[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH RFC 2/4] xen: grant_table: implement grant_table_soft_reset()

To: "Vitaly Kuznetsov" <vkuznets@xxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Mon, 08 Jun 2015 16:35:02 +0100
Cc: Olaf Hering <olaf@xxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Ian Campbell <ian.campbell@xxxxxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Julien Grall <julien.grall@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Andrew Jones <drjones@xxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, David Vrabel <david.vrabel@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, Keir Fraser <keir@xxxxxxx>
Delivery-date: Mon, 08 Jun 2015 15:35:13 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 08.06.15 at 16:58, <vkuznets@xxxxxxxxxx> wrote:
> "Jan Beulich" <JBeulich@xxxxxxxx> writes:
> 
>>>>> On 03.06.15 at 15:35, <vkuznets@xxxxxxxxxx> wrote:
>>> When soft reset is being performed we need to replace all actively
>>> granted pages with empty pages to prevent possible future memory
>>> corruption as the newly started kernel won't be aware of these
>>> granted pages.
>>> 
>>> We make the tot_pages < max_pages assumption here: previously granted pages
>>> need to belong to someone and we don't want to implement possible DoS by
>>> reassigning them to the grantee/anonymous domain/xen/.. (the malicious guest
>>> will be able to consume all host's memory).
>>
>> How is that going to look in practice? I.e. won't this cause frequent
>> failures?
>>
> 
> I'm not sure we actually need that in practice. In my testing backends
> (even with persistent grants enabled) collaborate nicely and release all
> grants. I can see a single page still being held and I suppose it's
> being held by QEMU (haven't checked what that but I think it is the
> console ring). In case we go for the toolstack-assisted approach we can
> restart qemu and add some warning when there are active grants.

But even a single page could cause the allocation to fail because of
otherwise going over the set limit.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH RFC 0/4] 'reset everything' approach to PVHVM guest kexec
  - From: Vitaly Kuznetsov
- [Xen-devel] [PATCH RFC 2/4] xen: grant_table: implement grant_table_soft_reset()
  - From: Vitaly Kuznetsov
- Re: [Xen-devel] [PATCH RFC 2/4] xen: grant_table: implement grant_table_soft_reset()
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH RFC 2/4] xen: grant_table: implement grant_table_soft_reset()
  - From: Vitaly Kuznetsov

Prev by Date: Re: [Xen-devel] [PATCH RFC 4/4] xen: arch-specific hooks for domain_soft_reset()
Next by Date: Re: [Xen-devel] QEMU bumping memory bug analysis
Previous by thread: Re: [Xen-devel] [PATCH RFC 2/4] xen: grant_table: implement grant_table_soft_reset()
Next by thread: [Xen-devel] [PATCH RFC 3/4] xen: implement SCHEDOP_soft_reset
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.