[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v9 2/6] x86/boot: introduce module release

To: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>
From: Jason Andryuk <jason.andryuk@xxxxxxx>
Date: Fri, 15 Nov 2024 12:18:49 -0500
Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=apertussolutions.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Spl4V/nqqoU6Vg9mo4P+0Of8dR0qSG9zK57CRV0edPU=; b=EWGoBLfJfrb3QXwUnjVPDAV/6jAsI5vv/cLY/5RE10F1ydnHhvq6qjGuUv0EDTS3+InZXdLA+84Kkha9UF476sb7HVrbPqnnYK9Vi7DP28w4kzOAc+f/ACviQm0WIm5UYXzbuZ5lmzS0KeMmLQeKWIWu8NjJg/b3y0WLWvPXqAkXC5tabXRdiAgacMSK7lkUSpI0FWf8ZBOT7zeLdsWqDP44v8Ew/OFZVeS7a4619HSunaNWrQ5MBVEHrY4Rv2qM0fMLTAWQIsMV3fmF6xKervfenFTi7tu2vJYsCQVUOP8V37TQVcBoe2d50aIv89VanVKbSOfivM9elr2v17Sa2Q==
Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=FEyi4ylgk5/YFomFPmFVbZcUw8tKtaZlB2fu81KeTD5zWaN3LLNoG64i7SeOkZqsghQsdO+fCB6n09fRf9Q885BILctnJERreY9ei4oeiFHkaeE0ajxtGf9hpwvTkNFyo/Vlo9xOw40yjxlbhWSA9TSduS5HQ5B7VlwMtLS1NwH1b0fsxsZl6IIaezUdiwz/YK8AxFLgR6Bu2mXXm6hmxfsD8maFsZ5L2gq10sdJZjA7IpO0q1JV8KZT1B3CD/vYMKmUCaOSLRip6MrSQeNXjeK7+IaY68XNqFwfZZzoDtn0I0/bKkK48vFJXxNNObXElKb5tAahRu/KMtSRveQuQQ==
Cc: <christopher.w.clark@xxxxxxxxx>, <stefano.stabellini@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
Delivery-date: Fri, 15 Nov 2024 17:30:26 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 2024-11-15 12:16, Daniel P. Smith wrote:

On 11/15/24 11:50, Jason Andryuk wrote:
On 2024-11-15 08:12, Daniel P. Smith wrote:
A precarious approach was used to release the pages used to hold aboot module.The precariousness stemmed from the fact that in the case of PV dom0,theinitrd module pages may be either mapped or copied into the dom0address space.In the former case, the PV dom0 construction code will set the sizeof themodule to zero, relying on discard_initial_images() to skip anymodules with a
size of zero. In the latter case, the pages are freed by the PV dom0
construction code. This freeing of pages is done so that in eithercase, theinitrd variable can be reused for tracking the initrd location indom0 memory
through the remaining dom0 construction code.
To encapsulate the logical action of releasing a boot module, thefunctionrelease_boot_module() is introduced along with the `released` flagadded toboot module. The boot module flag `released` allows the tracking ofwhen a boot
module has been released by release_boot_module().
As part of adopting release_boot_module() the functiondiscard_initial_images()is renamed to free_boot_modules(), a name that better reflects thefunctions
actions.

