[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Understanding osdep_xenforeignmemory_map mmap behaviour

  • To: Viresh Kumar <viresh.kumar@xxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>
  • From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • Date: Wed, 24 Aug 2022 09:44:30 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kwbnY7ykDoyYsdByUWKkkankSyCOY4YGz+mW9LrjSwU=; b=WQTvZhlQ0Hog3XssOahvTsN3lsJdkdWV22cs60NE0pWgFzmuvq7SASsGEB2tAn8Xe44xrr1Omm0SMwswtZMgnThE8Js4vGX2Lys+Ou9OaQpceZxLQ8jyaJaauNxO1XlgVKSJzrA6RlxKLmrVxPTUxYNHLdJIOkH6RW3d04gGhqA/bwPbMX0NP+p8d2JIW/HQGpykouRpRZQMw8STQoI+gCP+uLsbc8U1HIl16SHYNCDmFVYXMOcUZOwbyFUSGUBIuqpYIZNZ5Gea31Cx8sZMAmG+Nf+grXvnIhudZj8G1EnL+WE5THv7eiGoxpFsbhhJSf8yOaZjDli+6gmaz8pYBA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FTSNRJ3VVrImgS/BzKbpLDtzS+ArxBRxbaAfSEbcMvakgPWkjqkzZ728JYGZ6981O1hAZg2gpjsPHlFdkKkitxmy5rx5pTIgXzwFGkKkMW6BMCz/JiuCQAVkNY3xUrqYA2QvTdeUHglgvmWLOI9QCm7bwZY0SC14SKNrk2djYehWyPu2Fx2oRfmp+wBE0PRsL0nz02e0FFikYWgH28YX8VRaP27rl2r2SNnKYW6e1y/rwGrYe4qB9AZl4BbRbJgkO+zbiDRIDzJrYt00yP4hZMYSUGI6MxMf+8x3TNMy7ITe3DfKbI1csPGAlLeqR3/Dj+O5bz/yzvMj7zgj+qDUEQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, "alex.bennee@xxxxxxxxxx" <alex.bennee@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>, "Stratos-dev@xxxxxxxxxxxxxxxxxxx" <Stratos-dev@xxxxxxxxxxxxxxxxxxx>, "mathieu.poirier@xxxxxxxxxx" <mathieu.poirier@xxxxxxxxxx>, "christopher.w.clark@xxxxxxxxx" <christopher.w.clark@xxxxxxxxx>, "boris.ostrovsky@xxxxxxxxxx" <boris.ostrovsky@xxxxxxxxxx>, "gregkh@xxxxxxxxxxxxxxxxxxx" <gregkh@xxxxxxxxxxxxxxxxxxx>, "vincent.guittot@xxxxxxxxxx" <vincent.guittot@xxxxxxxxxx>, "olekstysh@xxxxxxxxx" <olekstysh@xxxxxxxxx>
  • Delivery-date: Wed, 24 Aug 2022 09:44:46 +0000
  • Ironport-data: A9a23:523pXKugh+VbnmtPQHT8wbKjAOfnOphVZkbc3cifNrXeuWXxXwvKv0XisSsq3Mm8OoGr1iCbPhvvLs5IgMKsczub7p1jDyG6WRXHpZgm8DeMTj8RQzKCDm8/0Oi1lX8DQW8eGMzZDMzyZTbtFikXqvUwKTCmGz/sfAgDUKlGl+WDhaQAD3LtuGdVdCmdqTiaXHOulgVdVa8LxE6s7ad6l+9S7IY2b2DGH+kJzw6e7Nd98uqBTAwe6+3NSq6kvUTDU4uDdlsCJRjJvWK4c2N647gfwwKTrSJiYrEmSAaZVRznkjHuT8rOxo4fpx7gh6zU/aK3WPOl6BkYu2SVMdlMu2SsqwkWqjO2wWTOCAklNj8HyRe9x2J0WQuKkZ1+63ebyLY58X/8t2elpFqj5rGDNNP4+8tHUS0SI58wqGvd+qUIiomxufrOGyo+ITs/mZxd3RmNqCL8ssoEnfyFI1Z0Bbs2x+42lvnPaTCrGiZcccfjwnV1oGXG/YpOu1QMQ/ZhosZxtRrBU5qrGFh86aADrhP/pXkUM7u/JjOMIN6aG4DFngBC9Qx7eEbGCLNWmlhbS0S8IqzSnPyknaxKsGRbYQ3Me7g5ZvjGX+gPugBm83YQ2YvHa7EIuvEY3mvaWXat6frpvVdp0BtLHZxb8d66KnRRjFbAu0+u9SOCJj9nO+5NMeojv8i3DrGLumcB/NAx6I7HAcXNZZ8Qz30Dl+7GZv8WyRI/onTf0zPVQYCdYglslp8snsY6qlG0SX8C3krgyaBivuQpmO6lvUV57CIGcrbzi782OTwoSXs6IbHgNpBRaJKZC/uv2JJoE0XyWvGwaM+qA14x9gxJ381Y6f94eEGu+P2tiZpJ54oIYtJfZGuWVSiLVR8iX+2Uhd/bYriOyz7BCTVvLb7KplyGI+/lnyufxKbfkDrGB/C9TFzhwgdGdHW/9mbRmtIzQAU4oGyG+AISh71FxdQyGr8apfUlecyxG8AiLU4PaNXVSgfpWa1TeD1NiGYmS22vfbYwUvuPW+Z9EaEMZB8QPWhVPjxapF3QKTuoquKYW1EmVh2UwLx/CFvhy727Ha/kIB5rwPbxonagNSTJqrCH7EiHVOw5i+a019shRT4DhVaByF5PN502r7sdfs1RnWktpKFDUnuNZ2zbybdpVRPfEFiYDBhgBN7ki4v5LDg0ZgL85FeX70UqmvwHKpisMCY7rMVjzhB+kBahsQbjjEa51nJ+ILZNn/9zlRnV5KUPQHQJYIXKSsTtqYSsfMhkpSVuHgCX1WWmP8T4f/k8n5RJ8h5ZJZQ38BkT2W84upTj+UPf+/xc8D9jkZ+4Ga4NBLp1XFPZyZ8pYUEwuJNaiVNxM4t5W1rZoGNjtsozZaCX87xMHOpHxfNusjaE49nZBNXiUS8SyOekHKceOPkEgdJjOkjEo2i5hAGqrngcDdPC6V+oiD5jADGaPzlXJ59J1o50grGEQMVJNpNlkTOpazJf0SFu3Yjn0P8HoW+xbiW60lQBjGvLO4D+QPIdNe5XrZAlMIvK9KUlBEbpoASkroJYyr9CuzR0vXg0hp+ow0uWMCrtxfRowPXp7PS4l91+AHfVqkFm3taoaVF9jN+dEGEl5wBttQcikuK106Z3JMbUL4X31hp927IrNp1JjvU+pNGVuwOAVakdfcPMF/sORnXWjeMN7MDUquufy9s24HhhwgbdkXyw+LdIrGx+Z5ODVSkOjKdzZf9waFmUAL2S4JFhXf0tIY/SAMgXXYlfhhCgtsp/u4mmZUvMDiE56F5IbLL1VPdnOSUW+8UeTvfCHLdSHEKQyeFQp7qMX6E2qA2zpo42ImufVRs0PMUZTml1crXz+6JFlk8qK4/pxo1Mi50Uqs1s1BBJeeuMwxumsWTTscI1VMBfvbdor/iFeO7GOJt89zCm4FBoGgQlbF7NRoWhQ/2sRIoVkKZlYjJJNTOLACWnYK2bMmUvU+z1K/f6J/d9yZ0HKWdteP9i5dv12tTE53/229EZHqtJFD9tDDE6O8djwS846o+cbqdTWPJr2PNv6kdEcFa44D+n/CEyCOVv86fpnObFQjQ9YpYhIwtTX+ULGXz7otL98t2gRVzh+PF7faoBgFKPGtfaI/xGrBAmfdZ0OlrqYgqenApBZWEqSBmrFtB686O8OP964Qz93z7HWaJ/2TXmKGoU3jctFazNDh0rewzbxCRXOwG3MCzZJz53aB8ZlnVO4i/oIEFj6GZe/o2QH+GbSBhghDMXI7w5EzPv8KsJcPbF8/5SAe+rrHefIUGfk7Jri5kKLBpbZIei8Z3XJ4tCmsk8FzjcmEhz7xo0E7PnsW6g206zpOTdVCgdF3e28caQoIq2xmBNmgCzfA9/g4Cbj8LmWffGNCRVvIYUhzNqIgbVkZT6ytvl5iZUmovhjGsIhwEUfRhHB9aEYeziASY+yZBd1iI66moTf3R6KERDWZLtExvvv6usrzPjL8F8oLNPg9ynDX9Y+XXFLCxubUd2aZzgkeKocO2g9R8x4Q7Hr3i8yY+SN3F3F3TiIUCWQpMBWstSpGGRVCLey2iFYndPghYYhe5vYNLfcjbGOme14cH2WZ5aBhgIrDn877YOODIvxHGEwdM2OJePHoXkvOPZEv3Ln8fSboOCt3eDPgC5Q6iJMMMGUEIU3YXEQnSS8KBT9lPbi3QyGuCGwgwz0tYC+xv6ap6oITDEG7nQx0A25JkWWIb+wZ8vx6+3rwOf/5g4Hiv4XT+Y8tczhv+Uc4JE5PMaewpvEh9tucjcVegclNftLZNL9xfzuwULfL2L1ZrFni+kJabaGPTEetYSpEH3zKOq0+tpPORfcoK7LzGtTDBYTxqTn1Hsgg8M91hvfIZvQcIb5HMboHR5b+Vd5g1+zuhOy8Gb58sw/38TrX77IGXi3+G3E9yny+QoZpLfwk2pXczHBOeXYHHna0GlDwALAAddhm+xAJ11pP3OOAGxt31pnw45vjLEhZl2apjCnixuQF9byfulF/wzk0Vd8nCC38HbmhyJOWTYM6znFQjgSaeiknI8McjEzzaxkNPJkBasUmG8LS+1/KdUCb5+N8P0uFvoDbOMFNnraNPhnHRfdLc28hUC4Ly5Job67cy4LHWW
