Xen project Mailing List

Re: [PATCH 2/6] gnttab: allow per-domain control over transitive grants

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

From: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Mon, 20 Sep 2021 13:45:10 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=5Z/zlOkhAe34r08JIFK07u2iOSIf4wkWJ5+6+6nXOdo=; b=QKPuA2DBGzad3yKxXLoQprPJMFBJsIuMP253D+G4Sl2cfT23MkvLw9MGGFarh6pykyLZjxasTF1pCN7ABSSwNG1kRUIZCeP+oBuvIjXvq1/2R5qBnx+8DzQ5IK/frr6G6QCPuPcLZoX9ZnoGU1LN0pwn49DBv1E4uSkp5gO/S4PqJQ0GLfa/Y4bIvN6FfgADBN0MW5bqDCicSeXjNbOafAqlyqM5+CDL4xRlKIvW8ltrZCTlkrozcsexw5+OHQ6eC9KV7v24EKGxURoB5wMmu1z/LRIctdZB7aWBItJoZeWy/useCPrqNyj6ZfKvxwKFxJAv/UrkdEJ5W107hG+thg==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=m4iKRU3MIGvuFiRBUs4ifhWTcNEUlrSq7EsfBurVybEEaNp0x4NNGbS6uleKJ47Jg3P5O/OyTBzDg2iS0IFTmylV/9OP9eiEJpp8HkAPyaF4bjETgI7JFmbIDC0dNbRW1KIlD4Be5Y/0jHNbZ8q+3DWfC2k3MLkPWpk6XrlbBBT3arp9jKHJu967VzhMUS806MOLjz0O9+aeQNdJrPdc56BBAym/SCtua+HoUCOCIrwmjeJQiL8CbBMZAOwnFf8+GB6xtuG/f429Fk0h0TuGTdntf1jLfEQmxYJ5fX6HUEqr1rLrWjbGdld688lTBZdt2p8Xi2gThyrRa2Vooa6YYQ==

Authentication-results: esa1.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, "Wei Liu" <wl@xxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, "Juergen Gross" <jgross@xxxxxxxx>, Christian Lindig <christian.lindig@xxxxxxxxxx>, David Scott <dave@xxxxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>

Delivery-date: Mon, 20 Sep 2021 11:45:30 +0000

Ironport-data: A9a23:s1GGAqngoz1scXHWS//olEjo5gwtIURdPkR7XQ2eYbSJt1+Wr1Gzt xJMX22CbP3ZZGD8KtxzOo62o0wBsJbdydFkSwtrrnxkFCMWpZLJC+rCIxarNUt+DCFioGGLT Sk6QoOdRCzhZiaE/n9BClVlxJVF/fngqoDUUYYoAQgsA185IMsdoUg7wbdh09Qw2YLR7z6l4 rseneWOYDdJ5BYsWo4kw/rrRMRH5amaVJsw5zTSVNgT1LPsvyB94KE3fMldG0DQUIhMdtNWc s6YpF2PEsE1yD92Yj+tuu6TnkTn2dc+NyDW4pZdc/DKbhSvOkXee0v0XRYRQR4/ttmHozx+4 OkdjIDhEVcXApXVgPoWcBMCNAFOMoQTrdcrIVDn2SCS50jPcn+qyPRyFkAme4Yf/46bA0kXq 6ZecmpUKEne2aTmm9pXScE17ignBNPsM44F/Glp0BnSDOo8QICFSKLPjTNd9Gpr25oQRK6BD yYfQQh3d0reSAFCA1oOFa0ew+zx2WXkbDIN/Tp5ooJoujOOnWSdyoPFMtXPfceRbd5IhUver WXDl0ziGQ0TPtGbzTuD81qvi/XJkCe9X5gdfJWG8fptjEyW13YkIhQcXlumotG0kke7HdlYL iQ89iMwoIAo+UesT927WAe3yFaGoxodVtx4A+A8rgaXxcL84hmbLngJSCZbb94rv9NwQiYlv neZktWsCTFxvbm9TXOG6qzSvT60ITISL2IJeWkDVwRty9vprZw3jxnPZs1+C6PzhdrwcRnvx xiaoS54gK8c5fPnzI3iowqB2Wj14MGUEEhlvW07Q15J8CtFNLe5NtT412Tj9O5eJ6WTFH6hj Hctzp32AP81MX2dqMCcaLxTR+j5vKfUaGe0bU1HRMZ6pm/0k5K3VcUJumgveh0xWioRUWKxO CfuVRVtCIi/1ZdARZR+ZZ64Q+8uxLLpfTgOfqGJNocSCnSdmQnuwc2PWaJy9zu2+KTPuftmU Xt+TSpLJSxBYZmLNBLsG48gPUYDn0jSP18/oKwXKDz8i9KjiIO9E+9ZYDNikMhgtP7sTPrpH yZ3aJLRlkQ3vBzWSSjL648DRW3m3lBiXsueliCjTcbaelAOMDh4U5f5mOp9E6Q4z/U9vrqZp RmVBx4HoGcTcFWacG1mnFg4M+ixNXu+xFpmVRER0aGAgSl7Pdn3s/dBKPPav9APrYRe8BK9d NFcE+2oCfVTUDXXvTMbaJj2tot5cxq3wwmJOkKYjPIXJfaMniTFpY3peBXB7i4LAnblvMcyu eT4hAjaXYACV0JpC8OPMKCjyFa4vH48nuNuXhSXfokPKRu0qIU6eTbsivIXIt0XLUmRzDWty AvLUwwTovPAotFp/YCR17yEtYqgD8B3AlFeQzvA9b+zOCSDpjijzIZMXfymZzfYUG+oqqyua f8Ml6P3MeEdnUYMuI15Su45waU77trphrlb0gU7QymbMwX1UutteyDU09NOu6tBwq5ilTG3A k/fqMNHPbipOd/+FAJDLgQSceneh+ofnSPf7KppLRyitjN35reOTW5bIwKI1H5GNLJwPY4on bUhtcoR51DtgxYmKI/b3CVd9mDKJX0cSaQ38JodBdaz2AYsz1hDZ73aCzP3v87TO4kdbBFyL 2/GnrfGipRd2lHGIig6GnX61OZAgYgD5UJRx1gYKlXVwtfIi5fbBvGKHejbmuiN8ih67g==

