Xen project Mailing List

Re: [PATCH for-4.18] docs/sphinx: Lifecycle of a domid

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Tue, 17 Oct 2023 08:34:01 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iXTp2KOb+EVk+kvfHWNRlP8ZRauJZo6Pmg9z/mTuBEE=; b=U/uvfMmFrEXhHQFw1VsZfTxvenvIti4xfzDX1R6Jm11LIqmy5fHmtk04d+YVGX8CZDWVq34TwyVyagGG2H0B2T0sCmTxdd8p6q/TTMT4U0T8POtD45xVdDf54+BUNhDQsVt6OhDcrDtKtnR3Agbl2f7R+B/gUzkgvw8L3USpP1FmAPzoFbGlbAppQH9B6pAWMFhWW9uYBvGszetJU9gSyPA0JibOWgJVihAsbsbKACsd/FzqPVHgJay4YfklSwmzE7plo3jYUboBkqfwNTr+eGmhB33y2PaPZVqVN4i9Q2jSGUIO2YjBv+SCctSRjhRU13OCvv3ihzamst05XqdH4Q==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UPPkMaIRiaJUKAcvwYVcqwvTHF/8t9XZ3M1JWAopUcsEshKXPsuX2WFGQDIc7p9Fd43U1+dSlEK58SMClWDN3luaw90JrmWTwjyUy/vP6i8xNhLnrcOSHPAVsSmVBkewZmDRt9rcgSDt2FcZcoboNbDMD0sCDJvm9kHffCCdU2QoFpmlGTfE3uI4NI7v7cgCtpNUgBEoE6pYq58fw05PmxRnrkSH3ot/EyGzuIMsLncOlBxkhH+YNyj+1kNSlbHnxEaK4py2GwNWDT3EcPjg3EhrZBz3cw15fAZWvp1eAh6muK8E6BK1Cnl/9P30XMKu4RzTjiNh3oTei6ebYj1Wcg==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Henry Wang <Henry.Wang@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Tue, 17 Oct 2023 06:34:42 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 16.10.2023 18:24, Andrew Cooper wrote: > +Creation > +-------- > + > +Within Xen, the ``domain_create()`` function is used to allocate and perform > +bare minimum construction of a domain. The :term:`control domain` accesses > +this functionality via the ``DOMCTL_createdomain`` hypercall. > + > +The final action that ``domain_create()`` performs before returning > +successfully is to enter the new domain into the domlist. This makes the > +domain "visible" within Xen, allowing the new domid to be successfully > +referenced by other hypercalls. > + > +At this point, the domain exists as far as Xen is concerned, but not usefully > +as a VM yet. The toolstack performs further construction activities; > +allocating vCPUs, RAM, copying in the initial executable code, etc. Domains > +are automatically created with one "pause" reference count held, meaning that > +it is not eligible for scheduling. Nit: Afaict either "A domain is ..." or "... they are ...". One might also add "... right away, i.e. until the tool stack asks for the pause count to be decremented". > +Termination > +----------- > + > +The VM runs for a period of time, but eventually stops. It can stop for a > +number of reasons, including: > + > + * Directly at the guest kernel's request, via the ``SCHEDOP_shutdown`` > + hypercall. The hypercall also includes the reason for the shutdown, > + e.g. ``poweroff``, ``reboot`` or ``crash``. > + > + * Indirectly from certain states. E.g. executing a ``HLT`` instruction with > + interrupts disabled is interpreted as a shutdown request as it is a common > + code pattern for fatal error handling when no better options are > available. HLT (note btw that this is x86 and HVM specific and hence may want mentioning as such) is interpreted this way only if all other vCPU-s are also "down" already. > + * Indirectly from fatal exceptions. In some states, execution is unable to > + continue, e.g. Triple Fault on x86. Nit: This again is HVM specific. > + * Directly from the device model, via the ``DMOP_remote_shutdown`` > hypercall. > + E.g. On x86, the 0xcf9 IO port is commonly used to perform platform > + poweroff, reset or sleep transitions. > + > + * Directly from the toolstack. The toolstack is capable of initiating > + cleanup directly, e.g. ``xl destroy``. This is typically an > administration > + action of last resort to clean up a domain which malfunctioned but not > + terminated properly. Nit: You're the native speaker, but doesn't this want to be "... but did not terminate ..."? > +Destruction > +----------- > + > +The domain object in Xen is reference counted, and survives until all > +references are dropped. > + > +The ``@releaseDomain`` watch is to inform all entities that hold a reference > +on the domain to clean up. This may include: > + > + * Paravirtual driver backends having a grant map of the shared ring with the > + frontend. Beyond the shared ring(s), other (data) pages may also still have mappings. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.