[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 10/20] xen/domctl: Merge set_max_evtchn into createdomain



set_max_evtchn is somewhat weird.  It was introduced with the event_fifo work,
but has never been used.  Still, it is a bounding on resources consumed by the
event channel infrastructure, and should be part of createdomain, rather than
editable after the fact.

Drop XEN_DOMCTL_set_max_evtchn completely (including XSM hooks and libxc
wrappers), and retain the functionality in XEN_DOMCTL_createdomain.

Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
---
CC: Jan Beulich <JBeulich@xxxxxxxx>
CC: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
CC: Wei Liu <wei.liu2@xxxxxxxxxx>
CC: Christian Lindig <christian.lindig@xxxxxxxxxx>
CC: David Scott <dave@xxxxxxxxxx>
CC: Jon Ludlam <jonathan.ludlam@xxxxxxxxxxxxx>
CC: Rob Hoes <Rob.Hoes@xxxxxxxxxx>
CC: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>
CC: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>

Hypervisor side cleanup is present in a later patch
---
 tools/flask/policy/modules/dom0.te   |  2 +-
 tools/flask/policy/modules/xen.if    |  2 +-
 tools/helpers/init-xenstore-domain.c |  1 +
 tools/libxc/include/xenctrl.h        | 12 ------------
 tools/libxc/xc_domain.c              | 11 -----------
 tools/libxl/libxl_create.c           |  2 ++
 tools/libxl/libxl_dom.c              |  7 -------
 tools/ocaml/libs/xc/xenctrl.ml       |  1 +
 tools/ocaml/libs/xc/xenctrl.mli      |  1 +
 tools/ocaml/libs/xc/xenctrl_stubs.c  |  5 ++++-
 tools/python/xen/lowlevel/xc/xc.c    |  1 +
 xen/common/domctl.c                  |  9 +++------
 xen/include/public/domctl.h          | 19 ++++++++-----------
 xen/xsm/flask/hooks.c                |  3 ---
 xen/xsm/flask/policy/access_vectors  |  2 --
 15 files changed, 23 insertions(+), 55 deletions(-)

diff --git a/tools/flask/policy/modules/dom0.te 
b/tools/flask/policy/modules/dom0.te
index bf794d9..4eb3843 100644
--- a/tools/flask/policy/modules/dom0.te
+++ b/tools/flask/policy/modules/dom0.te
@@ -38,7 +38,7 @@ allow dom0_t dom0_t:domain {
        getpodtarget setpodtarget set_misc_info set_virq_handler
 };
 allow dom0_t dom0_t:domain2 {
-       set_cpuid gettsc settsc setscheduler set_max_evtchn set_vnumainfo
+       set_cpuid gettsc settsc setscheduler set_vnumainfo
        get_vnumainfo psr_cmt_op psr_alloc set_gnttab_limits
 };
 allow dom0_t dom0_t:resource { add remove };
diff --git a/tools/flask/policy/modules/xen.if 
b/tools/flask/policy/modules/xen.if
index 459880b..7dc25be 100644
--- a/tools/flask/policy/modules/xen.if
+++ b/tools/flask/policy/modules/xen.if
@@ -51,7 +51,7 @@ define(`create_domain_common', `
                        getvcpuinfo getaddrsize getaffinity setaffinity
                        settime setdomainhandle getvcpucontext set_misc_info };
        allow $1 $2:domain2 { set_cpuid settsc setscheduler setclaim
-                       set_max_evtchn set_vnumainfo get_vnumainfo cacheflush
+                       set_vnumainfo get_vnumainfo cacheflush
                        psr_cmt_op psr_alloc soft_reset set_gnttab_limits };
        allow $1 $2:security check_context;
        allow $1 $2:shadow enable;
diff --git a/tools/helpers/init-xenstore-domain.c 
b/tools/helpers/init-xenstore-domain.c
index 785e570..89c329c 100644
--- a/tools/helpers/init-xenstore-domain.c
+++ b/tools/helpers/init-xenstore-domain.c
@@ -66,6 +66,7 @@ static int build(xc_interface *xch)
     struct xen_domctl_createdomain config = {
         .ssidref = SECINITSID_DOMU,
         .flags = XEN_DOMCTL_CDF_xs_domain,
+        .max_evtchn_port = -1, /* No limit. */
     };
 
