[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 7/7] xen/arm: introduce new xen,enhanced property value


  • To: Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • From: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>
  • Date: Wed, 31 Aug 2022 09:52:25 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com])
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2GA2gRYET2YwqadhIflqkjLc3pgwBRhZTr+JWGVqf4w=; b=BZaTmzFa60kIPUuIFQY0AIymMBy+AxZF1OicFGL3I4Bkv5o/QaT/ZZshOMxtAv4EXov735vCXirY1+foOaaMctTlY9tohdm0lK3LwkT3cl834ab9Jx+jMJnlypdyceZqlJlYMgxhp76GDkG8IZ3QWIg6uPyBAl4o1hOhdubd8m8anxEEV+LLkb9WeRlfdl1kZMbPrR6HXIqaUsxJHuFxN+4hCsuEuA3V1Kig1i7r7jb2fsbHxLRhsh+ewP3axFp55RVVplJPMJMRyArhQSt796GOPOm6C2njYguXah+saJJTx0nT1GN6QMMG4wb1bqxL/NvSwwN51AzZuRilK2y9IQ==
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2GA2gRYET2YwqadhIflqkjLc3pgwBRhZTr+JWGVqf4w=; b=iek2hgAgSWCwLNy96XNRHwzLf6boU9X+2kn/aPUJlUeWp0DIJGvqkq2PK5+5jIA+euib9vq1Pr9wZnaAA8c+rifKZ7b05Io8Jufd73+2sEmoWcWMQlRJop5laeMqtVelvHZsyc8Fk4bDPUx37T5hEGYv+DlfVOPiS+0n10Ii2bK9pW2uw3oAFzk0QpiXMvwGdILC+SiNDJYThtYCb78k8Vp80aBK1GjtTdXQpKZyZL7aU+HxkRZUVXBV0IQsr5H2LBRsdJ7x9L/Pj6+U74TyiLVTIHYoM9p1/GO6tazh7x7VyILwDZxYo1utG2vQUMl+JqScsYzM5fKjV893Y6wwAA==
  • Arc-seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=AkZ13qBWoiCRH8WlPPpdr32evVDnCbpglFc5o+zP4IZrEFXIm+8rsl60D2/MzYVYTqeD9ZGPTXvNHzGB17HZeDdrr/aRx0ExHHSSeZNcuNw0NlxMotHfqzn4dIdoJfsk4QKT5iQns3g3AwXMZB0RpGcrlOYxWyOYT/JzykHxpRcIpJJNVlyZ5IpG+RA49MxJFCN9GEL+Y/+cW1SWfhnTi8N755ZhiuJYz+Rn82mHpvkz2gXomjzMwYiDp4FVW5hz+O4HB68hv9b+iNZgrlis1JDwYByYpWvE3oP5peah21Ge6rfsbVrUgV86bCl4IS4+BcvJU9ulCkei6heVuKuBRg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n7BCZEJ4QKsK8nfGxorWqaU190Org5PH0zK3NQHmvbFZd3tQN26FiWd9O+58zcSy6U2xvYcyi6PbNTA8guS8poNTX8K1ZLsRtjjpEIsB/FHJlkN/1hOvHWGI/fBR/sPk0aIbQ6ff5RqjsvAGgrpbmmZlPfkS+zMACREeVbgQO+LaMDAVoe3jnAuRdAM/8oE5zMHGxgIZYngBeoQBlwkmCg8hXVhO5xIJqBg5ut76jtZvgG3PCStwnohpFhjy4XpI8FZYqIGPocgpHc6eRPwMJ5SKcoNW5TxAeYFKWFBlc3hIkE7LxoV7T85BICUAr1QvwRIAGniugcIA3OWMOXS4wQ==
  • Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Cc: Julien Grall <julien@xxxxxxx>, Rahul Singh <Rahul.Singh@xxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • Delivery-date: Wed, 31 Aug 2022 09:53:14 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHYs7NVsywB9ZS1YkG+gj2FUNdLeq28SEyAgAG2wYCAAAw/gIAAHKuAgAAPTYCAABB2AIAAWmwAgAAL9QCAACl/gIAAbLmAgAAg9QCAAALsAIAAhRWAgAjqDQA=
