[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH 10/20] xen/domctl: Merge set_max_evtchn into createdomain
set_max_evtchn is somewhat weird. It was introduced with the event_fifo work, but has never been used. Still, it is a bounding on resources consumed by the event channel infrastructure, and should be part of createdomain, rather than editable after the fact. Drop XEN_DOMCTL_set_max_evtchn completely (including XSM hooks and libxc wrappers), and retain the functionality in XEN_DOMCTL_createdomain. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> --- CC: Jan Beulich <JBeulich@xxxxxxxx> CC: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> CC: Wei Liu <wei.liu2@xxxxxxxxxx> CC: Christian Lindig <christian.lindig@xxxxxxxxxx> CC: David Scott <dave@xxxxxxxxxx> CC: Jon Ludlam <jonathan.ludlam@xxxxxxxxxxxxx> CC: Rob Hoes <Rob.Hoes@xxxxxxxxxx> CC: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx> CC: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx> Hypervisor side cleanup is present in a later patch --- tools/flask/policy/modules/dom0.te | 2 +- tools/flask/policy/modules/xen.if | 2 +- tools/helpers/init-xenstore-domain.c | 1 + tools/libxc/include/xenctrl.h | 12 ------------ tools/libxc/xc_domain.c | 11 ----------- tools/libxl/libxl_create.c | 2 ++ tools/libxl/libxl_dom.c | 7 ------- tools/ocaml/libs/xc/xenctrl.ml | 1 + tools/ocaml/libs/xc/xenctrl.mli | 1 + tools/ocaml/libs/xc/xenctrl_stubs.c | 5 ++++- tools/python/xen/lowlevel/xc/xc.c | 1 + xen/common/domctl.c | 9 +++------ xen/include/public/domctl.h | 19 ++++++++----------- xen/xsm/flask/hooks.c | 3 --- xen/xsm/flask/policy/access_vectors | 2 -- 15 files changed, 23 insertions(+), 55 deletions(-) diff --git a/tools/flask/policy/modules/dom0.te b/tools/flask/policy/modules/dom0.te index bf794d9..4eb3843 100644 --- a/tools/flask/policy/modules/dom0.te +++ b/tools/flask/policy/modules/dom0.te @@ -38,7 +38,7 @@ allow dom0_t dom0_t:domain { getpodtarget setpodtarget set_misc_info set_virq_handler }; allow dom0_t dom0_t:domain2 { - set_cpuid gettsc settsc setscheduler set_max_evtchn set_vnumainfo + set_cpuid gettsc settsc setscheduler set_vnumainfo get_vnumainfo psr_cmt_op psr_alloc set_gnttab_limits }; allow dom0_t dom0_t:resource { add remove }; diff --git a/tools/flask/policy/modules/xen.if b/tools/flask/policy/modules/xen.if index 459880b..7dc25be 100644 --- a/tools/flask/policy/modules/xen.if +++ b/tools/flask/policy/modules/xen.if @@ -51,7 +51,7 @@ define(`create_domain_common', ` getvcpuinfo getaddrsize getaffinity setaffinity settime setdomainhandle getvcpucontext set_misc_info }; allow $1 $2:domain2 { set_cpuid settsc setscheduler setclaim - set_max_evtchn set_vnumainfo get_vnumainfo cacheflush + set_vnumainfo get_vnumainfo cacheflush psr_cmt_op psr_alloc soft_reset set_gnttab_limits }; allow $1 $2:security check_context; allow $1 $2:shadow enable; diff --git a/tools/helpers/init-xenstore-domain.c b/tools/helpers/init-xenstore-domain.c index 785e570..89c329c 100644 --- a/tools/helpers/init-xenstore-domain.c +++ b/tools/helpers/init-xenstore-domain.c @@ -66,6 +66,7 @@ static int build(xc_interface *xch) struct xen_domctl_createdomain config = { .ssidref = SECINITSID_DOMU, .flags = XEN_DOMCTL_CDF_xs_domain, + .max_evtchn_port = -1, /* No limit. */ }; xs_fd = open("/dev/xen/xenbus_backend", O_RDWR); diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h index 6ecc850..88a175f 100644 --- a/tools/libxc/include/xenctrl.h +++ b/tools/libxc/include/xenctrl.h @@ -1072,18 +1072,6 @@ int xc_domain_set_access_required(xc_interface *xch, int xc_domain_set_virq_handler(xc_interface *xch, uint32_t domid, int virq); /** - * Set the maximum event channel port a domain may bind. - * - * This does not affect ports that are already bound. - * - * @param xch a handle to an open hypervisor interface - * @param domid the domain id - * @param