     xs_fd = open("/dev/xen/xenbus_backend", O_RDWR);
diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h
index 6ecc850..88a175f 100644
--- a/tools/libxc/include/xenctrl.h
+++ b/tools/libxc/include/xenctrl.h
@@ -1072,18 +1072,6 @@ int xc_domain_set_access_required(xc_interface *xch,
 int xc_domain_set_virq_handler(xc_interface *xch, uint32_t domid, int virq);
 
 /**
- * Set the maximum event channel port a domain may bind.
- *
- * This does not affect ports that are already bound.
- *
- * @param xch a handle to an open hypervisor interface
- * @param domid the domain id
- * @param max_port maximum port number
- */
-int xc_domain_set_max_evtchn(xc_interface *xch, uint32_t domid,
-                             uint32_t max_port);
-
-/**
  * Set the maximum number of grant frames and maptrack frames a domain
  * can have. Must be used at domain setup time and only then.
  *
diff --git a/tools/libxc/xc_domain.c b/tools/libxc/xc_domain.c
index 0124cea..2bc695c 100644
--- a/tools/libxc/xc_domain.c
+++ b/tools/libxc/xc_domain.c
@@ -2256,17 +2256,6 @@ int xc_domain_set_virq_handler(xc_interface *xch, 
uint32_t domid, int virq)
     return do_domctl(xch, &domctl);
 }
 
-int xc_domain_set_max_evtchn(xc_interface *xch, uint32_t domid,
-                             uint32_t max_port)
-{
-    DECLARE_DOMCTL;
-
-    domctl.cmd = XEN_DOMCTL_set_max_evtchn;
-    domctl.domain = domid;
-    domctl.u.set_max_evtchn.max_port = max_port;
-    return do_domctl(xch, &domctl);
-}
-
 int xc_domain_set_gnttab_limits(xc_interface *xch, uint32_t domid,
                                 uint32_t grant_frames,
                                 uint32_t maptrack_frames)
diff --git a/tools/libxl/libxl_create.c b/tools/libxl/libxl_create.c
index 668bd3e..2cb3460 100644
--- a/tools/libxl/libxl_create.c
+++ b/tools/libxl/libxl_create.c
@@ -553,6 +553,7 @@ int libxl__domain_make(libxl__gc *gc, libxl_domain_config 
*d_config,
 
     /* convenience aliases */
     libxl_domain_create_info *info = &d_config->c_info;
+    libxl_domain_build_info *b_info = &d_config->b_info;
 
     uuid_string = libxl__uuid2string(gc, info->uuid);
     if (!uuid_string) {
@@ -564,6 +565,7 @@ int libxl__domain_make(libxl__gc *gc, libxl_domain_config 
*d_config,
     if (!libxl_domid_valid_guest(*domid)) {
         struct xen_domctl_createdomain create = {
             .ssidref = info->ssidref,
+            .max_evtchn_port = b_info->event_channels,
         };
 
         if (info->type != LIBXL_DOMAIN_TYPE_PV) {
diff --git a/tools/libxl/libxl_dom.c b/tools/libxl/libxl_dom.c
index 2e29b52..227e6cf 100644
--- a/tools/libxl/libxl_dom.c
+++ b/tools/libxl/libxl_dom.c
@@ -590,13 +590,6 @@ int libxl__build_post(libxl__gc *gc, uint32_t domid,
     if (rc)
         return rc;
 