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHYPyB2MlnPWsZzkUKnVxqi+u89/6zN/SaAgPC5xQCAAAcKAA==
  • Thread-topic: Understanding osdep_xenforeignmemory_map mmap behaviour
On 24/08/2022 10:19, Viresh Kumar wrote:
> On 24-03-22, 06:12, Juergen Gross wrote:
>> For a rather long time we were using "normal" user pages for this purpose,
>> which were just locked into memory for doing the hypercall.
>>
>> Unfortunately there have been very rare problems with that approach, as
>> the Linux kernel can set a user page related PTE to invalid for short
>> periods of time, which led to EFAULT in the hypervisor when trying to
>> access the hypercall data.
>>
>> In Linux this can avoided only by using kernel memory, which is the
>> reason why the hypercall buffers are allocated and mmap()-ed through the
>> privcmd driver.
> Hi Juergen,
>
> I understand why we moved from user pages to kernel pages, but I don't
> fully understand why we need to make two separate calls to map the
> guest memory, i.e. mmap() followed by ioctl(IOCTL_PRIVCMD_MMAPBATCH).
>
> Why aren't we doing all of it from mmap() itself ? I hacked it up to
> check on it and it works fine if we do it all from mmap() itself.
>
> Aren't we abusing the Linux userspace ABI here ? As standard userspace
> code would expect just mmap() to be enough to map the memory. Yes, the
> current user, Xen itself, is adapted to make two calls, but it breaks
> as soon as we want to use something that relies on Linux userspace
> ABI.
>
> For instance, in our case, where we are looking to create
> hypervisor-agnostic virtio backends, the rust-vmm library [1] issues
> mmap() only and expects it to work. It doesn't know it is running on a
> Xen system, and it shouldn't know that as well.

Use /dev/xen/hypercall which has a sane ABI for getting "safe" memory. 
privcmd is very much not sane.

In practice you'll need to use both.  /dev/xen/hypercall for getting
"safe" memory, and /dev/xen/privcmd for issuing hypercalls for now.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.