[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH RFC] x86/altp2m: fix display frozen when switching to a new view early


  • To: Jan Beulich <JBeulich@xxxxxxxx>
  • From: George Dunlap <george.dunlap@xxxxxxxxxx>
  • Date: Thu, 4 Oct 2018 16:52:53 +0100
  • Autocrypt: addr=george.dunlap@xxxxxxxxxx; prefer-encrypt=mutual; keydata= xsFNBFPqG+MBEACwPYTQpHepyshcufo0dVmqxDo917iWPslB8lauFxVf4WZtGvQSsKStHJSj 92Qkxp4CH2DwudI8qpVbnWCXsZxodDWac9c3PordLwz5/XL41LevEoM3NWRm5TNgJ3ckPA+J K5OfSK04QtmwSHFP3G/SXDJpGs+oDJgASta2AOl9vPV+t3xG6xyfa2NMGn9wmEvvVMD44Z7R W3RhZPn/NEZ5gaJhIUMgTChGwwWDOX0YPY19vcy5fT4bTIxvoZsLOkLSGoZb/jHIzkAAznug Q7PPeZJ1kXpbW9EHHaUHiCD9C87dMyty0N3TmWfp0VvBCaw32yFtM9jUgB7UVneoZUMUKeHA fgIXhJ7I7JFmw3J0PjGLxCLHf2Q5JOD8jeEXpdxugqF7B/fWYYmyIgwKutiGZeoPhl9c/7RE Bf6f9Qv4AtQoJwtLw6+5pDXsTD5q/GwhPjt7ohF7aQZTMMHhZuS52/izKhDzIufl6uiqUBge 0lqG+/ViLKwCkxHDREuSUTtfjRc9/AoAt2V2HOfgKORSCjFC1eI0+8UMxlfdq2z1AAchinU0 eSkRpX2An3CPEjgGFmu2Je4a/R/Kd6nGU8AFaE8ta0oq5BSFDRYdcKchw4TSxetkG6iUtqOO ZFS7VAdF00eqFJNQpi6IUQryhnrOByw+zSobqlOPUO7XC5fjnwARAQABzSRHZW9yZ2UgVy4g RHVubGFwIDxkdW5sYXBnQHVtaWNoLmVkdT7CwYAEEwEKACoCGwMFCwkIBwMFFQoJCAsFFgID AQACHgECF4ACGQEFAlpk2IEFCQo9I54ACgkQpjY8MQWQtG1A1BAAnc0oX3+M/jyv4j/ESJTO U2JhuWUWV6NFuzU10pUmMqpgQtiVEVU2QbCvTcZS1U/S6bqAUoiWQreDMSSgGH3a3BmRNi8n HKtarJqyK81aERM2HrjYkC1ZlRYG+jS8oWzzQrCQiTwn3eFLJrHjqowTbwahoiMw/nJ+OrZO /VXLfNeaxA5GF6emwgbpshwaUtESQ/MC5hFAFmUBZKAxp9CXG2ZhTP6ROV4fwhpnHaz8z+BT NQz8YwA4gkmFJbDUA9I0Cm9D/EZscrCGMeaVvcyldbMhWS+aH8nbqv6brhgbJEQS22eKCZDD J/ng5ea25QnS0fqu3bMrH39tDqeh7rVnt8Yu/YgOwc3XmgzmAhIDyzSinYEWJ1FkOVpIbGl9 uR6seRsfJmUK84KCScjkBhMKTOixWgNEQ/zTcLUsfTh6KQdLTn083Q5aFxWOIal2hiy9UyqR VQydowXy4Xx58rqvZjuYzdGDdAUlZ+D2O3Jp28ez5SikA/ZaaoGI9S1VWvQsQdzNfD2D+xfL qfd9yv7gko9eTJzv5zFr2MedtRb/nCrMTnvLkwNX4abB5+19JGneeRU4jy7yDYAhUXcI/waS /hHioT9MOjMh+DoLCgeZJYaOcgQdORY/IclLiLq4yFnG+4Ocft8igp79dbYYHkAkmC9te/2x Kq9nEd0Hg288EO/OwE0EVFq6vQEIAO2idItaUEplEemV2Q9mBA8YmtgckdLmaE0uzdDWL9To 1PL+qdNe7tBXKOfkKI7v32fe0nB4aecRlQJOZMWQRQ0+KLyXdJyHkq9221sHzcxsdcGs7X3c 17ep9zASq+wIYqAdZvr7pN9a3nVHZ4W7bzezuNDAvn4EpOf/o0RsWNyDlT6KECs1DuzOdRqD oOMJfYmtx9hMzqBoTdr6U20/KgnC/dmWWcJAUZXaAFp+3NYRCkk7k939VaUpoY519CeLrymd Vdke66KCiWBQXMkgtMGvGk5gLQLy4H3KXvpXoDrYKgysy7jeOccxI8owoiOdtbfM8TTDyWPR Ygjzb9LApA8AEQEAAcLBZQQYAQoADwIbDAUCWmTXMwUJB+tP9gAKCRCmNjwxBZC0bb+2D/9h jn1k5WcRHlu19WGuH6q0Kgm1LRT7PnnSz904igHNElMB5a7wRjw5kdNwU3sRm2nnmHeOJH8k Yj2Hn1QgX5SqQsysWTHWOEseGeoXydx9zZZkt3oQJM+9NV1VjK0bOXwqhiQyEUWz5/9l467F S/k4FJ5CHNRumvhLa0l2HEEu5pxq463HQZHDt4YE/9Y74eXOnYCB4nrYxQD/GSXEZvWryEWr eDoaFqzq1TKtzHhFgQG7yFUEepxLRUUtYsEpT6Rks2l4LCqG3hVD0URFIiTyuxJx3VC2Ta4L H3hxQtiaIpuXqq2D4z63h6vCx2wxfZc/WRHGbr4NAlB81l35Q/UHyMocVuYLj0llF0rwU4Aj iKZ5qWNSEdvEpL43fTvZYxQhDCjQTKbb38omu5P4kOf1HT7s+kmQKRtiLBlqHzK17D4K/180 ADw7a3gnmr5RumcZP3NGSSZA6jP5vNqQpNu4gqrPFWNQKQcW8HBiYFgq6SoLQQWbRxJDHvTR YJ2ms7oCe870gh4D1wFFqTLeyXiVqjddENGNaP8ZlCDw6EU82N8Bn5LXKjR1GWo2UK3CjrkH pTt3YYZvrhS2MO2EYEcWjyu6LALF/lS6z6LKeQZ+t9AdQUcILlrx9IxqXv6GvAoBLJY1jjGB q+/kRPrWXpoaQn7FXWGfMqU+NkY9enyrlw==
  • Cc: Kevin Tian <kevin.tian@xxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Thu, 04 Oct 2018 15:53:04 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Openpgp: preference=signencrypt

