Xen project Mailing List

Re: [PATCH 4/5] libxc: use multicall for memory-op on Linux (and Solaris)

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Fri, 18 Jun 2021 17:29:33 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=St8899CI+T6lTL/COT4NIUP5AdLfRHQOiGe16Rhf3b8=; b=Zl4wj0cRSio0Rl2FcWCDIu1mnXG86Bn+cgE1MzDtpsr0ylN5N7FRWlJ8ja1R75Lp5iUHLLqlzimJANY7yhpNwM3YgV0pVMfgbCLjHvTxQ60fsYRxP7gINdHzd0/J7i4dpPx6nculb3djhjsn+ACccBYDWCg3ggaS4qpmmS8HYCC78hAHVtfp/lws6+nuK92hyZJ8KYZOBenMaMo/mHP3W0P8TOYKHCBac9O/CBe4kHi1UgBQmMHDOs4G842cWZo0OZ6kPtdAUr5kZGewvXD99uMDwOlhZLO83aFAf22TZwCmj8NQ3epg4nUg4q+t6O2UHo32bz8X0nxIdOkauDYS0g==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ArKB8pHRyKlwbk2stNTeZfU1QNfZdJIqY6/q1jgOPOPTWEO3CYIqYCgikjLilrOfgRWxifZAo9AG+f2loPCRnLRqjOqr3huO8p+MV9AqdKKWNYUb7HAdzY4yoZgQ8O4PRqm7oOqpEEKi/bj+OnwyLxCR+Q+ICxqMLRwldU2tA7tOGDxhtOn+stJegsFQuOTvjjBxFb3PmfzqKSUjcSYFFrVISTBHotq+veRUToMyxActuY+XESUi7IRV/QaceVlHSbELGEJFcw/aJHNpMszE4pGFEWkYuwAsEwP955KV3R8OJWEmHM/EhgFgTZuf6pGgIlE7Nac/0PjNvky1OpyWMw==

Authentication-results: lists.xenproject.org; dkim=none (message not signed) header.d=none;lists.xenproject.org; dmarc=none action=none header.from=suse.com;

Cc: Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Fri, 18 Jun 2021 15:29:46 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 18.06.2021 17:05, Andrew Cooper wrote: > On 18/06/2021 11:24, Jan Beulich wrote: >> Some sub-functions, XENMEM_maximum_gpfn in particular, can return values >> requiring more than 31 bits to represent. Hence we cannot issue the >> hypercall directly when the return value of ioctl() is used to propagate >> this value (note that this is not the case for the BSDs, and MiniOS >> already wraps all hypercalls in a multicall). >> >> Suggested-by: Jürgen Groß <jgross@xxxxxxxx> >> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> >> >> --- a/tools/libs/ctrl/xc_private.c >> +++ b/tools/libs/ctrl/xc_private.c >> @@ -337,8 +337,47 @@ long do_memory_op(xc_interface *xch, int >> goto out1; >> } >> >> - ret = xencall2(xch->xcall, __HYPERVISOR_memory_op, >> - cmd, HYPERCALL_BUFFER_AS_ARG(arg)); >> +#if defined(__linux__) || defined(__sun__) >> + /* >> + * Some sub-ops return values which don't fit in "int". On platforms >> + * without a specific hypercall return value field in the privcmd >> + * interface structure, issue the request as a single-element multicall, >> + * to be able to capture the full return value. >> + */ >> + if ( sizeof(long) > sizeof(int) ) > > This is very fragile. I spent a while coming up with > > __builtin_types_compatible_p( > typeof(ioctl) *, > long (*)(int, unsigned long, ...)); > > (which does work if you change int for long), just to realise that this > won't actually help. Help with what exactly? I'm not sure I see the severe fragility that you see. I'd call this a little fragile because new OSes would need to explicitly be checked for which behavior they ought to get. But if one failed to do so, all that would happen is that they'd start out with the same issue we're now trying to address. > I'm suck on trying to see whether > privcmd_hypercall_t has a result member. I.e. you're imagining __builtin_has_field()? >> + { >> + multicall_entry_t multicall = { >> + .op = __HYPERVISOR_memory_op, >> + .args[0] = cmd, >> + .args[1] = HYPERCALL_BUFFER_AS_ARG(arg), >> + }, *call = &multicall; >> + DECLARE_HYPERCALL_BOUNCE(call, sizeof(*call), >> + XC_HYPERCALL_BUFFER_BOUNCE_BOTH); >> + >> + if ( xc_hypercall_bounce_pre(xch, call) ) >> + { >> + PERROR("Could not bounce buffer for memory_op hypercall"); >> + goto out1; >> + } >> + >> + ret = do_multicall_op(xch, HYPERCALL_BUFFER(call), 1); >> + >> + xc_hypercall_bounce_post(xch, call); >> + >> + if ( !ret ) >> + { >> + ret = multicall.result; >> + if ( multicall.result > ~0xfffUL ) > > Wouldn't this be clearer as > -4095 ? Not to me. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.