Xen project Mailing List

Re: [PATCH v2 3/7] xen/evtchn: restrict the maximum number of evtchn supported for domUs

From: Rahul Singh <Rahul.Singh@xxxxxxx>

Date: Tue, 23 Aug 2022 14:01:36 +0000

Accept-language: en-US

Arc-authentication-results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com])

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none

Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=y+ej1yBQCJVyJGLwgRjRJFHvX7WbtAvkJdVtj8uSI6U=; b=dSYQkNyfnXgNMqPTEIWXfnGFG+uDuhAnA9S+yvcL7tR9vqMOtO3CrCphEBTBSIuoNuxEBW0oIKSrArV8wk3kFhlmHLEeTkTPXwJVL3auI9S8J6dc9YbhsbSR78+dFsNwOcIdFPrfX8kmceJaeEVb5cf0NfkVzN27sbsQo/lQTB39y5c409l8kTVK7kLxIpGm0x2yyzHTgjVO3IPFlr4M+IheshW73Thb0QY0OouCCu+vnSbCZdpAkmabfAVl1y3F/YUAaHvBtxwAcA32z74fP0ZYEgQoJJHZpHDneAcRd6DeG7N/MkbS/ZKsrbtXG8R5CUB83fPcR8xD2QsPmgvoKw==

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=y+ej1yBQCJVyJGLwgRjRJFHvX7WbtAvkJdVtj8uSI6U=; b=JOLHks4if66Z+ILHfY/vDXWV7IItARjPHB/fEHve2Kaqt8QhNIv5MVtqj5eWw3Qp+7GZmsqnYwJZhEKW5UL70Jn8sMIOkK+rlk0BF2QdSgQlF+Pgs9Olcg97y7OxtQn3o2sl7wjcDldYHBNvrdI/5RsPpLwbo9sKGmWEQ9v+cUUh+AQaP5yNSwJsducGfs7rMj5DEWmjbqRDYJyl4FM8YhfkJuAGvh1423kHOt9JpSmdTh7cgLCNOv4F5Qc1QFNp4bsEZfLWjVDR9WMOoDtbN/W//4DSjTX/qWLWf403BXpVAQhChGVd9HLbF+VaXjc0PfUB+6a36bPJuuqQKSYDWw==

Arc-seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=WoLonNWFIs8Noend2qLvzFHpbRzm2y11HLmBE4+kxfHCdU9XZRX16fUlaWLhxmCPdeP52JlKc+vnKhgvZl+VkjKNcipMz0ItjRbBll6lDrjDnPhmKrWQrK4DQUtyUrnJVn+Yi0WyFJukZJ3jgkuCfOxfcYccjQ8VDdxDNX8BVkTRwYNHI00hceYWdggLTvJ+Tv/fiY99UJtbxTzqf/6UEYEX4f48GWQPsWvnL+xk/MZmcwA3lmbhCM8NzVVufiu+jnYrDQjdhVaujAvrB7JtpxVg8A5SwMYexD0Qh6xSmrqLyeDG077mZHLIXaHGwFoVZCllcxHIVnXxnpAyJZiaVA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lYYCxymk6m/j8dBB0KcYpdFoI1r0E5wiGxJtMWSnb1li3y2Pql6A+nfLallRubeQzi6qLEIdYzbtatlWTjqe/tLr9Jjz61uVsbS4vTGDs1/QPz+nkH86rGLyEDjg6sAvC8Mz5Nv+xySf7em1nCEwfUgNts7ReYAd7j1YVRD0sHgM7s2qGl66TgXh4dGXQa9S7z6Me8WKnsUbo44zlzina37HPMcT2aJ6vBhoxHlBcXrQH3H4AjYG09SW5juCd2ija75yjDfgZCi4YEYvyUBbSHQ4sdX/fzwzaxezfqxyuR4bqBdeOAACNCaOChDHccBIw4HP+GBAWj76bwrR70VhRg==

Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;

Cc: Jan Beulich <jbeulich@xxxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Tue, 23 Aug 2022 14:02:14 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Nodisclaimer: true

Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;

Thread-index: AQHYs7MVCCbVCzB/DU2JPHyjxuVOOK269JmAgAEvmICAAAk5AIAAJFMAgAAPuACAABSBgIAAFFsA

Thread-topic: [PATCH v2 3/7] xen/evtchn: restrict the maximum number of evtchn supported for domUs