On 10/04/2018 04:45 PM, Jan Beulich wrote:
>>>> On 04.10.18 at 17:34, <george.dunlap@xxxxxxxxxx> wrote:
>> On 10/04/2018 04:20 PM, Jan Beulich wrote:
>>>>>> On 04.10.18 at 16:56, <rcojocaru@xxxxxxxxxxxxxxx> wrote:
>>>> The biggest problem here is p2m->logdirty_ranges. This patch will
>>>> (justly) not work, because struct rangeset is only forward-declared in
>>>> xen/rangeset.h, so an incomplete type here:
>>>>
>>>> -void p2m_init_altp2m_ept(struct domain *d, unsigned int i)
>>>> +int p2m_init_altp2m_ept(struct domain *d, unsigned int i)
>>>>  {
>>>>      struct p2m_domain *p2m = d->arch.altp2m_p2m[i];
>>>>      struct p2m_domain *hostp2m = p2m_get_hostp2m(d);
>>>>      struct ept_data *ept;
>>>>
>>>> +    if ( !p2m->logdirty_ranges )
>>>> +        p2m->logdirty_ranges = rangeset_new(d, "log-dirty",
>>>> +                                            RANGESETF_prettyprint_hex);
>>>> +    if ( !p2m->logdirty_ranges )
>>>> +        return -ENOMEM;
>>>> +
>>>> +    *p2m->logdirty_ranges = *hostp2m->logdirty_ranges;
>>>> +
>>>>      p2m->ept.ad = hostp2m->ept.ad;
>>>> +    p2m->max_mapped_pfn = hostp2m->max_mapped_pfn;
>>>> +    p2m->default_access = hostp2m->default_access;
>>>> +    p2m->domain = hostp2m->domain;
>>>> +
>>>> +    p2m->global_logdirty = hostp2m->global_logdirty;
>>>>      p2m->min_remapped_gfn = gfn_x(INVALID_GFN);
>>>>      p2m->max_remapped_gfn = 0;
>>>>      ept = &p2m->ept;
>>>>      ept->mfn = pagetable_get_pfn(p2m_get_pagetable(p2m));
>>>>      d->arch.altp2m_eptp[i] = ept->eptp;
>>>> +
>>>> +    return 0;
>>>> +}
>>>>
>>>> But that's not even the biggest problem: even if that would compile, it
>>>> would still be wrong, because logdirty_pages has pointers of its own,
>>>> which means that two bitwise-copied distinct rangesets can still point
>>>> to the same data and thus be vulnerable to race conditions and wanting
>>>> synchronization.
>>
>> Yes, so "deep copy" means if a structure has pointers, you copy the
>> structures pointed to; and if that structure has pointers, you copy
>> those, all the way down.  After a deep copy, any operations on the
>> structure should be operating on completely separate bits of memory and
>> pointers.
>>
>>>> Furthermore there's no rangeset_copy() function in sight in rangeset.h
>>>> (though there is a rangeset_swap()).
>>>>
>>>> Would you like me to add a rangeset_copy() function (presumably another
>>>> intermediary patch) and proceed in that manner?
>>>
>>> Roger recently has posted a patch adding rangeset_merge(), which I think
>>> is more general than your rangeset_copy(). That said, I'm in no way
>>> convinced copying (and then keeping in sync) the range sets across the
>>> altp2m-s is the best approach. It may well be that the optimal solution is
>>> somewhere in the middle between sharing everything and copying
>>> everything.
>>
>> Er, you mean maybe we should share logdirty ranges and copy other
>> things?  Or do you actually mean somehow to share bits of the logdirty
>> range structure?
> 
> The former, of course. I'm sorry for the ambiguity.
> 
>> I think we can reasonably start with a simple-and-correct approach, and
>> try to come up with an optimization later if we decide it's necessary.
>> The two basic simple-but-correct approaches would be:
>>
>> 1. Share logdirty_ranges.  This would mean not duplicating the structure
>> and keeping it in sync; but it would mean grabbing the main p2m lock on
>> every resolv_misconfig().
>>
>> 2. Duplicate the structure and keep it in sync.  This  means not
>> grabbing the main p2m lock on every resolv_misconfig(); but it does mean
>> duplicating memory, as well as grabbing the lock of every altp2m
>> structure every time logdirty_ranges changes.
>>
>> As I've said before, I think #2 is the most promising, since
>> resolv_misconfig will be called (potentially) for each entry in the p2m
>> table, but logdirty_ranges only changes once or twice during the entire
>> lifetime of the guest.
> 
> So perhaps some r/w lock wants to be introduced?

There will also be locking order issues to consider if we do that.

What's your main reason for not wanting #2?

 -George

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.