[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v9 2/5] xen: add parent_domid field to createdomain domctl

Hi Tamas,

On 21/02/2020 21:35, Tamas K Lengyel wrote:
On Fri, Feb 21, 2020 at 2:03 PM Julien Grall <julien@xxxxxxx> wrote:

Hi Tamas,

On 21/02/2020 18:49, Tamas K Lengyel wrote:
When creating a domain that will be used as a VM fork some information is
required to set things up properly, like the max_vcpus count. Instead of the
toolstack having to gather this information for each fork in a separate
hypercall we can just include the parent domain's id in the createdomain domctl
so that Xen can copy the setting without the extra toolstack queries.

It is not entirely clear why you only want to copy max_vcpus. From my
understanding,  when you are going to fork a domain you will want the
domain to be nearly identical. So how do you decide what to copy?

All parameters of the parent domain need to be copied, but during
createdomain domctl only max_vcpus is required. The rest are copied
during XENMEM_sharing_op_fork.

I don't believe max_vcpus is the only field required here. Most of the information hold in the structure are required at creation time so the domain is configured correctly. For instance, on Arm, the version of interrupt controller can only be configured at creation time. For x86, I am pretty sure the emuflags have to be correct at creation time as well.

So it feels weird to me that you only need to copy max_vcpus here. Because if you are able to fill up the other fields of the structure, then most likely you have the max_vcpus in hand as well.

The current suggestion is too restrictive and only save you one hypercall. IMHO, if we are going to update createdomain, then all the fields but parent_domid should be ignored when the latter is valid. The fields can then be filled up and copied back to the toolstack so it can consumed the information.

Signed-off-by: Tamas K Lengyel <tamas.lengyel@xxxxxxxxx>
   xen/common/domctl.c         | 14 ++++++++++++++
   xen/include/public/domctl.h |  3 ++-
   2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/xen/common/domctl.c b/xen/common/domctl.c
index a69b3b59a8..22aceb3860 100644
--- a/xen/common/domctl.c
+++ b/xen/common/domctl.c
@@ -489,6 +489,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) 
       case XEN_DOMCTL_createdomain:
           domid_t        dom;
+        domid_t        parent_dom;
           static domid_t rover = 0;

           dom = op->domain;
@@ -515,6 +516,19 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) 
               rover = dom;

+        parent_dom = op->u.createdomain.parent_domid;
+        if ( parent_dom )

I would rather avoid to assume that parent_dom will not be 0 for a few
     1) Most of Xen (if not all) now avoid to assume that dom0->domain_id
== 0.
     2) I can see usecases where it we may want to recreate dom0 setup.

That's an interesting thought, I don't expect that will be a usecase
but it's interesting.

Maybe not in the context VM fork. But ...

Currently I don't think it would work, so I
consider that to be out-of-scope.

... this is a generic hypercall and therefore we should be open to other usecase. I am not asking to check whether we can recreate a domain based on dom0. I am only asking to be mindful with your interface and not put ourself in a corner just because this is out-of-scope for you.

The more important bit for me my point 1). I.e not assuming that 0 is an invalid value for domid.

So we should consider a different value to indicate whether we want to
clone from a domain. Maybe by setting bit 16 of the parent_domid?

I can add a XEN_DOMCTL_CDF_fork flag, but I think that's an overkill.

See above. If you are going to modify a common interface then you need to bear in mind how this can be used.

+        {
+            struct domain *pd = rcu_lock_domain_by_id(parent_dom);
+            ret = -EINVAL;
+            if ( !pd )
+                break;
+            op->u.createdomain.max_vcpus = pd->max_vcpus;
+            rcu_unlock_domain(pd);
+        }
           d = domain_create(dom, &op->u.createdomain, false);
           if ( IS_ERR(d) )
diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h
index fec6f6fdd1..251cc40ef6 100644
--- a/xen/include/public/domctl.h
+++ b/xen/include/public/domctl.h
@@ -38,7 +38,7 @@
   #include "hvm/save.h"
   #include "memory.h"


    * NB. xen_domctl.domain is an IN/OUT parameter for this operation.
@@ -92,6 +92,7 @@ struct xen_domctl_createdomain {
       uint32_t max_evtchn_port;
       int32_t max_grant_frames;
       int32_t max_maptrack_frames;
+    domid_t parent_domid;

By just looking at the name, it is not clear what the field is for. It
also suggest that one domain will be linked to the other. But this is
not the case here. I would recommend to add a comment explaining how
this is used by Xen.

No, during createdomain the domains won't get linked. Only once the
XENMEM_sharing_op_fork finishes do the domains get linked. I explain
this in the patch message, I can copy that as a comment into the
header if you prefer.

Bear in mind that developpers don't want to play the blame game everytime they want to understand an interfaces. So you either want to use a meaningful name or a comment in your code.

Maybe "clone_domid" would be clearer here. Yet it is not clear that only "max_vcpus" is going to be copied.


Julien Grall

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.