Xen project Mailing List

Re: [Xen-devel] [PATCH] docs/sphinx: todo/wishlist

To: Juergen Gross <jgross@xxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Tue, 23 Jul 2019 20:05:53 +0100

Authentication-results: esa4.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@xxxxxxxxxx; spf=Pass smtp.mailfrom=Andrew.Cooper3@xxxxxxxxxx; spf=None smtp.helo=postmaster@xxxxxxxxxxxxxxx

Autocrypt: addr=andrew.cooper3@xxxxxxxxxx; prefer-encrypt=mutual; keydata= mQINBFLhNn8BEADVhE+Hb8i0GV6mihnnr/uiQQdPF8kUoFzCOPXkf7jQ5sLYeJa0cQi6Penp VtiFYznTairnVsN5J+ujSTIb+OlMSJUWV4opS7WVNnxHbFTPYZVQ3erv7NKc2iVizCRZ2Kxn srM1oPXWRic8BIAdYOKOloF2300SL/bIpeD+x7h3w9B/qez7nOin5NzkxgFoaUeIal12pXSR Q354FKFoy6Vh96gc4VRqte3jw8mPuJQpfws+Pb+swvSf/i1q1+1I4jsRQQh2m6OTADHIqg2E ofTYAEh7R5HfPx0EXoEDMdRjOeKn8+vvkAwhviWXTHlG3R1QkbE5M/oywnZ83udJmi+lxjJ5 YhQ5IzomvJ16H0Bq+TLyVLO/VRksp1VR9HxCzItLNCS8PdpYYz5TC204ViycobYU65WMpzWe LFAGn8jSS25XIpqv0Y9k87dLbctKKA14Ifw2kq5OIVu2FuX+3i446JOa2vpCI9GcjCzi3oHV e00bzYiHMIl0FICrNJU0Kjho8pdo0m2uxkn6SYEpogAy9pnatUlO+erL4LqFUO7GXSdBRbw5 gNt25XTLdSFuZtMxkY3tq8MFss5QnjhehCVPEpE6y9ZjI4XB8ad1G4oBHVGK5LMsvg22PfMJ ISWFSHoF/B5+lHkCKWkFxZ0gZn33ju5n6/FOdEx4B8cMJt+cWwARAQABtClBbmRyZXcgQ29v cGVyIDxhbmRyZXcuY29vcGVyM0BjaXRyaXguY29tPokCOgQTAQgAJAIbAwULCQgHAwUVCgkI CwUWAgMBAAIeAQIXgAUCWKD95wIZAQAKCRBlw/kGpdefoHbdD/9AIoR3k6fKl+RFiFpyAhvO 59ttDFI7nIAnlYngev2XUR3acFElJATHSDO0ju+hqWqAb8kVijXLops0gOfqt3VPZq9cuHlh IMDquatGLzAadfFx2eQYIYT+FYuMoPZy/aTUazmJIDVxP7L383grjIkn+7tAv+qeDfE+txL4 SAm1UHNvmdfgL2/lcmL3xRh7sub3nJilM93RWX1Pe5LBSDXO45uzCGEdst6uSlzYR/MEr+5Z JQQ32JV64zwvf/aKaagSQSQMYNX9JFgfZ3TKWC1KJQbX5ssoX/5hNLqxMcZV3TN7kU8I3kjK mPec9+1nECOjjJSO/h4P0sBZyIUGfguwzhEeGf4sMCuSEM4xjCnwiBwftR17sr0spYcOpqET