[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame

To: Paul Durrant <Paul.Durrant@xxxxxxxxxx>, "boris.ostrovsky@xxxxxxxxxx" <boris.ostrovsky@xxxxxxxxxx>, David Vrabel <david.vrabel@xxxxxxxxxx>, "jgross@xxxxxxxx" <jgross@xxxxxxxx>, "sstabellini@xxxxxxxxxx" <sstabellini@xxxxxxxxxx>, "konrad.wilk@xxxxxxxxxx" <konrad.wilk@xxxxxxxxxx>
From: Julien Grall <julien.grall@xxxxxxx>
Date: Mon, 13 Jun 2016 14:05:43 +0100
Cc: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, "steve.capper@xxxxxxx" <steve.capper@xxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>, "JBeulich@xxxxxxxx" <JBeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>
Delivery-date: Mon, 13 Jun 2016 13:06:17 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>



On 13/06/16 13:45, Paul Durrant wrote:

-----Original Message-----
From: Julien Grall [mailto:julien.grall@xxxxxxx]
Sent: 13 June 2016 13:42
To: Paul Durrant; boris.ostrovsky@xxxxxxxxxx; David Vrabel;
jgross@xxxxxxxx; sstabellini@xxxxxxxxxx; konrad.wilk@xxxxxxxxxx
Cc: Andrew Cooper; xen-devel@xxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx;
JBeulich@xxxxxxxx; steve.capper@xxxxxxx
Subject: Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when
giving access to a frame



On 13/06/16 13:41, Julien Grall wrote:

Hello Paul,

On 13/06/16 13:12, Paul Durrant wrote:

-----Original Message-----
From: Xen-devel [mailto:xen-devel-bounces@xxxxxxxxxxxxx] On Behalf

Of

Julien Grall
Sent: 13 June 2016 11:51
To: boris.ostrovsky@xxxxxxxxxx; David Vrabel; jgross@xxxxxxxx;
sstabellini@xxxxxxxxxx; konrad.wilk@xxxxxxxxxx
Cc: steve.capper@xxxxxxx; Andrew Cooper; linux-

kernel@xxxxxxxxxxxxxxx;

xen-devel@xxxxxxxxxxxxx; Julien Grall; JBeulich@xxxxxxxx
Subject: [Xen-devel] [PATCH] xen: grant-table: Check truncation when
giving
access to a frame

The version 1 of the grant-table protocol only supports frame encoded

on

32-bit.

When the platform is supporting 48-bit physical address, the frame will
be encoded on 36-bit which will lead a truncation and give access to
the wrong frame.

On ARM Xen will always allow the guest to use all the physical address,
although today the RAM is always located under 40-bits (see
xen/include/public/arch-arm.h).

Add a truncation check in gnttab_update_entry_v1 to prevent the guest

to

give access to the wrong frame.

Signed-off-by: Julien Grall <julien.grall@xxxxxxx>

---
      This is limiting us to a 44-bit address space whilst ARM can
support
      up to 48-bit today. This number of bit will increase to 52-bit in
      upcoming processors [1].

      It might be good to start thinking to extend the version 1 of the
      protocol to use 64-bit frame number.


...or simply use version 2 of the protocol.


On another mail [1], you said that "[v2] didn't scale it became
bottle-necked on dom0's grant table size,...".

So it looks like to me that version 2 is the wrong way to go.
The performance should stay the same whether the platform support
40-bit, 44-bit, 48-bit, 52-bit address space.


No, I meant the guest receive-side copy didn't scale, not grant table v2 
itself. Ok the table is bigger with v2, but to do guest receive-side copy 
required a huge table in dom0 if it was going to scale to 100s of VMs and the 
perf. benefits were never that great (if they were there at all).

Sorry I misunderstood your previous mail. So the only downside is thesize of the table.

Looking at the structure in the header (public/grant_table.h), this iseffectively much bigger. A commit in Linux [1] suggests that grant v2only supports 256 grants per page rather than 512 for v1.


How would that impact a guest?

Regards,

[1] commit 11c7ff17c9b6dbf3a4e4f36be30ad531a6cf0ec9
Author: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
Date:   Mon Jan 6 10:44:39 2014 -0500
    xen/grant-table: Force to use v1 of grants.

    We have the framework to use v2, but there are no backends that
    actually use it. The end result is that on PV we use v2 grants
    and on PVHVM v1. The v1 has a capacity of 512 grants per page while
    the v2 has 256 grants per page. This means we lose about 50%
    capacity - and if we want more than 16 VIFs (each VIF takes
    512 grants), then we are hitting the max per guest of 32.

So from my understanding the table is much more bigger.

--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
  - From: Paul Durrant

References:
- [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
  - From: Julien Grall
- Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
  - From: Paul Durrant
- Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
  - From: Julien Grall
- Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
  - From: Julien Grall
- Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
  - From: Paul Durrant

Prev by Date: Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
Next by Date: [Xen-devel] [xen-unstable-smoke test] 95652: tolerable all pass - PUSHED
Previous by thread: Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
Next by thread: Re: [Xen-devel] [PATCH] xen: grant-table: Check truncation when giving access to a frame
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.