[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v1 02/13] xen/arm: introduce a special domain DOMID_SHARED

To: Jan Beulich <jbeulich@xxxxxxxx>
From: Stefano Stabellini <sstabellini@xxxxxxxxxx>
Date: Fri, 18 Mar 2022 15:20:25 -0700 (PDT)
Cc: Penny Zheng <Penny.Zheng@xxxxxxx>, nd@xxxxxxx, Penny Zheng <penzhe01@xxxxxxxxxxxxxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 18 Mar 2022 22:20:32 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Fri, 18 Mar 2022, Jan Beulich wrote:
> Further (there's no particularly good place to mention this) I'm
> afraid I don't view "shared" as a good name: It's not the domain
> which is shared, but it's the domain to hold shared memory.

To be honest I thought the same thing when reading this patch but
couldn't easily come up with a better name.

> For this
> my first consideration would be to see whether an existing special
> domain can be re-used; after all the set of reserved domain IDs is
> a very limited one, and hence each value taken from there should come
> with a very good reason. We did such re-use e.g. when introducing
> quarantining for PCI devices, by associating them with DOM_IO rather
> than inventing a new DOM_QUARANTINE. If there are good reasons
> speaking against such re-use, then I'd like to ask to consider e.g.
> DOMID_SHM / DOMID_SHMEM plus associated predicate.

>From my point of view is totally fine to reuse one of the existing
special domains if we can.

DOMID_IO seems to be the closest match but its current definition
doesn't cover what Penny is trying to achieve. I am happy to change its
definition and make it wider to support this use-case too.

It is not trivial to come up with an appropriate description though. I
took a stab at it but I couldn't come up with anything better:

 * DOMID_IO is used for mapping memory and MMIO regions when no explicit
 * Domain need to be specified.
 *
 * For instance, DOMID_IO is the owner of memory pre-shared among
 * multiple domains at boot time, when no explicit owner is specified.
 *
 * Also, DOMID_IO is used to restrict page-table updates to mapping I/O
 * memory. Although no Foreign Domain need be specified to map I/O
 * pages, DOMID_IO is useful to ensure that no mappings to the OS's own
 * heap are accidentally installed. (e.g., in Linux this could cause
 * havoc as reference counts aren't adjusted on the I/O-mapping code
 * path). This only makes sense as HYPERVISOR_mmu_update()'s and
 * HYPERVISOR_update_va_mapping_otherdomain()'s "foreigndom" argument.
 * For HYPERVISOR_mmu_update() context it can be specified by any
 * calling domain, otherwise it's only permitted if the caller is
 * privileged.

References:
- [PATCH v1 00/13] Static shared memory on dom0less system
  - From: Penny Zheng
- [PATCH v1 02/13] xen/arm: introduce a special domain DOMID_SHARED
  - From: Penny Zheng
- Re: [PATCH v1 02/13] xen/arm: introduce a special domain DOMID_SHARED
  - From: Jan Beulich

Prev by Date: Re: [PATCH v3 09/19] xen/arm32: mm: Check if the virtual address is shared before updating it
Next by Date: RE: [PATCH v1 03/13] xen/arm: allocate static shared memory to dom_shared
Previous by thread: Re: [PATCH v1 02/13] xen/arm: introduce a special domain DOMID_SHARED
Next by thread: [PATCH v1 04/13] xen/arm: add P2M type parameter in guest_physmap_add_pages
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.