ZGcAmyYcNjy6CYadNCnfR40vhhWuCfNCBzWnUW0lFoo12wb0YnzoOLjvfD6OL3JjIUJNOmJy RCsJ5IA/Iz33RhSVRmROu+TztwuThClw63g7+hoyewv7BemKyuU6FTVhjjW+XUWmS/FzknSi dAG+insr0746cTPpSkGl3KAXeWDGJzve7/SBBfyznWCMGaf8E2P1oOdIZRxHgWj0zNr1+ooF /PzgLPiCI4OMUttTlEKChgbUTQ+5o0P080JojqfXwbPAyumbaYcQNiH1/xYbJdOFSiBv9rpt TQTBLzDKXok86LkCDQRS4TZ/ARAAkgqudHsp+hd82UVkvgnlqZjzz2vyrYfz7bkPtXaGb9H4 Rfo7mQsEQavEBdWWjbga6eMnDqtu+FC+qeTGYebToxEyp2lKDSoAsvt8w82tIlP/EbmRbDVn 7bhjBlfRcFjVYw8uVDPptT0TV47vpoCVkTwcyb6OltJrvg/QzV9f07DJswuda1JH3/qvYu0p vjPnYvCq4NsqY2XSdAJ02HrdYPFtNyPEntu1n1KK+gJrstjtw7KsZ4ygXYrsm/oCBiVW/OgU g/XIlGErkrxe4vQvJyVwg6YH653YTX5hLLUEL1NS4TCo47RP+wi6y+TnuAL36UtK/uFyEuPy wwrDVcC4cIFhYSfsO0BumEI65yu7a8aHbGfq2lW251UcoU48Z27ZUUZd2Dr6O/n8poQHbaTd 6bJJSjzGGHZVbRP9UQ3lkmkmc0+XCHmj5WhwNNYjgbbmML7y0fsJT5RgvefAIFfHBg7fTY/i kBEimoUsTEQz+N4hbKwo1hULfVxDJStE4sbPhjbsPCrlXf6W9CxSyQ0qmZ2bXsLQYRj2xqd1 bpA+1o1j2N4/au1R/uSiUFjewJdT/LX1EklKDcQwpk06Af/N7VZtSfEJeRV04unbsKVXWZAk uAJyDDKN99ziC0Wz5kcPyVD1HNf8bgaqGDzrv3TfYjwqayRFcMf7xJaL9xXedMcAEQEAAYkC HwQYAQgACQUCUuE2fwIbDAAKCRBlw/kGpdefoG4XEACD1Qf/er8EA7g23HMxYWd3FXHThrVQ HgiGdk5Yh632vjOm9L4sd/GCEACVQKjsu98e8o3ysitFlznEns5EAAXEbITrgKWXDDUWGYxd pnjj2u+GkVdsOAGk0kxczX6s+VRBhpbBI2PWnOsRJgU2n10PZ3mZD4Xu9kU2IXYmuW+e5KCA vTArRUdCrAtIa1k01sPipPPw6dfxx2e5asy21YOytzxuWFfJTGnVxZZSCyLUO83sh6OZhJkk b9rxL9wPmpN/t2IPaEKoAc0FTQZS36wAMOXkBh24PQ9gaLJvfPKpNzGD8XWR5HHF0NLIJhgg 4ZlEXQ2fVp3XrtocHqhu4UZR4koCijgB8sB7Tb0GCpwK+C4UePdFLfhKyRdSXuvY3AHJd4CP 4JzW0Bzq/WXY3XMOzUTYApGQpnUpdOmuQSfpV9MQO+/jo7r6yPbxT7CwRS5dcQPzUiuHLK9i nvjREdh84qycnx0/6dDroYhp0DFv4udxuAvt1h4wGwTPRQZerSm4xaYegEFusyhbZrI0U9tJ B8WrhBLXDiYlyJT6zOV2yZFuW47VrLsjYnHwn27hmxTC/7tvG3euCklmkn9Sl9IAKFu29RSo d5bD8kMSCYsTqtTfT6W4A3qHGvIDta3ptLYpIAOD2sY3GYq2nf3Bbzx81wZK14JdDDHUX2Rs 6+ahAA==

