[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [V5 PATCH 6/7] pvh dom0: Add and remove foreign pages



On Thu, 2013-12-05 at 17:15 -0800, Mukesh Rathor wrote:
> On Thu, 5 Dec 2013 12:00:24 +0000
> Ian Campbell <Ian.Campbell@xxxxxxxxxx> wrote:
> 
> > On Wed, 2013-12-04 at 18:05 -0800, Mukesh Rathor wrote:
> > > diff --git a/xen/common/memory.c b/xen/common/memory.c
> > > index eb7b72b..ae11828 100644
> > > --- a/xen/common/memory.c
> > > +++ b/xen/common/memory.c
> > > @@ -675,9 +675,11 @@ long do_memory_op(unsigned long cmd,
> > > XEN_GUEST_HANDLE_PARAM(void) arg) 
> > >      case XENMEM_remove_from_physmap:
> > >      {
> > > +        unsigned long mfn;
> > >          struct xen_remove_from_physmap xrfp;
> > >          struct page_info *page;
> > >          struct domain *d;
> > > +        p2m_type_t p2mt;
> > >  
> > >          if ( copy_from_guest(&xrfp, arg, 1) )
> > >              return -EFAULT;
> > > @@ -693,11 +695,41 @@ long do_memory_op(unsigned long cmd,
> > > XEN_GUEST_HANDLE_PARAM(void) arg) return rc;
> > >          }
> > >  
> > > -        page = get_page_from_gfn(d, xrfp.gpfn, NULL, P2M_ALLOC);
> > > -        if ( page )
> > > +        /*
> > > +         * if PVH, the gfn could be mapped to a mfn from foreign
> > > domain by the
> > 
> > s/PVH/autotranslated/ I think?
> > 
> > > +         * user space tool during domain creation. We need to
> > > check for that,
> > > +         * free it up from the p2m, and release refcnt on it. In
> > > such a case,
> > > +         * page would be NULL and the following call would not
> > > have refcnt'd
> > 
> > Why is page NULL in this case? I'd have thought that get_page_from_gfn
> > could handle the p2m_foreign case internally and still return the
> > page, with the ref count taken too.
> > 
> > Doing that would cause a lot of the magic, and in particular the
> > ifdef, in the following code to disappear.
> 
> I had brought this up earlier this year (that's how old this patch is).
> get_page_from_gfn can't be used because the mfn owner is foreign
> domain and not domain "d", and get_page() will barf.

Not if you make get_page_from_gfn handle the foreignness internally,
which is exactly what I was suggesting, it won't, by definition.

> 
> > 
> > > +         * the page. See also xenmem_add_foreign_to_p2m().
> > > +         */
> > > +        page = get_page_from_gfn(d, xrfp.gpfn, &p2mt, P2M_ALLOC);
> > > +
> > > +        if ( page || p2m_is_foreign(p2mt) )
> > >          {
> > > -            guest_physmap_remove_page(d, xrfp.gpfn,
> > > page_to_mfn(page), 0);
> > > -            put_page(page);
> > > +            if ( page )
> > > +                mfn = page_to_mfn(page);
> > > +#ifdef CONFIG_X86
> > > +            else
> > > +            {
> > > +                p2m_type_t tp;
> > > +                struct domain *foreign_dom;
> > > +
> > > +                mfn = mfn_x(get_gfn_query(d, xrfp.gpfn, &tp));
> > 
> > Is it expected that tp would be different to the p2mt which you
> > already got from get_page_from_gfn?
> 
> No, it's redundant. I can remove the assert. The variable tp will still
> need to be defined, just not used.

If you fold this stuff into get_page_from_gfn then all of this code is
simply not necessary here anyway.

> 
> > > +                foreign_dom = page_get_owner(mfn_to_page(mfn));
> > 
> > I'm half wondering if it would make sense to have get_page_from_gfn
> > return the page owner. But since I think these asserts belong in the
> > get_page_from_gfn anyhow I suppose not.
> > 
> > > +                ASSERT(is_pvh_domain(d));
> > > +                ASSERT(d != foreign_dom);
> > > +                ASSERT(p2m_is_foreign(tp));
> > > +            }
> > > +#endif
> > > +            guest_physmap_remove_page(d, xrfp.gpfn, mfn, 0);
> > > +            if (page)
> > > +                put_page(page);
> > > +
> > > +            if ( p2m_is_foreign(p2mt) )
> > > +            {
> > > +                put_page(mfn_to_page(mfn));
> > > +                put_gfn(d, xrfp.gpfn);
> > > +            }
> > 
> > Is there a reason this last bit can't be part of what
> > guest_physmap_remove_page does?
> 
> Because the refcnt is not taken in guest_physmap_add_page, so would
> be odd to release it in guest_physmap_remove_page.

OK. This ref is taken in xenmem_add_foreign_to_p2m, correct?

For symmetry then I think this should become:
        if ( p2m_is_foreign(p2mt) )
                xenmem_remove_foreign_from_p2m(...)
        else
                guest_physmap_remove_page(...)

Where xenmem_remove_foreign_from_p2m might also call
guest_physmap_remove_page and then do the foreign specific stuff. Note
that if you make get_page_from_gfn handle foreignness and return a
struct page then the put_page(mfn_to_page(mfn)) becomes unnecessary.

This will allow us to do the ref counting differently on ARM if we wish,
such as taking a ref for all references from a p2m, not just foreign
ones, which is something I'd like us to do there.

Ian.



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.