Hi Julien, > On 23 Aug 2022, at 1:48 pm, Julien Grall <julien@xxxxxxx> wrote: > > Hi Jan, > > On 23/08/2022 12:35, Jan Beulich wrote: >> On 23.08.2022 12:39, Rahul Singh wrote: >>> Hi Jan, >>> >>>> On 23 Aug 2022, at 9:29 am, Jan Beulich <jbeulich@xxxxxxxx> wrote: >>>> >>>> On 23.08.2022 09:56, Julien Grall wrote: >>>>> On 22/08/2022 14:49, Jan Beulich wrote: >>>>>> On 19.08.2022 12:02, Rahul Singh wrote: >>>>>>> --- a/xen/arch/arm/domain_build.c >>>>>>> +++ b/xen/arch/arm/domain_build.c >>>>>>> @@ -3277,7 +3277,7 @@ void __init create_domUs(void) >>>>>>> struct xen_domctl_createdomain d_cfg = { >>>>>>> .arch.gic_version = XEN_DOMCTL_CONFIG_GIC_NATIVE, >>>>>>> .flags = XEN_DOMCTL_CDF_hvm | XEN_DOMCTL_CDF_hap, >>>>>>> - .max_evtchn_port = -1, >>>>>>> + .max_evtchn_port = MAX_EVTCHNS_PORT, >>>>>>> .max_grant_frames = -1, >>>>>>> .max_maptrack_frames = -1, >>>>>>> .grant_opts = >>>>>>> XEN_DOMCTL_GRANT_version(opt_gnttab_max_version), >>>>>>> --- a/xen/include/xen/sched.h >>>>>>> +++ b/xen/include/xen/sched.h >>>>>>> @@ -76,6 +76,9 @@ extern domid_t hardware_domid; >>>>>>> /* Maximum number of event channels for any ABI. */ >>>>>>> #define MAX_NR_EVTCHNS MAX(EVTCHN_2L_NR_CHANNELS, >>>>>>> EVTCHN_FIFO_NR_CHANNELS) >>>>>>> >>>>>>> +/* Maximum number of event channels supported for domUs. */ >>>>>>> +#define MAX_EVTCHNS_PORT 4096 >>>>>> >>>>>> I'm afraid the variable name doesn't express its purpose, and the >>>>>> comment also claims wider applicability than is actually the case. >>>>>> It's also not clear whether the constant really needs to live in >>>>>> the already heavily overloaded xen/sched.h. >>>>> >>>>> IMHO, I think the value would be better hardcoded with an explanation on >>>>> top how we chose the default value. >>>> >>>> Indeed that might be best, at least as long as no 2nd party appears. >>>> What I was actually considering a valid reason for having a constant >>>> in a header was the case of other arches also wanting to support >>>> dom0less, at which point they likely ought to use the same value >>>> without needing to duplicate any commentary or alike. >>> >>> >>> If everyone is okay I will modify the patch as below: >> Well, I'm not an Arm maintainer, so my view might not matter, but >> if this was a change to code I was a maintainer for, I'd object. >> You enforce a limit here which you can't know whether it might >> cause issues to anyone. > > I understand the theory and in general I am not in favor of restricting a > limit without any data. However, here, I think we have all the data necessary > that would justify the limit. > > In order to use event channels, a guest needs to know which PPI is used to > notify the guest. > > Until recently, we didn't expose the node to dom0less domUs (this was > introduced when adding support for PV devices). So a guest couldn't discover > that event channels are used. That said, if the guest figured out the PPI > (the value can be guessed) then it could potentially use the event channels. > > However, for Xen on Arm, we are not supporting any guest that don't use the > firmware tables (e.g. device tree/ACPI). So for such use case, I don't care > if it breaks because they are relying on unstable information. > > What I care about is any user that follow the rules. We only started to > advertise Xen via Device-Tree to dom0less domUs after 4.16. So I think this > is fine to restrict the limit now because we haven't released 4.17 yet. > > Regarding the default limit, I think it is better to stay consistent with > libxl and also use 1023. If an admin wants more event channels, then we could > introduce per-domain property to overwrite the default. > > It should not be too difficult to add, but I don't think this is a must. > So I will let Rahul to decide whether he has time to add it. I prefer that we will first finish merging the ongoing event channel series. I have created the task in our backlog, Arm will handle this task in the near future. Regards, Rahul

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.