Ironport-hdrordr: A9a23:K4edt6oQIOPRPa/RzAMgCVgaV5oweYIsimQD101hICG9E/bo8f xG88536faZskd1ZJhCo6HmBED/ex/hHPdOiOF7V4tKNzOW3FdAQrsMg+qDsl6QeRHDyg==

Ironport-sdr: RKXA7ldO6ghHwCrdyVWkDTTIfEeHloXEYiZ716xwPakUfSjpm6D6rZkVMaHOk4UyqFr00ECvw6 5/odAfEqxQ4O8D/Vt2UVax/9WfSfXSrO0SAr333foG6V3rRhAseG9QoA0XsCZKB/+EnbfmqBLI X0/UNhKVMoQEN4aEiJW027xW1C+P6Yej5pYP1EogkFQJH4Tcd+gO/Yc+w5FbKFt4mQGCv9LfF3 iyZ2k+RXQbUkAqxO/qQNtW2oR6dSl5Ieysi7iANt0mfVU1A1fxziMvUDGZ1u6+SFBMGnEOwCWX 85HEeof0UtPpL9IcCpuMHBR9

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Mon, Sep 20, 2021 at 10:32:24AM +0100, Andrew Cooper wrote: > On 17/09/2021 16:46, Roger Pau Monne wrote: > > diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h > > index 7f8456c50e..fe2201fca1 100644 > > --- a/xen/include/public/domctl.h > > +++ b/xen/include/public/domctl.h > > @@ -96,6 +96,14 @@ struct xen_domctl_createdomain { > > int32_t max_maptrack_frames; > > int32_t max_grant_version; > > > > +/* Allow transitive grants. */ > > +#define _XEN_DOMCTL_GRANT_transitive 0 > > +#define XEN_DOMCTL_GRANT_transitive (1U << _XEN_DOMCTL_GRANT_transitive) > > There's no need for bit position variables. > > > + > > +#define XEN_DOMCTL_GRANT_MAX XEN_DOMCTL_GRANT_transitive > > + > > + uint32_t grant_opts; > > So far, we've got 3 bits of information, v1, v2 and transitive, and > we're tight on space in the structure with loads more to fit in. > > I was thinking grant_flags or equiv to contain these 3 settings, and any > further which might appear. What about using something like the below? We also need to consider selecting the default version (whatever is set on the hypervisor) and no grant table at all. /* Grant version, use low 4 bits. */ #define XEN_DOMCTL_GRANT_disable 0 #define XEN_DOMCTL_GRANT_version_v1 1 #define XEN_DOMCTL_GRANT_version_v2 2 #define XEN_DOMCTL_GRANT_version_default 0xf /* Allow transitive grants. */ #define _XEN_DOMCTL_GRANT_transitive 4 #define XEN_DOMCTL_GRANT_transitive (1U << _XEN_DOMCTL_GRANT_transitive) #define XEN_DOMCTLGRANT_MAX XEN_DOMCTL_GRANT_transitive uint32_t grant_opts; > > > One thing which is missing however is the enumeration of which settings > are available, and rejection of bad settings. If v2 is disabled > globally, trying to create a VM with v2 needs to fail. Right, I think this is already the case with the current implementation. This doesn't happen however with the transitive option, as I implemented it and'ing the hypervisor selection to the tools provided one, partially due to the lack of a 'use hypervisor default' option. Thanks, Roger.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.