[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] evtchn/Flask: pre-allocate node on send path

To: Julien Grall <julien@xxxxxxx>
From: Jason Andryuk <jandryuk@xxxxxxxxx>
Date: Fri, 25 Sep 2020 14:08:51 -0400
Cc: Jan Beulich <jbeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Daniel de Graaf <dgdegra@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Christopher Clark <christopher.w.clark@xxxxxxxxx>, Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>
Delivery-date: Fri, 25 Sep 2020 18:09:16 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Fri, Sep 25, 2020 at 12:02 PM Julien Grall <julien@xxxxxxx> wrote:
>
> Hi Jan,
>
> On 25/09/2020 16:36, Jan Beulich wrote:
> > On 25.09.2020 16:33, Julien Grall wrote:
> >> On 25/09/2020 14:58, Jan Beulich wrote:
> >>> On 25.09.2020 15:16, Julien Grall wrote:
> >>>> Fair enough. I would still like to consider a way where we could avoid
> >>>> to hack xsm_* because we have the interrupts disabled.
> >>>
> >>> Well, from a conceptual pov it's at least questionable for XSM to
> >>> need any memory allocations at all when merely being asked for
> >>> permission. And indeed the need for it arises solely from its
> >>> desire to cache the result, for the sake of subsequent lookups.
> >>>
> >>> I also find it odd that there's an XSM check on the send path in
> >>> the first place. This isn't just because it would seem to me that
> >>> it should be decided at binding time whether sending is permitted
> >>> - I may easily be missing something in the conceptual model here.
> >>> It's also because __domain_finalise_shutdown() too uses
> >>> evtchn_send(), and I didn't think this one should be subject to
> >>> any XSM check (just like send_guest_*() aren't).
> >>
> >> Maybe this is the first question we need to answer?
> >
> > Indeed that was the question I asked myself before putting together
> > the patch. Yet I have no idea who could answer it, with Daniel
> > having gone silent for quite long a time now. Hence I didn't even
> > put up the question, but instead tried to find a halfway reasonable
> > solution.
>
> IIRC, XSM is used by OpenXT and QubeOS. So I have CCed them to get some
> input.

I think the send hook exists because send is its own distinct
operation.  While most common usage could be handled by just checking
at bind time, the send hoor provides more flexibility.  For instance,
the send hook can be used to restrict signalling to only one
direction.  Also, a domain label can transition (change) at runtime.
Dropping the send check would latch the permission at bind time which
would not necessarily be valid for the security policy.

Am I correct that the assertion mentioned in the patch description
would only be seen in debug builds?

Thanks,
Jason

Follow-Ups:
- Re: [PATCH] evtchn/Flask: pre-allocate node on send path
  - From: Jan Beulich

References:
- [PATCH] evtchn/Flask: pre-allocate node on send path
  - From: Jan Beulich
- Re: [PATCH] evtchn/Flask: pre-allocate node on send path
  - From: Julien Grall
- Re: [PATCH] evtchn/Flask: pre-allocate node on send path
  - From: Jan Beulich
- Re: [PATCH] evtchn/Flask: pre-allocate node on send path
  - From: Julien Grall
- Re: [PATCH] evtchn/Flask: pre-allocate node on send path
  - From: Jan Beulich
- Re: [PATCH] evtchn/Flask: pre-allocate node on send path
  - From: Julien Grall
- Re: [PATCH] evtchn/Flask: pre-allocate node on send path
  - From: Jan Beulich
- Re: [PATCH] evtchn/Flask: pre-allocate node on send path
  - From: Julien Grall

Prev by Date: Re: [RFC PATCH v1 2/6] sched: track time spent in hypervisor tasks
Next by Date: Re: [PATCH v3 01/11] xen/manage: keep track of the on-going suspend mode
Previous by thread: Re: [PATCH] evtchn/Flask: pre-allocate node on send path
Next by thread: Re: [PATCH] evtchn/Flask: pre-allocate node on send path
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.