[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 0/6] gnttab: add per-domain controls


  • To: Julien Grall <julien@xxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Thu, 23 Sep 2021 13:19:52 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=dO+dY5cvH+56MllVutdEH/SCEq0JNQk2yLi4P15abpE=; b=mFfU+U575m2PTvZUfkJfLHcMl8PGEF0WSeMjXHANggisExMbJnG3GmQ94g6Q3dbMeq3tsUaOrLw6oCBpE0hF/hQ75UitIPcNif3QtQ964cRfu0bv5CydsFYqC/QyLpkRbCvtcucK/MZyE7GMIK893SoWKVjtamw3466SUeulDNIQijytveGTDKNIVUiT86HdH28ehJLXuW5NJY+EhzB6KxuKP+uYYTm0M+spglJ0rhtbjc8yR4HeC7B1sgtH1PwE++ctaqH6lAH0Pq1Z8hglnD7YjQPKMcLFp+HVIUlGUMo20vWXDv4BOUjbvwbGh5RKayOMazjEVnMvgfxRBG83qA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YtoBd1HwCFP1G3xsIikhM+pqv6N45zxpjk/fAJjnRRSzYKGV48rjg6IRLOUFvQqSMalg84J/Fg+cCE77R0jxc5yac91g4WEjucweD8eUfBQEv3f+wgrWkgic8N3ROgjnWVA5udcmB8FTojdX3QawXGttxtQy7rDWGX0L9FbG0vvwSxThM5PzuWedpikY0g9d5Snc7rZS60jLpD62XZNbUdmX+LEnJIvu7aWDOxW1jYxDGPjULcQ00+rh2OrKkxQtlYO0lgtIBAgZw/XvSW4WIGu1p2i810PM3Ylr3aGBPjR69iNLde9Jr71bH/z4mjecsJpYULKHu99bFTNvK9W0Jg==
  • Authentication-results: esa5.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, "Wei Liu" <wl@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, "Stefano Stabellini" <sstabellini@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, "Christian Lindig" <christian.lindig@xxxxxxxxxx>, David Scott <dave@xxxxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • Delivery-date: Thu, 23 Sep 2021 11:20:10 +0000
  • Ironport-data: A9a23:OFGPb67bOQid2xdFhNwAjwxRtGjBchMFZxGqfqrLsTDasY5as4F+v mAWUW/SOP2CZWHwc4p+Oomy8kwOvsPVxtYxGwo/+C9gHi5G8cbLO4+Ufxz6V8+wwmwvb67FA +E2MISowBUcFyeEzvuV3zyIQUBUjclkfJKlYAL/En03FVIMpBsJ00o5wrZo2NUw2LBVPivW0 T/Mi5yHULOa82Yc3lI8s8pvfzs24ZweEBtB1rAPTagjUG32zhH5P7pGTU2FFFPqQ5E8IwKPb 72rIIdVXI/u10xF5tuNyt4Xe6CRK1LYFVDmZnF+A8BOjvXez8CbP2lS2Pc0MC9qZzu1c99Z1 el2jYyfYAcQZazHiv8scTxjNigmIvgTkFPHCSDXXc27ykTHdz3nwul0DVFwNoodkgp1KTgQr 7pCcmlLN03dwbLtqF64YrAEasALNs7kMZlZonh95TrYEewnUdbIRKCiCdpwgWxo3JoURq22i 8wxYjxJUyr7eBZ2OxQnLLUAvdiCt0TcWmgNwL6SjfVuuDWCpOBr65DvP8DSYceiXthOkwCTo Weu13/iHhgQOdibyDyE2nGhnOnCmWX8Qo16PIO/8vlmkViC3Fs5ARcdVUa4ifShg0v4UNVaQ 2QY8zQjhbI//0uqSp/6RRLQiHyOswMYWtFQO/Yn8wzLwa3Riy6JC25BQjNfZdgOsM4tWSdsx lKPh8nuBzFkrPuSU3313rWJqTK/PwAFIGlEYjULJSMa5/HzrYd1iQjAJv5iD6ydntDzASv3w T2BsG45nbp7sCIQ//zlpxad2Wvq/8WXCF5ujunKYo67xh5FX7a1SKWo0APa5uRbHaS8dXyI5 GdRzqBy89syJZ2KkSWMRsAEE7eo++uJPVXgvLJ/I3Uy32/yoCP5I+i89Bk7fR0wY5tYIFcFd WeO4Vs52XNFAJe9gUabiaqKAsI2xODLEd3/X5g4hfIfP8AsLGdrEMxoDHN8PlwBcmBwysnT2 r/BKK5A6Er274w9l1JaoM9HjdcWKtgWnz+7eHwC503PPUCiTHCUU6wZF1CFc/o06qiJyC2Mr Y0FbJDSk04BCryvCsUyzWL1BQpRRZTcLcqqw/G7i8bZelY2cI3fI6W5LUwdl3xNwP0Oy7agE