[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [RFC 21/22] xen/arm: p2m: Re-implement p2m_set_mem_access using p2m_{set, get}_entry

To: Tamas K Lengyel <tamas@xxxxxxxxxxxxx>, Julien Grall <julien.grall@xxxxxxx>
From: Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>
Date: Tue, 2 Aug 2016 09:07:38 +0300
Cc: Mark Rutland <mark.rutland@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Steve Capper <steve.capper@xxxxxxx>, Sergej Proskurin <proskurin@xxxxxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxx>, wei.chen@xxxxxxxxxx
Delivery-date: Tue, 02 Aug 2016 06:08:24 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 08/01/16 19:27, Tamas K Lengyel wrote:
> On Mon, Aug 1, 2016 at 10:15 AM, Julien Grall <julien.grall@xxxxxxx> wrote:
>>
>>
>> On 01/08/16 16:59, Tamas K Lengyel wrote:
>>>
>>> On Mon, Aug 1, 2016 at 9:40 AM, Julien Grall <julien.grall@xxxxxxx> wrote:
>>> IMHO we should just pause the domain while mem_access permissions are
>>> being changed. On x86 it is not necessary as the mem_access
>>> bookkeeping is kept in the ept pte entries but since on ARM the two
>>> things are disjoint it is required. Even on x86 though - while it's
>>> not strictly necessary - I think it would be a good idea to just pause
>>> the domain as from a user perspective it would be more intuitive then
>>> keeping the vCPUs running.
>>
>>
>> The problem is not because of the bookkeeping, but how the TLBs work. I
>> never mentioned the radix tree in my previous mail because storing the
>> access in the entry will not help here. The entry may have been updated but
>> the TLBs not yet invalidated.
>>
>> x86 does not seem to be affected because if the mem access check fail, the
>> instruction is replayed (see hvm_hap_nested_page_fault). This is exactly the
>> solution I suggested, which is IHMO the best.
> 
> I see. Yes, indeed that sounds like the route to take here.
> 
>>
>> I don't think pausing all the vCPUs of a domain is a good solution, the
>> overhead will be too high for modifying only one page (see
>> p2m_mem_access_check for instance).
>>
> 
> IMHO the overhead of pausing the domain for setting mem_access
> permissions is not critical as it is done only on occasion. We can
> certainly leave the default behavior like this but I'll probably also
> introduce a new XENMEM_access_op_set_access_sync op that will pause
> the domain for the duration of the op.

Well, not really - we do set / remove access restrictions dynamically,
while the guest is running, according to context. It's not the
application's main business to just set access permissions, so in that
respect I suppose we could get away with pausing the whole domain, but I
bet the impact would be measurable with tools.

Adding a new XENMEM_access_op is fine with me.


Thanks,
Razvan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

References:
- Re: [Xen-devel] [RFC 21/22] xen/arm: p2m: Re-implement p2m_set_mem_access using p2m_{set, get}_entry
  - From: Julien Grall
- Re: [Xen-devel] [RFC 21/22] xen/arm: p2m: Re-implement p2m_set_mem_access using p2m_{set, get}_entry
  - From: Tamas K Lengyel
- Re: [Xen-devel] [RFC 21/22] xen/arm: p2m: Re-implement p2m_set_mem_access using p2m_{set, get}_entry
  - From: Julien Grall
- Re: [Xen-devel] [RFC 21/22] xen/arm: p2m: Re-implement p2m_set_mem_access using p2m_{set, get}_entry
  - From: Tamas K Lengyel

Prev by Date: [Xen-devel] [qemu-mainline test] 99892: tolerable FAIL - PUSHED
Next by Date: Re: [Xen-devel] [PATCH] x86: use gcc6'es flags asm() output support
Previous by thread: Re: [Xen-devel] [RFC 21/22] xen/arm: p2m: Re-implement p2m_set_mem_access using p2m_{set, get}_entry
Next by thread: Re: [Xen-devel] [RFC 21/22] xen/arm: p2m: Re-implement p2m_set_mem_access using p2m_{set, get}_entry
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.