On Tue, Mar 28, 2006 at 07:46:13PM +0800, Tian, Kevin wrote:
> >> Since frame within grant table entry is gmfn and xen is aware whether this
> >> gmfn
> >> equals to mfn or not, there's no need to change concept of host_addr and
> >> you can
> >> just deliver a dummy va address.
> >
> >I agree. I had a vague similar model in my mind
> >You made it very clear.
> >I guess that grant table on translate x86 isn't supported yet, right?
>
> The grant table exists on current translate x86. From virtual driver code,
> there're places checking against translated mode. I'm not sure about dom0,
> but for domU, the grant table gpfns are kept adjacent to console gpfn by
> control panel.
That's good news.
> >> >- trust privileged domains
> >> > Xen/IA64 trust privileged domain(dom0) to flush tlb cache.
> >>
> >> What do you mean by "trust"? Purge instruction still traps to xen since
> >> xenlinux is
> >> running as less privilege level. Maybe I didn't understand your point here.
> >
> >When a granted page is unmapped or a page is disassociated
> >from pseudo physical address, xen/IA64 must flush tlb/VHPT.
> >Otherwise it might be possible for a malicious domain to read/write
> >the page using unflushed virtual address after the page is recyecled
> >and used for other purpose.
> >If we assume that dom0 isn't malicious so that it issues
> >appropriate tlb flush after unmapping/disassociating and doesn't read/write
> >a unmapped/disassociated page, then we can skip tlb/VHPT flush in xen/IA64
> >when unmapping/disassociating.
>
> I'm not sure whether we can really gain even by trusting dom0. Aside from
> more context switches added (since flush request starts from dom0), you
> still need to flush tlb/VHPT on all LPs that dom0 is running on. It's natural
> to say that dom0 has one vcpu on each LP (current x86 guest SMP model),
> and in that case, once xen receives flush request from dom0, tlb/VHPT flush
> is required on all LPs for specified range... Is there any more difference
> except
> flush time? :-)
Without tracking a virtual address corresponding to a granted page,
xen/ia64 have to flush all tlb/vhpt.
I.e. xen/ia64 has to do something like
vhpt_flush();
flush_tlb_all();
Here vhpt_flush() flushes the whole of vhpt table.
On the other hand, dom0 knows the virtual address so
dom0 may issues ptc.ga with page size (16KB by default).
It results in vcpu_ptc_ga() of xen/ia64.
It does
vhpt_flush_address(vadr,addr_range);
ia64_global_tlb_purge(vadr,vadr+addr_range,PAGE_SHIFT);
Here vhpt flush range is 16kb.
If xen/ia64 tracks a virtual address somehow,
Xen/ia64 can flush vhpt with page size range so this become meaningless.
--
yamahata
_______________________________________________
Xen-ia64-devel mailing list
Xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-ia64-devel
|
Home