  • Thread-topic: [PATCH v2 7/7] xen/arm: introduce new xen,enhanced property value

Hi Stefano,

> On 25 Aug 2022, at 18:44, Stefano Stabellini <sstabellini@xxxxxxxxxx> wrote:
> 
> On Thu, 25 Aug 2022, Bertrand Marquis wrote:
>>> On 25 Aug 2022, at 10:37, Julien Grall <julien@xxxxxxx> wrote:
>>> On 25/08/2022 08:39, Bertrand Marquis wrote:
>>>> Hi,
>>>>> On 25 Aug 2022, at 02:10, Stefano Stabellini <sstabellini@xxxxxxxxxx> 
>>>>> wrote:
>>>>> 
>>>>> On Wed, 24 Aug 2022, Julien Grall wrote:
>>>>>> On 24/08/2022 22:59, Stefano Stabellini wrote:
>>>>>>> On Wed, 24 Aug 2022, Rahul Singh wrote:
>>>>>>>>> On 24 Aug 2022, at 4:36 pm, Julien Grall <julien@xxxxxxx> wrote:
>>>>>>>>> On 24/08/2022 15:42, Rahul Singh wrote:
>>>>>>>>>>> On 24 Aug 2022, at 1:59 pm, Julien Grall <julien@xxxxxxx> wrote:
>>>>>>>>>>> 
>>>>>>>>>>> 
>>>>>>>>>>> 
>>>>>>>>>>> On 24/08/2022 13:15, Rahul Singh wrote:
>>>>>>>>>>>> Hi Julien,
>>>>>>>>>>> 
>>>>>>>>>>> Hi Rahul,
>>>>>>>>>>> 
>>>>>>>>>>>> Please let me know your view on this.
>>>>>>>>>>>> diff --git a/xen/arch/arm/domain_build.c
>>>>>>>>>>>> b/xen/arch/arm/domain_build.c
>>>>>>>>>>>> index bfe7bc6b36..a1e23eee59 100644
>>>>>>>>>>>> --- a/xen/arch/arm/domain_build.c
>>>>>>>>>>>> +++ b/xen/arch/arm/domain_build.c
>>>>>>>>>>>> @@ -3562,12 +3562,7 @@ static int __init construct_domU(struct
>>>>>>>>>>>> domain *d,
>>>>>>>>>>>>   if ( rc == -EILSEQ ||
>>>>>>>>>>>>     rc == -ENODATA ||
>>>>>>>>>>>>     (rc == 0 && !strcmp(dom0less_enhanced, “enabled”)) )
>>>>>>>>>>>> -  {
>>>>>>>>>>>> -    if ( hardware_domain )
>>>>>>>>>>>>       kinfo.dom0less_enhanced = true;
>>>>>>>>>>>> -    else
>>>>>>>>>>>> -      panic(“Tried to use xen,enhanced without dom0\n”);
>>>>>>>>>>>> -  }
>>>>>>>>>>> 
>>>>>>>>>>> You can't use "xen,enhanced" without dom0. In fact, you will end up
>>>>>>>>>>> to dereference NULL in alloc_xenstore_evtchn(). That's because
>>>>>>>>>>> "xen,enhanced" means the domain will be able to use Xenstored.
>>>>>>>>>>> 
>>>>>>>>>>> Now if you want to support your feature without a dom0. Then I think
>>>>>>>>>>> we want to introduce an option which would be the same as
>>>>>>>>>>> "xen,enhanced" but doesn't expose Xenstored.
>>>>>>>>>> If we modify the patch as below we can use the "xen,enhanced" for
>>>>>>>>>> domUs without dom0.
>>>>>>>>>> I tested the patch and its works fine. Do you see any issue with this
>>>>>>>>>> approach?
>>>>>>>>> 
>>>>>>>>> Yes. For two reasons:
>>>>>>>>> 1) It is muddying the meaning of "xen,enhanced". In particular a user
>>>>>>>>> may not realize that Xenstore is not available if dom0 is not present.
>>>>>>>>> 2) It would be more complicated to handle the case where Xenstored 
>>>>>>>>> lives
>>>>>>>>> in a non-dom0 domain. I am not aware of anyone wanting this on Arm 
>>>>>>>>> yet,
>>>>>>>>> but I don't want to close the door.
>>>>>>>>> 
>>>>>>>>> So if you want to support create "xen,xen" without all the rest. Then 
>>>>>>>>> I
>>>>>>>>> think we need a different property value. I don't have a good 
>>>>>>>>> suggestion
>>>>>>>>> for the name.
>>>>>>>> 
>>>>>>>> Is that okay if we use the earlier approach, when user set  
>>>>>>>> "xen,enhanced
>>>>>>>> = evtchn” we will not call alloc_xenstore_evtchn()
>>>>>>>> but we create hypervisor node with all fields.
>>>>>>> 
>>>>>>> Thinking more about this, today xen,enhanced has the implication that:
>>>>>>> 
>>>>>>> - the guest will get a regular and complete "xen,xen" node in device 
>>>>>>> tree
>>>>>>> - xenstore and PV drivers will be available (full Xen interfaces 
>>>>>>> support)
>>>>>>> 
>>>>>>> We don't necessarely imply that dom0 is required (from a domU point of
>>>>>>> view) but we do imply that xenstore+evtchn+gnttab will be available to
>>>>>>> the domU.
>>>>>>> 
>>>>>>> Now, static event channels are different. They don't require xenstore
>>>>>>> and they don't require gnttab.
>>>>>>> 
>>>>>>> It is as if the current xen,enhanced node actually meant:
>>>>>>> 
>>>>>>>  xen,enhanced = "xenstore,gnttab,evtchn";
>>>>>> 
>>>>>> Correct.
>>>>>> 
>>>>>>> 
>>>>>>> and now we are only enabling a subset:
>>>>>>> 
>>>>>>>  xen,enhanced = "evtchn";
>>>>>>> 
>>>>>>> Is that a correct understanding?
>>>>>> 
>>>>>> Yes with some cavears (see below).
>>>>>> 
>>>>>>> 
>>>>>>> 
>>>>>>> If so, we can clarify that:
>>>>>>> 
>>>>>>>  xen,enhanced;
>>>>>>> 
>>>>>>> it is a convenient shortend for:
>>>>>>> 
>>>>>>>  xen,enhanced = "xenstore,gnttab,evtchn";
>>>>>>> 
>>>>>>> and that other combinations are also acceptable, e.g.:
>>>>>>> 
>>>>>>>  xen,enhanced = "gnttab";
>>>>>>>  xen,enhanced = "evtchn";
>>>>>>>  xen,enhanced = "evtchn,gnttab";
>>>>>>> 
>>>>>>> It is OK to panic if the user specifies an option that is currently
>>>>>>> unsupported (e.g. "gnttab").
>>>>>> 
>>>>>> So today, if you create the node "xen,xen", the guest will expect to be 
>>>>>> able
>>>>>> to use both grant-table and event channel.
>>>>>> 
>>>>>> Therefore, in the list above, the only configuration we can sensibly 
>>>>>> support
>>>>>> without any major rework is "evtchn,gnttab".
>>>>>> 
>>>>>> If we want to support "evtchn" or "gnttab" only. Then we likely need to 
>>>>>> define
>>>>>> a new binding (or new version) because neither "regs" nor "interrupts" 
>>>>>> are
>>>>>> optional (although a guest OS is free to ignore them).
>>>>> 
>>>>> Yes I think you are right. I also broadly agree with the rest of your
>>>>> reply.