-    rc = xc_domain_set_max_evtchn(ctx->xch, domid, info->event_channels);
-    if (rc) {
-        LOG(ERROR, "Failed to set event channel limit to %d (%d)",
-            info->event_channels, rc);
-        return ERROR_FAIL;
-    }
-
     libxl_cpuid_apply_policy(ctx, domid);
     if (info->cpuid != NULL)
         libxl_cpuid_set(ctx, domid, info->cpuid);
diff --git a/tools/ocaml/libs/xc/xenctrl.ml b/tools/ocaml/libs/xc/xenctrl.ml
index 3b7526e..6dc0dd7 100644
--- a/tools/ocaml/libs/xc/xenctrl.ml
+++ b/tools/ocaml/libs/xc/xenctrl.ml
@@ -63,6 +63,7 @@ type domctl_create_config =
        ssidref: int32;
        handle: string;
        flags: domain_create_flag list;
+       max_evtchn_port: int32;
        arch: arch_domainconfig;
 }
 
diff --git a/tools/ocaml/libs/xc/xenctrl.mli b/tools/ocaml/libs/xc/xenctrl.mli
index d103a33..b0fec24 100644
--- a/tools/ocaml/libs/xc/xenctrl.mli
+++ b/tools/ocaml/libs/xc/xenctrl.mli
@@ -55,6 +55,7 @@ type domctl_create_config = {
   ssidref: int32;
   handle: string;
   flags: domain_create_flag list;
+  max_evtchn_port: int32;
   arch: arch_domainconfig;
 }
 
diff --git a/tools/ocaml/libs/xc/xenctrl_stubs.c 
b/tools/ocaml/libs/xc/xenctrl_stubs.c
index 360e054..c022de9 100644
--- a/tools/ocaml/libs/xc/xenctrl_stubs.c
+++ b/tools/ocaml/libs/xc/xenctrl_stubs.c
@@ -127,13 +127,15 @@ CAMLprim value stub_xc_domain_create(value xch, value 
config)
 #define VAL_SSIDREF             Field(config, 0)
 #define VAL_HANDLE              Field(config, 1)
 #define VAL_FLAGS               Field(config, 2)
-#define VAL_ARCH                Field(config, 3)
+#define VAL_MAX_EVTCHN_PORT     Field(config, 3)
+#define VAL_ARCH                Field(config, 4)
 
        uint32_t domid = 0;
        int result;
        value l;
        struct xen_domctl_createdomain cfg = {
                .ssidref = Int32_val(VAL_SSIDREF),
+               .max_evtchn_port = Int32_val(VAL_MAX_EVTCHN_PORT),
        };
 
        domain_handle_of_uuid_string(cfg.handle, String_val(VAL_HANDLE));
@@ -162,6 +164,7 @@ CAMLprim value stub_xc_domain_create(value xch, value 
config)
        }
 
 #undef VAL_ARCH
+#undef VAL_MAX_EVTCHN_PORT
 #undef VAL_FLAGS
 #undef VAL_HANDLE
 #undef VAL_SSIDREF
diff --git a/tools/python/xen/lowlevel/xc/xc.c 
b/tools/python/xen/lowlevel/xc/xc.c
index d0bd173..a307de7 100644
--- a/tools/python/xen/lowlevel/xc/xc.c
+++ b/tools/python/xen/lowlevel/xc/xc.c
@@ -125,6 +125,7 @@ static PyObject *pyxc_domain_create(XcObject *self,
             0xde, 0xad, 0xbe, 0xef, 0xde, 0xad, 0xbe, 0xef,
             0xde, 0xad, 0xbe, 0xef, 0xde, 0xad, 0xbe, 0xef,
         },
+        .max_evtchn_port = -1, /* No limit. */
     };
 
     static char *kwd_list[] = { "domid", "ssidref", "handle", "flags", 
"target", NULL };
diff --git a/xen/common/domctl.c b/xen/common/domctl.c
index 4d275ff..14dab56 100644
--- a/xen/common/domctl.c
+++ b/xen/common/domctl.c
@@ -539,6 +539,9 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) 
u_domctl)
             break;
         }
 
+        d->max_evtchn_port =
+            min_t(unsigned int, op->u.createdomain.max_evtchn_port, INT_MAX);
+
         ret = 0;
         op->domain = d->domain_id;
         copyback = 1;
@@ -1085,12 +1088,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) 
u_domctl)
         ret = set_global_virq_handler(d, op->u.set_virq_handler.virq);
         break;
 