max_port maximum port number - */ -int xc_domain_set_max_evtchn(xc_interface *xch, uint32_t domid, - uint32_t max_port); - -/** * Set the maximum number of grant frames and maptrack frames a domain * can have. Must be used at domain setup time and only then. * diff --git a/tools/libxc/xc_domain.c b/tools/libxc/xc_domain.c index 0124cea..2bc695c 100644 --- a/tools/libxc/xc_domain.c +++ b/tools/libxc/xc_domain.c @@ -2256,17 +2256,6 @@ int xc_domain_set_virq_handler(xc_interface *xch, uint32_t domid, int virq) return do_domctl(xch, &domctl); } -int xc_domain_set_max_evtchn(xc_interface *xch, uint32_t domid, - uint32_t max_port) -{ - DECLARE_DOMCTL; - - domctl.cmd = XEN_DOMCTL_set_max_evtchn; - domctl.domain = domid; - domctl.u.set_max_evtchn.max_port = max_port; - return do_domctl(xch, &domctl); -} - int xc_domain_set_gnttab_limits(xc_interface *xch, uint32_t domid, uint32_t grant_frames, uint32_t maptrack_frames) diff --git a/tools/libxl/libxl_create.c b/tools/libxl/libxl_create.c index 668bd3e..2cb3460 100644 --- a/tools/libxl/libxl_create.c +++ b/tools/libxl/libxl_create.c @@ -553,6 +553,7 @@ int libxl__domain_make(libxl__gc *gc, libxl_domain_config *d_config, /* convenience aliases */ libxl_domain_create_info *info = &d_config->c_info; + libxl_domain_build_info *b_info = &d_config->b_info; uuid_string = libxl__uuid2string(gc, info->uuid); if (!uuid_string) { @@ -564,6 +565,7 @@ int libxl__domain_make(libxl__gc *gc, libxl_domain_config *d_config, if (!libxl_domid_valid_guest(*domid)) { struct xen_domctl_createdomain create = { .ssidref = info->ssidref, + .max_evtchn_port = b_info->event_channels, }; if (info->type != LIBXL_DOMAIN_TYPE_PV) { diff --git a/tools/libxl/libxl_dom.c b/tools/libxl/libxl_dom.c index 2e29b52..227e6cf 100644 --- a/tools/libxl/libxl_dom.c +++ b/tools/libxl/libxl_dom.c @@ -590,13 +590,6 @@ int libxl__build_post(libxl__gc *gc, uint32_t domid, if (rc) return rc; - rc = xc_domain_set_max_evtchn(ctx->xch, domid, info->event_channels); - if (rc) { - LOG(ERROR, "Failed to set event channel limit to %d (%d)", - info->event_channels, rc); - return ERROR_FAIL; - } - libxl_cpuid_apply_policy(ctx, domid); if (info->cpuid != NULL) libxl_cpuid_set(ctx, domid, info->cpuid); diff --git a/tools/ocaml/libs/xc/xenctrl.ml b/tools/ocaml/libs/xc/xenctrl.ml index 3b7526e..6dc0dd7 100644 --- a/tools/ocaml/libs/xc/xenctrl.ml +++ b/tools/ocaml/libs/xc/xenctrl.ml @@ -63,6 +63,7 @@ type domctl_create_config = ssidref: int32; handle: string; flags: domain_create_flag list; + max_evtchn_port: int32; arch: arch_domainconfig; } diff --git a/tools/ocaml/libs/xc/xenctrl.mli b/tools/ocaml/libs/xc/xenctrl.mli index d103a33..b0fec24 100644 --- a/tools/ocaml/libs/xc/xenctrl.mli +++ b/tools/ocaml/libs/xc/xenctrl.mli @@ -55,6 +55,7 @@ type domctl_create_config = { ssidref: int32; handle: string; flags: domain_create_flag list; + max_evtchn_port: int32; arch: arch_domainconfig; } diff --git a/tools/ocaml/libs/xc/xenctrl_stubs.c b/tools/ocaml/libs/xc/xenctrl_stubs.c index 360e054..c022de9 100644 --- a/tools/ocaml/libs/xc/xenctrl_stubs.c +++ b/tools/ocaml/libs/xc/xenctrl_stubs.c @@ -127,13 +127,15 @@ CAMLprim value stub_xc_domain_create(value xch, value config) #define VAL_SSIDREF Field(config, 0) #define VAL_HANDLE Field(config, 1) #define VAL_FLAGS Field(config, 2) -#define VAL_ARCH Field(config, 3) +#define VAL_MAX_EVTCHN_PORT Field(config, 3) +#define VAL_ARCH Field(config, 4) uint32_t domid = 0; int result; value l; struct xen_domctl_createdomain cfg = { .ssidref = Int32_val(VAL_SSIDREF), + .max_evtchn_port = Int32_val(VAL_MAX_EVTCHN_PORT), }; domain_handle_of_uuid_string(cfg.handle, String_val(VAL_HANDLE)); @@ -162,6 +164,7 @@ CAMLprim value stub_xc_domain_create(value xch, value config) } #undef VAL_ARCH +#undef VAL_MAX_EVTCHN_PORT #undef VAL_FLAGS #undef VAL_HANDLE #undef VAL_SSIDREF diff --git