oCVUU5E0lvv7UAr2i3QAk2PnIjHBM4lxVpiZHREFQ/xhxALPNb+hI9CJsBfVeR2q4ReIQtcE qBtlzOoWa8UFFwqOl01MPHAkWCVXE7w2F3Sb3b7OmhXklwJb1Whx+IItzDHrUEmJiG2qdE/s /un0AbaSoAEXANsEIDdb/fH8r97lSN1dDtaUxSaL99NVl/r9YQ2eSX9guVue5MHKAnZxyvc3 AGTWE9Kqe7Iqo4z0d/ImaHb8Nv5T7ogRhJXTzvB8LK7FSjG5W7/k4VOZ/mFIGLGX2Tu9aT8O egMl6PgMOcKlUphupZnF+o51ro34tbi/ucIzgltEHjRQU6sD7dsfiuP0cVV7/Ufzb5FowqmH EmI/4ACa7mOPcrkFn8XJRYkMbvfha1FxGGK4K1sckvg5SJx8L6WamloPkGB2H5HMb94EII52 uN96sQY3BOy10gxOdGcgyEKq2nVdi4cU78qv40xCZPwjlZ50UlLZJHRB3Ok4JyLbNkQYEAmL iXN2fjHjrVYgEHDb2AyBT7G2u8E3cYCvxVDzVkjIVWVm4Wa2q9rjUMJqTlnHB5Iyhhn0v5oP jk5PkJ4EqyC4jN0iZURRGurAQxAWEWU90GZJ4HlT4EFo51EjlDwEVA=
  • Ironport-hdrordr: A9a23:/Q4yPKwFCq9SvuX5sJOzKrPxv+skLtp133Aq2lEZdPULSKKlfp GV88jziyWZtN9wYhEdcdDpAtjnfZr5z+8J3WB3B8bfYOCGghrTEGgG1+rfKlLbakjDH4JmpM Ndmu1FeaLN5DtB/LbHCWuDYq4dKbC8mcjC74qurAYOPHJXguNbnnxE426gYzxLrWJ9dOME/f Snl616T23KQwVoUi33PAhIY8Hz4/nw0L72ax8PABAqrCGIkDOT8bb/VzyVxA0XXT9jyaortT GtqX222oyT99WAjjPM3W7a6Jpb3PPn19t4HcSJzuwYMC/lhAqEbJloH5eCoDc2iuey70tCqq iCnz4Qe+BIr1/BdGC8phXgnyHmzTYV8nfnjWSVhHPyyPaJDw4SOo5kv8Z0YxHZ400vsJVXy6 RQxV+UsJJREFfpgDn9z8KgbWAoqmOE5V4Z1cIDhX1WVoUTLJVLq5YEwU9TGJAcWArn9YEcFv V0Bs203ocXTbqjVQGdgoBT+q3pYpxqdS32BXTq+/blkgS+pUoJjXfxn6ck7zE9HJFUcegN2w 2LCNUwqFniJvVmGp6VP91xNPdfPFa9CC4kAFjiU2gPK5t3T04li6SHqondt9vaNaDh8vMJ6e L8uRVjxDYPR34=
  • Ironport-sdr: OC+pEBFdVQTpi4PNsDt5LIsrxzyDBVRuk6PowLN7HobNhdsnqkL6Rdv7PPDCqzqGKk3wXQz0vq YheaEDr+ZUmyLYLcpdCzk1rEdRQbnq/t3+o5LKTchJzCmmLoKyJlgCdsfxZvjafD7+l7ClHd0g rUi6C2ewx9GoKQpmandEqLymp8dHRzMOX4Q7uEi87cEBMi4qBHeFxHrHbln8pf9EYdX2ITqruZ +TQhczhGnGAPfpQW28r6BecpaWD6bqe5kfHQQ0eJ2vBVG0l7ULXGVuxNcvzfYCACW0XHA0xK55 i2cFb2hNPdC/9oa9QF+hjnLD
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Thu, Sep 23, 2021 at 01:47:37PM +0500, Julien Grall wrote:
> Hi Roger,
> 
> On 22/09/2021 14:39, Roger Pau Monné wrote:
> > On Wed, Sep 22, 2021 at 01:57:02PM +0500, Julien Grall wrote:
> > > 
> > > 
> > > On 22/09/2021 13:21, Roger Pau Monne wrote:
> > > > Hello,
> > > 
> > > Hi Roger,
> > > 
> > > > First patch on the series is a trivial change to xenconsoled in order to
> > > > use xenforeignmemory stable library in order to map the shared console
> > > > ring instead of the unstable libxc interface. It's reviewed and ready to
> > > > go in.
> > > > 
> > > > Patches 2 and 3 allow setting the host wide command line `gnttab` option
> > > > on a per domain basis. That means selecting the max allowed grant table
> > > > version and whether transitive grants are allowed.
> > > > 
> > > > The last 3 patches attempt to implement support for creating guests
> > > > without a grant table. This requires some changes to xenstored in order
> > > > to partially support guests without a valid ring interface, as the lack
> > > > of grant table will prevent C xenstored from mapping the shared ring.
> > > > Note this is not an issue for Ocaml xenstored, as it still uses the
> > > > foreign memory interface to map the shared ring, and thus won't notice
> > > > the lack of grant table support on the domain.
> > > 
> > > I find a bit odd that the Xenstore support is conditional to whether grant
> > > table is available. Are you expecting domains with no grant table to have 
> > > no
> > > PV drivers (including PV shutdown)?
> > 
> > I don't really expect much, as having guests without grant table is a
> > developer option right now, if someone wants to make use of them for
> > any reason it would need some thought.
> > 
> > The other option would be my first proposal to restore foreign mapping
> > of the xenstore ring on that case:
> > 
> > https://lore.kernel.org/xen-devel/20210917154625.89315-6-roger.pau@xxxxxxxxxx/
> > 
> > But it's also arguable that a guest not having a grant table should
> > also likely prevent foreign mapping attempts. Plus such foreign
> > mapping won't work from stubdomains.
> 
> There is another option: extend the acquire hypercall to allow xenstored
> domain to map the xenstore interface. This would require more work, but at
> least it would avoid the interesting dependency on the grant table.

Xen isn't aware of the shared xenstore ring page currently, so that
would mean introducing more knowledge to the hypervisor that what's
strictly required IMO, as Xen has no business in knowing such details.

The grant table slot used by the xenstore shared page is just an
agreement at the toolstack level, but not known to the hypervisor so
far.

> > 
> > I'm fine with dropping those patches if they turn out to be too
> > controversial, I think it's an interesting option to be able to
> > disable the grant table, but I don't have a full picture of how that
> > could be used in practice. Maybe others have and would be willing to
> > pick this up.
> 
> I think the current approach is probably OK as a developper option. However,
> we should at least document in the option that disabling the grant-table
> will also disable Xenstore (anything else?) support when using C Xenstored.
> 
> It might also be worth to clearly state in the doc that this is only
> intended for developer use and not supported.

Sure, adding it to xl.cfg man page is likely the best place. Will do
when updating the patches.

Thanks, Roger.



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.