>>>>> 
>>>>> Thinking about it and given the above, we only need 2 "levels" of
>>>>> enhancement:
>>>>> 
>>>>> 1) everything: xenstore, gnttab, evtchn
>>>>> 2) gnttab, evtchn, but not xenstore
>>>>> 
>>>>> Nothing else is really possible because, as Julien pointed out,
>>>>> "xen,enhanced" implies the xen,xen node in the domU device tree and in
>>>>> turn that node implies both evtchn and gnttab.
>>>> So we could say that xen,enhanced always includes gnttab and Xenstore is 
>>>> optional.
>>> 
>>> Not really, Xenstore has always been part of the story in Xen. So I think 
>>> making it optional for "xen,enhanced" is going to make more difficult for 
>>> user to understand what the meaning of the option (in particular that in 
>>> the future we may want to support Xenstored in a separate domain).
>> 
>> Sorry wrong formulation, here I was meaning that we just need a solution to 
>> disable Xenstore (should still be here by default when supported).
>> 
>>> 
>>>>> So I think we just need to add a way to express 2). We could do
>>>>> something like:
>>>>> 
>>>>> xen,enhanced = "evtchn,gnttab";
>>>> I am a bit puzzled here as gnttab is always there.
>>> 
>>> What do you mean?
>> 
>> Asking the user to specify gnttab in the list even though it is not 
>> supported to not have it in the list.
>> 
>>> 
>>>>> 
>>>>> Or we could use a new separate option like Julien initially suggested,
>>>>> e.g.:
>>>>> 
>>>>> xen,enhanced-no-xenstore;
>>>>> 
>>>>> "xen,enhanced-no-xenstore" is a terrible name actually, but just to
>>>>> explain what I am thinking :-)
>>>> I think most common use case will be to have all, so make sense to allow 
>>>> to disable Xenstore.
>>>> How about:
>>>> xen,enhanced = “no-xenstore” ?
>>> 
>>> I would be fine with it.
> 
> We have agreement on this, so I would say let's keep it simple and go
> with this option.
> 
> 
>>>> An other solution is to keep xen,enhanced as it is and introduce a new 
>>>> option:
>>>> Xen,no-xenstore
>>> 
>>> I don't like the idea of introducing yet another option.
>>> 
>>>> At the end Xenstore cannot be used if there is no Dom0 and that we can 
>>>> detect easily.
>>>> Also there is no solution at this stage to have an other domain then Dom0 
>>>> providing
>>>> Xenstore (maybe in the long term someone will want to introduce that and 
>>>> we will need
>>>> a way to specify which domain is handling it).
>>>> So I still think that we could just say that Xenstore can only be active 
>>>> if there is a Dom0
>>>> and just disable Xenstore automatically if it is not the case.
>>> 
>>> See above about disabling Xenstore automatically.
>> 
>> Right now Xenstore can only work with a dom0 and if someone wants to have an 
>> other domain to provide it we would need a way to specify which one in the 
>> configuration.
>> So in a configuration without dom0, I still think that not enabling Xenstore 
>> automatically is ok.
>> 
>>> 
>>>> If there is a dom0 and someone wants a guest without Xenstore, then we 
>>>> would need to
>>>> have the no-xenstore support.
>>>> But is it a use case ?
>>> 
>>> Do you mean when "xen,enhanced" is specified? If yes, this could be useful 
>>> if one want to limit the interface exposed to the guest.
>> 
>> How about the following:
>> Xen,enhanced: gnttab, events and Xenstore if there is a dom0
>> Xen,enhanced = “[no-]xenstore,[no-]evtchn,[no-]gnttab” for when the user 
>> wants to explicitly specify what he wants (and Xen stopping on unsupported 
>> configuration).
>>   In this I would allow to provide any combinations of the 3
> 
> I am OK with what you wrote as well, but considering the additional
> complexity that no-gnttab and no-evtchn entail given that they cannot be
> actually disabled today, I suggest to keep it simple and go with:
> 
> xen,enhanced = "no-xenstore"

I agree with that.

Cheers
Bertrand




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.