a/tools/python/xen/lowlevel/xc/xc.c b/tools/python/xen/lowlevel/xc/xc.c index d0bd173..a307de7 100644 --- a/tools/python/xen/lowlevel/xc/xc.c +++ b/tools/python/xen/lowlevel/xc/xc.c @@ -125,6 +125,7 @@ static PyObject *pyxc_domain_create(XcObject *self, 0xde, 0xad, 0xbe, 0xef, 0xde, 0xad, 0xbe, 0xef, 0xde, 0xad, 0xbe, 0xef, 0xde, 0xad, 0xbe, 0xef, }, + .max_evtchn_port = -1, /* No limit. */ }; static char *kwd_list[] = { "domid", "ssidref", "handle", "flags", "target", NULL }; diff --git a/xen/common/domctl.c b/xen/common/domctl.c index 4d275ff..14dab56 100644 --- a/xen/common/domctl.c +++ b/xen/common/domctl.c @@ -539,6 +539,9 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) break; } + d->max_evtchn_port = + min_t(unsigned int, op->u.createdomain.max_evtchn_port, INT_MAX); + ret = 0; op->domain = d->domain_id; copyback = 1; @@ -1085,12 +1088,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl) ret = set_global_virq_handler(d, op->u.set_virq_handler.virq); break; - case XEN_DOMCTL_set_max_evtchn: - d->max_evtchn_port = min_t(unsigned int, - op->u.set_max_evtchn.max_port, - INT_MAX); - break; - case XEN_DOMCTL_setvnumainfo: { struct vnuma_info *vnuma; diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h index 0535da8..515671e 100644 --- a/xen/include/public/domctl.h +++ b/xen/include/public/domctl.h @@ -65,6 +65,13 @@ struct xen_domctl_createdomain { #define _XEN_DOMCTL_CDF_xs_domain 4 #define XEN_DOMCTL_CDF_xs_domain (1U<<_XEN_DOMCTL_CDF_xs_domain) uint32_t flags; + + /* + * Various domain limits, which impact the quantity of resources (global + * mapping space, xenheap, etc) a guest may consume. + */ + uint32_t max_evtchn_port; + struct xen_arch_domainconfig arch; }; @@ -875,15 +882,6 @@ struct xen_domctl_set_broken_page_p2m { }; /* - * XEN_DOMCTL_set_max_evtchn: sets the maximum event channel port - * number the guest may use. Use this limit the amount of resources - * (global mapping space, xenheap) a guest may use for event channels. - */ -struct xen_domctl_set_max_evtchn { - uint32_t max_port; -}; - -/* * ARM: Clean and invalidate caches associated with given region of * guest memory. */ @@ -1161,7 +1159,7 @@ struct xen_domctl { #define XEN_DOMCTL_set_broken_page_p2m 67 #define XEN_DOMCTL_setnodeaffinity 68 #define XEN_DOMCTL_getnodeaffinity 69 -#define XEN_DOMCTL_set_max_evtchn 70 +/* #define XEN_DOMCTL_set_max_evtchn 70 - Moved into XEN_DOMCTL_createdomain */ #define XEN_DOMCTL_cacheflush 71 #define XEN_DOMCTL_get_vcpu_msrs 72 #define XEN_DOMCTL_set_vcpu_msrs 73 @@ -1222,7 +1220,6 @@ struct xen_domctl { struct xen_domctl_set_access_required access_required; struct xen_domctl_audit_p2m audit_p2m; struct xen_domctl_set_virq_handler set_virq_handler; - struct xen_domctl_set_max_evtchn set_max_evtchn; struct xen_domctl_gdbsx_memio gdbsx_guest_memio; struct xen_domctl_set_broken_page_p2m set_broken_page_p2m; struct xen_domctl_cacheflush cacheflush; diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index 1802d8d..1978703 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -726,9 +726,6 @@ static int flask_domctl(struct domain *d, int cmd) case XEN_DOMCTL_audit_p2m: return current_has_perm(d, SECCLASS_HVM, HVM__AUDIT_P2M); - case XEN_DOMCTL_set_max_evtchn: - return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SET_MAX_EVTCHN); - case XEN_DOMCTL_cacheflush: return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__CACHEFLUSH); diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/access_vectors index 89b9996..deecfa2 100644 --- a/xen/xsm/flask/policy/access_vectors +++ b/xen/xsm/flask/policy/access_vectors @@ -222,8 +222,6 @@ class domain2 setscheduler # XENMEM_claim_pages setclaim -# XEN_DOMCTL_set_max_evtchn - set_max_evtchn # XEN_DOMCTL_cacheflush cacheflush # Creation of the hardware domain when it is not dom0 -- 2.1.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |