[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 2/2] xen/evtchn: optimize XSM ssid field



>>> On 20.03.14 at 16:29, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> wrote:
> When FLASK is the only enabled implementation of the XSM hooks in Xen,
> some of the abstractions required to handle multiple XSM providers are
> redundant and only produce unneeded overhead.  This patch reduces the
> memory overhead of enabling XSM on event channels by replacing the
> untyped ssid pointer from struct evtchn with a union containing the
> contents of the structure.  This avoids an additional heap allocation
> for every event channel, and on 64-bit systems, reduces the size of
> struct evtchn by 4 bytes.  If an out-of-tree XSM module needs the full
> flexibility of the generic evtcnn ssid pointer, defining the symbol
> XSM_NEED_GENERIC_EVTCHN_SSID will include a suitable pointer field.
> 
> This also cleans up the unused selinux_checkreqprot declaration left
> from the Linux port.
> 
> Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
> Cc: Jan Beulich <jbeulich@xxxxxxxx>
> Cc: Keir Fraser <keir@xxxxxxx>
> ---
> Changes from v1:
>  - Enclose the security server fields in a union to make supporting
>    additional XSM modules that use this field less intrusive.
> 
>  xen/include/xen/sched.h        | 16 +++++++++++++++-
>  xen/xsm/flask/hooks.c          | 37 ++++++-------------------------------
>  xen/xsm/flask/include/objsec.h |  6 ------
>  3 files changed, 21 insertions(+), 38 deletions(-)
> 
> diff --git a/xen/include/xen/sched.h b/xen/include/xen/sched.h
> index 00f0eba..d087e43 100644
> --- a/xen/include/xen/sched.h
> +++ b/xen/include/xen/sched.h
> @@ -100,8 +100,22 @@ struct evtchn
>      u8 pending:1;
>      u16 last_vcpu_id;
>      u8 last_priority;
> +#ifdef XSM_ENABLE
> +    union {
> +#ifdef XSM_NEED_GENERIC_EVTCHN_SSID
> +        /* If an XSM module needs more space for its event channel context,
> +         * this pointer stores the necessary data for the security server.
> +         */
> +        void* generic;

Coding style - both for the comment and the placement of the *
right above. But I think if I'm the one to commit this (pending
Keir's ack) I could take care of these if no other comments show
up that would make another revision necessary.

> +#endif
>  #ifdef FLASK_ENABLE
> -    void *ssid;
> +        /* Inlining the contents of the structure for FLASK avoids unneeded
> +         * allocations, and on 64-bit platforms with only FLASK enabled,
> +         * reduces the size of struct evtchn.
> +         */

Again.

With those adjustments

Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.