[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/4] xen: Introduce non-broken hypercalls for the p2m pool size
- To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Thu, 27 Oct 2022 09:42:47 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rbj/4eHtZ0EwWOarKG1TXEsOJjIYCSgqAK0gFP8TdVg=; b=XHA4XlqG3MervS9rJN3CtLrS17EPT5dOyaXcWIsOWXi2cfn3fkyCztae5Nzg7NroFTKLRY2q4VoD0xm7U1C4Fd0+A6amhUI//eCBSrj24HHu4g+Wp2aL+XZj3rSq6j6h38AUbMfg+UwSF5ZkFWYSjzBgPTGUuU9M2JT8pXBqk+rI8/lRcXhDQQqD//klqp9cQs/u2ICWdK1wCifrdIVnBfqjOOeiiVGt80WRnZC6/E/+r5ea5H9IJszpq+FO0eqMICO9nTwI9yBJPJqaHosNQl07OtVK5vXCdDbGMhtOAFq7dF/3koKlp8BexUZBZkw97RWTpk4CQOONdY68+0swnQ==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MCKbqd/dbt8R6ig8Xr7f1F3KOlRqe5+oajETQajI1IYQV/xbvjDwaJr5/GmI+Z2r5o6kxGZZ7e09/fcaVhDkBQCjVPREi1/qFanFy1TueiYB7S82F/xw2+FP38htrFOhR85xhYazqollis+9znneKXDnpZA2XOWM7rkeZhz4r3LxxDtbhpHK9Y6OCyBYemWE/oSZmMAtNJG4k/tOqfXbhe8lpQg3myCPx4776jbi4LqhsMVSaHnjG++OKQS7Li6URXsP8Cl0vkj9fHhFjSw01n7m+bXL9LdKqfpMu083bqHZSefVOo1YoNDGu21oSRUxcvbnMpCTAJ0elmm8j1dnlA==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
- Cc: Xen Security Team <security@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Henry Wang <Henry.Wang@xxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- Delivery-date: Thu, 27 Oct 2022 07:43:11 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 26.10.2022 12:20, Andrew Cooper wrote:
> +int arch_set_p2m_mempool_size(struct domain *d, uint64_t size)
> +{
> + unsigned long pages = size >> PAGE_SHIFT;
> + bool preempted = false;
> + int rc;
> +
> + if ( is_pv_domain(d) )
> + return -EOPNOTSUPP;
> +
> + if ( size & ~PAGE_MASK ) /* Non page-sized request? */
> + return -EINVAL;
> +
> + ASSERT(paging_mode_enabled(d));
> +
> + paging_lock(d);
> + if ( hap_enabled(d) )
> + rc = hap_set_allocation(d, pages, &preempted);
> + else
> + rc = shadow_set_allocation(d, pages, &preempted);
> + paging_unlock(d);
> +
> + return preempted ? -ERESTART : rc;
> +}
There's a further difference between HAP and shadow which may want/need
reflecting here: shadow's handling of XEN_DOMCTL_SHADOW_OP_SET_ALLOCATION
rejects 0 as an input when shadow mode is still enabled. On one hand
that's reasonable from an abstract pov, while otoh it may be viewed as
questionable when at the same time setting to a very small value (which
will then be upped to the minimum acceptable one) is permitted. At the
very least this guards against emptying of the pool where active shadows
would be allocated from (which isn't a problem on HAP as there apart
from the allocations through hap_alloc_p2m_page() the only thing coming
from the pool are the monitor tables of each vCPU, which set-allocation
wouldn't attempt to free).
Jan
|