-    case XEN_DOMCTL_set_max_evtchn:
-        d->max_evtchn_port = min_t(unsigned int,
-                                   op->u.set_max_evtchn.max_port,
-                                   INT_MAX);
-        break;
-
     case XEN_DOMCTL_setvnumainfo:
     {
         struct vnuma_info *vnuma;
diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h
index 0535da8..515671e 100644
--- a/xen/include/public/domctl.h
+++ b/xen/include/public/domctl.h
@@ -65,6 +65,13 @@ struct xen_domctl_createdomain {
 #define _XEN_DOMCTL_CDF_xs_domain     4
 #define XEN_DOMCTL_CDF_xs_domain      (1U<<_XEN_DOMCTL_CDF_xs_domain)
     uint32_t flags;
+
+    /*
+     * Various domain limits, which impact the quantity of resources (global
+     * mapping space, xenheap, etc) a guest may consume.
+     */
+    uint32_t max_evtchn_port;
+
     struct xen_arch_domainconfig arch;
 };
 
@@ -875,15 +882,6 @@ struct xen_domctl_set_broken_page_p2m {
 };
 
 /*
- * XEN_DOMCTL_set_max_evtchn: sets the maximum event channel port
- * number the guest may use.  Use this limit the amount of resources
- * (global mapping space, xenheap) a guest may use for event channels.
- */
-struct xen_domctl_set_max_evtchn {
-    uint32_t max_port;
-};
-
-/*
  * ARM: Clean and invalidate caches associated with given region of
  * guest memory.
  */
@@ -1161,7 +1159,7 @@ struct xen_domctl {
 #define XEN_DOMCTL_set_broken_page_p2m           67
 #define XEN_DOMCTL_setnodeaffinity               68
 #define XEN_DOMCTL_getnodeaffinity               69
-#define XEN_DOMCTL_set_max_evtchn                70
+/* #define XEN_DOMCTL_set_max_evtchn             70 - Moved into 
XEN_DOMCTL_createdomain */
 #define XEN_DOMCTL_cacheflush                    71
 #define XEN_DOMCTL_get_vcpu_msrs                 72
 #define XEN_DOMCTL_set_vcpu_msrs                 73
@@ -1222,7 +1220,6 @@ struct xen_domctl {
         struct xen_domctl_set_access_required access_required;
         struct xen_domctl_audit_p2m         audit_p2m;
         struct xen_domctl_set_virq_handler  set_virq_handler;
-        struct xen_domctl_set_max_evtchn    set_max_evtchn;
         struct xen_domctl_gdbsx_memio       gdbsx_guest_memio;
         struct xen_domctl_set_broken_page_p2m set_broken_page_p2m;
         struct xen_domctl_cacheflush        cacheflush;
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 1802d8d..1978703 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -726,9 +726,6 @@ static int flask_domctl(struct domain *d, int cmd)
     case XEN_DOMCTL_audit_p2m:
         return current_has_perm(d, SECCLASS_HVM, HVM__AUDIT_P2M);
 
-    case XEN_DOMCTL_set_max_evtchn:
-        return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SET_MAX_EVTCHN);
-
     case XEN_DOMCTL_cacheflush:
         return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__CACHEFLUSH);
 
diff --git a/xen/xsm/flask/policy/access_vectors 
b/xen/xsm/flask/policy/access_vectors
index 89b9996..deecfa2 100644
--- a/xen/xsm/flask/policy/access_vectors
+++ b/xen/xsm/flask/policy/access_vectors
@@ -222,8 +222,6 @@ class domain2
     setscheduler
 # XENMEM_claim_pages
     setclaim
-# XEN_DOMCTL_set_max_evtchn
-    set_max_evtchn
 # XEN_DOMCTL_cacheflush
     cacheflush
 # Creation of the hardware domain when it is not dom0
-- 
2.1.4


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.