guest caches by VMID after domain build.
  - From: Jan Beulich

References:
- [Xen-devel] [PATCH 0/5 v4] xen/arm: fix guest builder cache cohenrency (again, again)
  - From: Ian Campbell
- [Xen-devel] [PATCH v4 3/5] xen/arm: clean and invalidate all guest caches by VMID after domain build.
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH v4 3/5] xen/arm: clean and invalidate all guest caches by VMID after domain build.
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v4 3/5] xen/arm: clean and invalidate all guest caches by VMID after domain build.
  - From: Jan Beulich

Prev by Date: [Xen-devel] [PATCH] xen: install xen/gntdev.h and xen/gntalloc.h
Next by Date: Re: [Xen-devel] [XEN BUG] XEN + Qemu upstream + Qcow2 + coroutine = BOOM
Previous by thread: Re: [Xen-devel] [PATCH v4 3/5] xen/arm: clean and invalidate all guest caches by VMID after domain build.
Next by thread: Re: [Xen-devel] [PATCH v4 3/5] xen/arm: clean and invalidate all guest caches by VMID after domain build.
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.