Cc: Lars Kurth <lars.kurth@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, Paul Durrant <paul.durrant@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>

Delivery-date: Tue, 23 Jul 2019 19:06:06 +0000

Ironport-sdr: ZoOerODDG1tW88L87CfGQun8BTKwRDKz0WK7qlGA/jwYyFhOtyeqUF5gVHwcM0yMC3ITrl0KNv p2t1RjkDkUQvGhWNW6Ki5TAhslBvlCsYcGTIJkz+HaEzWDYoLv1KPsj63gb1gk6Yy9NDJJqYbY raDmlL0MxvwiVvywSyR9uKbCpJWskhlSCy4wQ8TzPMNCk9ezXT81Pja9BC6M5TOG8rRg0C7ojl dnDf3GJgdgqlyneH+c/mjYt/tzw1k9v2f1tJd8d3cuWV2xTTEuMQokNOek/Fotx1fslcW0syEL HoQ=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Openpgp: preference=signencrypt

On 23/07/2019 16:30, Juergen Gross wrote: > On 23.07.19 15:38, Andrew Cooper wrote: >> On 23/07/2019 05:36, Juergen Gross wrote: >>> On 22.07.19 21:20, Andrew Cooper wrote: >>>> diff --git a/docs/misc/wishlist.rst b/docs/misc/wishlist.rst >>>> new file mode 100644 >>>> index 0000000000..6cdb47d6e7 >>>> --- /dev/null >>>> +++ b/docs/misc/wishlist.rst >>>> @@ -0,0 +1,53 @@ >>>> +Development Wishlist >>>> +==================== >>>> + >>>> +Remove xenstored's dependencies on unstable interfaces >>>> +------------------------------------------------------ >>>> + >>>> +Various xenstored implementations use libxc for two purposes. It >>>> would be a >>>> +substantial advantage to move xenstored onto entirely stable >>>> interfaces, which >>>> +disconnects it from the internal of the libxc. >>>> + >>>> +1. Foreign mapping of the store ring >>>> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >>>> + >>>> +This is obsolete since :xen-cs:`6a2de353a9` (2012) which allocated >>>> grant >>>> +entries instead, to allow xenstored to function as a stub-domain >>>> without dom0 >>>> +permissions. :xen-cs:`38eeb3864d` dropped foreign mapping for >>>> cxenstored. >>>> +However, there are no OCaml bindings for libxengnttab. >>>> + >>>> +Work Items: >>>> + >>>> +* Minimal ``tools/ocaml/libs/xg/`` binding for >>>> ``tools/libs/gnttab/``. >>>> +* Replicate :xen-cs:`38eeb3864d` for oxenstored as well. >>>> + >>>> + >>>> +2. Figuring out which domain(s) have gone away >>>> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >>>> + >>>> +Currently, the handling of domains is asymmetric. >>>> + >>>> +* When a domain is created, the toolstack explicitly sends an >>>> + ``XS_INTRODUCE(domid, store mfn, store evtchn)`` message to >>>> xenstored, to >>>> + cause xenstored to connect to the guest ring, and fire the >>>> + ``@introduceDomain`` watch. >>>> +* When a domain is destroyed, Xen fires ``VIRQ_DOM_EXC`` which is >>>> bound by >>>> + xenstored, rather than the toolstack. xenstored updates its idea >>>> of the >>>> + status of domains, and fires the ``@releaseDomain`` watch. >>>> + >>>> +Xenstored uses ``xc_domain_getinfo()``, to work out which domain(s) >>>> have gone >>>> +away, and only cares about the shutdown status. >>>> + >>>> +Furthermore, ``@releaseDomain`` (like ``VIRQ_DOM_EXC``) is a >>>> single-bit >>>> +message, which requires all listeners to evaluate whether the >>>> message applies >>>> +to them or not. This results in a flurry of ``xc_domain_getinfo()`` >>>> calls >>>> +from multiple entities in the system, which all serialise on the >>>> domctl lock >>>> +in Xen. >>>> + >>>> +Work Items: >>>> + >>>> +* Figure out how shutdown status can be expressed in a stable way >>>> from Xen. >>>> +* Figure out if ``VIRQ_DOM_EXC`` and ``@releaseDomain`` can be >>>> extended to >>>> + carry at least a domid, to make domain shutdown scale better. >>> >>> @releaseDomain (and @introduceDomain) can't be extended, we'd need to >>> add another watch path like @domainStatus/<domid>/<newState>. Xenstored >>> could advertise its capability to raise this watch in /tool/xenstored. >> >> I guess I was being a bit fast and loose with terminology. I didn't >> intend to imply "literally modify @{introduce,release}Domain", as they >> are already fixed ABIs, but more to "compatibly build something which is >> better". > > Okay. > >> >> That scheme would work for improved @releaseDomain, but it wouldn't work >> for an improved introduce. Introduce needs a single key to watch on, >> which hands back the domid so you don't need to go searching for it. > > Yes, and? Its perfectly fine to set a watch firing if anything below > @domainStatus is changing. Hmm - that might work if no other information was put into domainStatus, but would quickly become a scalability problem otherwise. > >> >>> >>> As VIRQ_DOM_EXC is just an event I don't see how the domid could be >>> passed by it. I guess we'd need e.g. a shared memory area which the >>> domain registered for VIRQ_DOM_EXC could map and which would contain a >>> bitmap (one bit per domain). The hypervisor would set the bit on a >>> status change and fire VIRQ_DOM_EXC, xenstored would look for a set >>> bit, clear it and read the status of the related domain. >> >> The point here is to avoid using xc_domain_getinfo() in the first place, >> so there needs to be no "getting the status of the domain". > > I'd guess a single xc_domain_getinfo() in the tools wouldn't be so > problematic. The caller would know the domid already, so no need to > query all domains. Its still a problem when you've got 1000 Qemu's, they all get @releaseDomain, and try to figure out if it is their own domain which went away. This shouldn't require taking the domctl lock in Xen 1000 times to figure out, seeing as xenstored knows exactly which domain actually went away. > >> DOM_EXC is fired for domain_shutdown() only (but for reasons which >> escape me, fired twice). Given that a domid is a 15 bit number, a >> bitmap of all domains does fit within a single 4k page. > > Firing twice is needed: first time for disconnecting all backends > and the second time for cleaning up when the domain is completely > gone. Do we really have pieces of code which count the the @releaseDomain's for a specific domain? Please say no... ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.