[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 05/10] libxl/xl: add memory policy option to iomem

On Wed, 1 May 2019, Julien Grall wrote:
> Hi,
> 
> On 30/04/2019 22:02, Stefano Stabellini wrote:
> > Add a new memory policy option for the iomem parameter.
> > Possible values are:
> > - arm_devmem, device nGRE, the default on ARM
> > - arm_memory, WB cachable memory
> > - x86_uc: uncachable memory, the default on x86
> > 
> > Store the parameter in a new field in libxl_iomem_range.
> > 
> > Pass the memory policy option to xc_domain_mem_map_policy.
> > 
> > Signed-off-by: Stefano Stabellini <stefanos@xxxxxxxxxx>
> > CC: ian.jackson@xxxxxxxxxxxxx
> > CC: wei.liu2@xxxxxxxxxx
> > ---
> > Changes in v2:
> > - add #define LIBXL_HAVE_MEMORY_POLICY
> > - ability to part the memory policy parameter even if gfn is not passed
> > - rename cache_policy to memory policy
> > - rename MEMORY_POLICY_DEVMEM to MEMORY_POLICY_ARM_DEV_nGRE
> > - rename MEMORY_POLICY_MEMORY to MEMORY_POLICY_ARM_MEM_WB
> > - rename memory to arm_memory and devmem to arm_devmem
> > - expand the non-security support status to non device passthrough iomem
> >    configurations
> > - rename iomem options
> > - add x86 specific iomem option
> > ---
> >   SUPPORT.md                  |  2 +-
> >   docs/man/xl.cfg.5.pod.in    |  7 ++++++-
> >   tools/libxl/libxl.h         |  5 +++++
> >   tools/libxl/libxl_create.c  | 21 +++++++++++++++++++--
> >   tools/libxl/libxl_types.idl |  9 +++++++++
> >   tools/xl/xl_parse.c         | 22 +++++++++++++++++++++-
> >   6 files changed, 61 insertions(+), 5 deletions(-)
> > 
> > diff --git a/SUPPORT.md b/SUPPORT.md
> > index e4fb15b..f29a299 100644
> > --- a/SUPPORT.md
> > +++ b/SUPPORT.md
> > @@ -649,7 +649,7 @@ to be used in addition to QEMU.
> >             Status: Experimental
> >   -### ARM/Non-PCI device passthrough
> > +### ARM/Non-PCI device passthrough and other iomem configurations
> 
> I am not sure why iomem is added here?

It is added here to clarify that it is *not* security supported.


> Also what was the security support before hand? Was it supported?

In my view, it falls under the broader category of "Non-PCI device
passthrough" so it was already not security supported. But I thought it
would be good to make it explicit to avoid any misunderstandings.


> >         Status: Supported, not security supported
> >   diff --git a/docs/man/xl.cfg.5.pod.in b/docs/man/xl.cfg.5.pod.in
> > index c7d70e6..c85857e 100644
> > --- a/docs/man/xl.cfg.5.pod.in
> > +++ b/docs/man/xl.cfg.5.pod.in
> > @@ -1222,7 +1222,7 @@ is given in hexadecimal format and may either be a
> > range, e.g. C<2f8-2ff>
> >   It is recommended to only use this option for trusted VMs under
> >   administrator's control.
> >   -=item B<iomem=[ "IOMEM_START,NUM_PAGES[@GFN]",
> > "IOMEM_START,NUM_PAGES[@GFN]", ...]>
> > +=item B<iomem=[ "IOMEM_START,NUM_PAGES[@GFN],MEMORY_POLICY",
> > "IOMEM_START,NUM_PAGES[@GFN][,MEMORY_POLICY]", ...]>
> >     Allow auto-translated domains to access specific hardware I/O memory
> > pages.
> >   @@ -1233,6 +1233,11 @@ B<GFN> is not specified, the mapping will be
> > performed using B<IOMEM_START>
> >   as a start in the guest's address space, therefore performing a 1:1
> > mapping
> >   by default.
> >   All of these values must be given in hexadecimal format.
> > +B<MEMORY_POLICY> for ARM platforms:
> > +  - "arm_devmem" for Device nGRE, the default on ARM
> 
> This does not match the current default. At the moment, it is Device nGnRE.

I'll fix this throughout the whole series


> > +  - "arm_memory" for Outer Shareable Write-Back Cacheable Memory
> 
> The two names are quite confusing and will make quite difficult to introduce
> any new one. It also make little sense to use a different naming in xl and
> libxl. This only add an other level of confusion.

I'll change them to match the Xen names: arm_dev_ngnre and arm_mem_wb.


> Overall, this is not enough for a user to understand the memory policy. As I
> pointed out before, this is not straight forward on Arm as the resulting
> memory attribute will be a combination of stage-2 and stage-1.
> 
> We need to explain the implication of using the memory and the consequence of
> misuse it. And particularly as this is not security supported so we don't end
> up to security support in the future something that don't work.

I'll expand the text here to cover what you wrote.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.