[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] xen/xsm: Improve alloc/free of evtchn buckets

  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>
  • From: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Date: Tue, 19 Jan 2021 22:04:22 -0500
  • Arc-authentication-results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@xxxxxxxxxxxxxxxxxxxx; dmarc=pass header.from=<dpsmith@xxxxxxxxxxxxxxxxxxxx> header.from=<dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1611111920; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=L3frx8YIAmkkKTT6OuJKwK5YzDJJEpCMkz1Wy9hPbc8=; b=BHcWht5w/73GuLLFV/RLuXZ5xJAOplSLylXj+f+eGBEN/mWUzKKdwjswGUoxkcyJvwEJd96AQc80ZWQCeETv4cVZIfVJxytB+bbu+B3HB7owrZZyZ4t3XiWnj11y7CobUYk+R3FKHNNFBkCCwCLGlWja1kPxCivu/tycoHX1WX8=
  • Arc-seal: i=1; a=rsa-sha256; t=1611111920; cv=none; d=zohomail.com; s=zohoarc; b=AXl8Hr1q4SR6eXsmETUcDXH2v9LnxcqgcPU/h/NS3VEL/CGMhWut7bcd91NLgljSBU+2yF/XNvtYIns8Az7+x9uRkGc7QGLM9k8boRWon5tUXUdeO4n4n1/KtXhyPjitB9nx71K7QQWs66FyjGfHu1HsIHGQ/8zSoz5sH609fF0=
  • Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Wed, 20 Jan 2021 03:05:40 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 1/18/21 11:21 AM, Andrew Cooper wrote:
On 18/01/2021 15:31, Jan Beulich wrote:
On 18.01.2021 16:06, Andrew Cooper wrote:
--- a/xen/common/event_channel.c
+++ b/xen/common/event_channel.c
@@ -147,6 +147,14 @@ static bool virq_is_global(unsigned int virq)
      return true;
+static void free_evtchn_bucket(struct domain *d, struct evtchn *bucket)
+    if ( !bucket )
+        return;
You could avoid this since flask_free_security_evtchns() has
a similar check. Alternatively it could be dropped from there.

I considered altering both.  However, all functions like this really
should be idempotent.

For this case, the compiler can drop the check from both callsites, and
its safer if the structure of the callers change in the future.

But even if you want to keep the duplication
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>


You can add,
Reviewed-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>

One further aspect to consider though:

--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -309,12 +309,12 @@ static XSM_INLINE int xsm_evtchn_reset(XSM_DEFAULT_ARG 
struct domain *d1, struct
      return xsm_default_action(action, d1, d2);
-static XSM_INLINE int xsm_alloc_security_evtchn(struct evtchn *chn)
+static XSM_INLINE int xsm_alloc_security_evtchns(struct evtchn *chn, unsigned 
int nr)
I wonder whether we wouldn't better identify the difference
between pointer (to individual element) and array by writing
this (and others below) as

static XSM_INLINE int xsm_alloc_security_evtchns(struct evtchn chn[], unsigned 
int nr)

In which case want we want is (unsigned int nr, struct evtchn chn[nr])
which I think is the C99 way of writing this to help static analysis.

Would it be better to switch this to the (unsigned int nr, struct evtchn chn[nr]) you suggested now or wait to make the change uniform? IMHO it is probably better for the sake of existing consistency to keep what you have here, with the understanding that this might get redone as part of a larger function semantic change.

I think we've done so in a few places already, but of course it
would be a long way to get the entire code base consistent in
this regard. Plus of course while this works fine in function
declarations / definitions, it won't be possible to use for
struct / union fields.

Also it looks like this and further lines have become overly long.

Everything is long lines in this area of code.  Its all due an overhaul.




Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.