Re: [Xen-devel] Reducing or removing direct map from xen (was Re: Ongoing/future speculative mitigation work)

On Thu, Feb 21, 2019 at 10:59:41AM +0100, Roger Pau Monné wrote:
> On Wed, Feb 20, 2019 at 05:08:09PM +0000, Wei Liu wrote:
> > On Wed, Feb 20, 2019 at 01:09:56PM +0000, Wei Liu wrote:
> > [...]
> > > I think under-allocate-then-map looks plausible. xmalloc will need
> > > to allocate pages, put them into an array and call __vmap on that array
> > > directly.
> > 
> > The biggest issue with this approach is that we now need an array of
> > 1UL<<MAX_ORDER to accommodate mfns. Back of envelope calculation: on x86
> > this is going to be (1UL<<20)*8 bytes long. This is not feasible.
> Right. I guess the only remaining option is to allocate a virtual
> address space and populate it using multiple pages?

I probably was not clear enough -- the aforementioned array was needed
for this method, so I don't think this is feasible.

> That would likely require to split some functions into smaller helpers
> so you can call them and provide the virtual address where a page
> should be mapped?

Not feasible as of now. The fundamental issue is that vmap is managed by
a bitmap which has 1:1 mapping for page and address space, and it
mandates a guard page for each allocation.

To make this work we need to remove the mandatory guard page. Inventing
more complex tracking structure is probably not worth it.


> Roger.