Signed-off-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>
---
Changes since v8:
- completely reworked the commit
   - switch backed to a releasing all but pv initrd approach
   - renamed discard_initial_images to free_boot_modules
---
  xen/arch/x86/hvm/dom0_build.c       |  2 +-
  xen/arch/x86/include/asm/bootinfo.h |  2 ++
  xen/arch/x86/include/asm/setup.h    |  4 +++-
  xen/arch/x86/pv/dom0_build.c        | 27 +++++++++++++--------------
  xen/arch/x86/setup.c                | 27 +++++++++++++++------------
  5 files changed, 34 insertions(+), 28 deletions(-)
diff --git a/xen/arch/x86/hvm/dom0_build.c b/xen/arch/x86/hvm/dom0_build.c
index d1bdf1b14601..d1410e1a02b0 100644
--- a/xen/arch/x86/hvm/dom0_build.c
+++ b/xen/arch/x86/hvm/dom0_build.c
@@ -755,7 +755,7 @@ static int __init pvh_load_kernel(
      }
      /* Free temporary buffers. */
-    discard_initial_images();
+    free_boot_modules();
This...
      if ( cmdline != NULL )
      {
diff --git a/xen/arch/x86/pv/dom0_build.c b/xen/arch/x86/pv/dom0_build.c
index 6be3d7745fab..2580162f3df4 100644
--- a/xen/arch/x86/pv/dom0_build.c
+++ b/xen/arch/x86/pv/dom0_build.c
@@ -875,7 +874,7 @@ static int __init dom0_construct(struct boot_info*bi, struct domain *d)
      }
      /* Free temporary buffers. */
-    discard_initial_images();
+    free_boot_modules();
...and this. I think Andrew requested/suggested moving to a singlefree_boot_modules call:
     They're both right at the end of construction, so it would
     make far more sense for __start_xen() to do this after
     create_dom0().   That also avoids needing to export the function.
I wanted to do this and had it written this way. Then I started testingit and the pvhshim test failed due to not enough ram to build the domUinside pvshim. I started splitting this commit to see where it broke thetest case, and for an unknown reason, replacing these two calls with asingle call in __start_xen() just after create_dom0() is the cause.Instead of trying to tear apart the construction logic to determine why,I backed this part of the change out for the time being.


Ah, ok.  Thanks for the info.

      /* Set up start info area. */
      si = (start_info_t *)vstartinfo_start;
diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c
index 495e90a7e132..0bda1326a485 100644
--- a/xen/arch/x86/setup.c
+++ b/xen/arch/x86/setup.c
+void __init free_boot_modules(void)
  {
      struct boot_info *bi = &xen_boot_info;
      unsigned int i;
      for ( i = 0; i < bi->nr_modules; ++i )
      {
-        uint64_t start = pfn_to_paddr(bi->mods[i].mod->mod_start);
-        uint64_t size  = bi->mods[i].mod->mod_end;
-
-        /*
- * Sometimes the initrd is mapped, rather than copied, intodom0.- * Size being 0 is how we're instructed to leave the modulealone.
-         */
-        if ( size == 0 )
+        if ( bi->mods[i].released )
              continue;
-        init_domheap_pages(start, start + PAGE_ALIGN(size));
+        release_boot_module(&bi->mods[i]);
      }
-
-    bi->nr_modules = 0;
IIUC, zero-ing here was a safety feature to ensure boot modules couldnot be used after this point. Should it be retained?
The released flag displaced the need for this, but I realized it wouldmake it stronger if in bootstrap_map_bm() we add a check that thereleased flag is not set before mapping. I think this is a strongerapproach without loosing information like the number of boot moduleswere passed.


Andrew> Clobbering this prevents the loop constructs from working.

I thought the boot modules are unusable after free_boot_modules() iscalled, so I'm not clear on the utility of keeping the boot modulesaround and/or keeping the loop constructs working. I wondered about,but didn't write, clearing the boot_module info in release_boot_module()to eliminate stale data hanging around.

Yes, a bootstrap_map_bm() check is a good idea. Having said that, thereis a lack of checking the return value of bootstrap_map_bm(), so wouldyou panic?


Regards,
Jason

Follow-Ups:
- Re: [PATCH v9 2/6] x86/boot: introduce module release
  - From: Andrew Cooper

References:
- [PATCH v9 0/6] Boot modules for Hyperlaunch
  - From: Daniel P. Smith
- [PATCH v9 2/6] x86/boot: introduce module release
  - From: Daniel P. Smith
- Re: [PATCH v9 2/6] x86/boot: introduce module release
  - From: Jason Andryuk
- Re: [PATCH v9 2/6] x86/boot: introduce module release
  - From: Daniel P. Smith

Prev by Date: Re: [PATCH v9 2/6] x86/boot: introduce module release
Next by Date: Re: [PATCH v9 3/6] x86/boot: add start and size fields to struct boot_module
Previous by thread: Re: [PATCH v9 2/6] x86/boot: introduce module release
Next by thread: Re: [PATCH v9 2/6] x86/boot: introduce module release
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.