[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2] x86/mm: Add mem access rights to NPT

On 06/28/2018 05:53 PM, Alexandru Stefan ISAILA wrote:
> On Jo, 2018-06-28 at 08:40 -0600, Jan Beulich wrote:
>>>>> On 28.06.18 at 16:10, <aisaila@xxxxxxxxxxxxxxx> wrote:
>>> On Vi, 2018-06-22 at 09:51 -0600, Jan Beulich wrote:
>>>>>>> On 18.06.18 at 17:17, <aisaila@xxxxxxxxxxxxxxx> wrote:
>>>>> From: Isaila Alexandru <aisaila@xxxxxxxxxxxxxxx>
>>>>> This patch adds access rights for the NPT pages. The access
>>>>> rights
>>>>> are
>>>>> saved in a radix tree with the root saved in p2m_domain.
>>>> Sounds resource intensive. How many nodes would such a radix tree
>>>> have
>>>> on average?
>>> The average is around 1478890 for a machine with 4GB of ram.
>> Is this with ...
>>>>> +static void p2m_set_access(struct p2m_domain *p2m, unsigned
>>>>> long
>>>>> gfn,
>>>>> +                                      p2m_access_t a)
>>>>> +{
>>>>> +    int rc;
>>>>> +
>>>>> +    if ( p2m_access_rwx == a )
>>>>> +        radix_tree_delete(&p2m->mem_access_settings, gfn);
>>>>> +
>>>>> +    rc = radix_tree_insert(&p2m->mem_access_settings, gfn,
>>>>> +                           radix_tree_int_to_ptr(a));
>>>> Is there an "else" missing above here? Otherwise why would you
>>>> delete the node first?
>>> Yes it needs a else or a return. We plan not to have the rwx in the
>>> tree so we ca save up some space.
>> ... this corrected? Otherwise I'm tempted to say that the creation of
>> this radix tree needs to be avoided by all means, as long as it's not
>> really needed.
> The number was with this patch so no correction. This was done with
> xen-access write and I don't think it will make a difference if you
> change the access to all the mem pages.

Right, so the average is the average between runs of "xen-access <DOMID>
write", which sets all of the domain's pages to r-x. A typical
introspection application will not set all of the domain's pages up this
way - so the number is an average of maximums.

AFAIK ARM uses this model - are there fewer pages in a typical ARM
guest, or are we missing something about the way they are using radix
trees for this purpose? Or perhaps the ARM code should be changed as well?


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.