From: "Jan Beulich" <JBeulich@suse.com>
To: Ed White <edmund.h.white@intel.com>
Cc: Tim Deegan <tim@xen.org>, Ravi Sahita <ravi.sahita@intel.com>,
Wei Liu <wei.liu2@citrix.com>,
George Dunlap <george.dunlap@eu.citrix.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Ian Jackson <ian.jackson@eu.citrix.com>,
xen-devel@lists.xen.org, tlengyel@novetta.com,
Daniel De Graaf <dgdegra@tycho.nsa.gov>
Subject: Re: [PATCH v5 10/15] x86/altp2m: add remaining support routines.
Date: Tue, 14 Jul 2015 15:31:45 +0100 [thread overview]
Message-ID: <55A539710200007800090CB0@mail.emea.novell.com> (raw)
In-Reply-To: <1436832903-12639-11-git-send-email-edmund.h.white@intel.com>
>>> On 14.07.15 at 02:14, <edmund.h.white@intel.com> wrote:
> --- a/xen/arch/x86/hvm/hvm.c
> +++ b/xen/arch/x86/hvm/hvm.c
> @@ -2802,10 +2802,11 @@ int hvm_hap_nested_page_fault(paddr_t gpa, unsigned long gla,
> mfn_t mfn;
> struct vcpu *curr = current;
> struct domain *currd = curr->domain;
> - struct p2m_domain *p2m;
> + struct p2m_domain *p2m, *hostp2m;
> int rc, fall_through = 0, paged = 0;
> int sharing_enomem = 0;
> vm_event_request_t *req_ptr = NULL;
> + bool_t ap2m_active = 0;
Pointless initializer afaict.
> @@ -2865,11 +2866,31 @@ int hvm_hap_nested_page_fault(paddr_t gpa, unsigned long gla,
> goto out;
> }
>
> - p2m = p2m_get_hostp2m(currd);
> - mfn = get_gfn_type_access(p2m, gfn, &p2mt, &p2ma,
> + ap2m_active = altp2m_active(currd);
> +
> + /* Take a lock on the host p2m speculatively, to avoid potential
> + * locking order problems later and to handle unshare etc.
> + */
Comment style.
> @@ -2965,9 +3003,15 @@ int hvm_hap_nested_page_fault(paddr_t gpa, unsigned long gla,
> if ( npfec.write_access )
> {
> paging_mark_dirty(currd, mfn_x(mfn));
> + /* If p2m is really an altp2m, unlock here to avoid lock ordering
> + * violation when the change below is propagated from host p2m */
> + if ( ap2m_active )
> + __put_gfn(p2m, gfn);
> p2m_change_type_one(currd, gfn, p2m_ram_logdirty, p2m_ram_rw);
And this won't result in any races?
Also - comment style again (and more elsewhere).
> --- a/xen/arch/x86/mm/p2m.c
> +++ b/xen/arch/x86/mm/p2m.c
> @@ -2037,6 +2037,391 @@ bool_t p2m_switch_vcpu_altp2m_by_id(struct vcpu *v, uint16_t idx)
> return rc;
> }
>
> +void p2m_flush_altp2m(struct domain *d)
> +{
> + uint16_t i;
> +
> + altp2m_list_lock(d);
> +
> + for ( i = 0; i < MAX_ALTP2M; i++ )
> + {
> + p2m_flush_table(d->arch.altp2m_p2m[i]);
> + /* Uninit and reinit ept to force TLB shootdown */
> + ept_p2m_uninit(d->arch.altp2m_p2m[i]);
> + ept_p2m_init(d->arch.altp2m_p2m[i]);
ept_... in non-EPT code again.
> + d->arch.altp2m_eptp[i] = INVALID_MFN;
> + }
> +
> + altp2m_list_unlock(d);
> +}
> +
> +static void p2m_init_altp2m_helper(struct domain *d, uint16_t i)
> +{
> + struct p2m_domain *p2m = d->arch.altp2m_p2m[i];
> + struct ept_data *ept;
> +
> + p2m->min_remapped_gfn = INVALID_GFN;
> + p2m->max_remapped_gfn = INVALID_GFN;
> + ept = &p2m->ept;
> + ept->asr = pagetable_get_pfn(p2m_get_pagetable(p2m));
> + d->arch.altp2m_eptp[i] = ept_get_eptp(ept);
Same here.
> +long p2m_init_altp2m_by_id(struct domain *d, uint16_t idx)
> +{
> + long rc = -EINVAL;
Why long (for both variable and function return type)? (More of
these in functions below.)
> +long p2m_init_next_altp2m(struct domain *d, uint16_t *idx)
> +{
> + long rc = -EINVAL;
> + uint16_t i;
As in the earlier patch(es) - unsigned int.
> +long p2m_change_altp2m_gfn(struct domain *d, uint16_t idx,
> + gfn_t old_gfn, gfn_t new_gfn)
> +{
> + struct p2m_domain *hp2m, *ap2m;
> + p2m_access_t a;
> + p2m_type_t t;
> + mfn_t mfn;
> + unsigned int page_order;
> + long rc = -EINVAL;
> +
> + if ( idx > MAX_ALTP2M || d->arch.altp2m_eptp[idx] == INVALID_MFN )
> + return rc;
> +
> + hp2m = p2m_get_hostp2m(d);
> + ap2m = d->arch.altp2m_p2m[idx];
> +
> + p2m_lock(ap2m);
> +
> + mfn = ap2m->get_entry(ap2m, gfn_x(old_gfn), &t, &a, 0, NULL, NULL);
> +
> + if ( gfn_x(new_gfn) == INVALID_GFN )
> + {
> + if ( mfn_valid(mfn) )
> + p2m_remove_page(ap2m, gfn_x(old_gfn), mfn_x(mfn), PAGE_ORDER_4K);
> + rc = 0;
> + goto out;
> + }
> +
> + /* Check host p2m if no valid entry in alternate */
> + if ( !mfn_valid(mfn) )
> + {
> + mfn = hp2m->get_entry(hp2m, gfn_x(old_gfn), &t, &a,
> + P2M_ALLOC | P2M_UNSHARE, &page_order, NULL);
> +
> + if ( !mfn_valid(mfn) || t != p2m_ram_rw )
> + goto out;
> +
> + /* If this is a superpage, copy that first */
> + if ( page_order != PAGE_ORDER_4K )
> + {
> + gfn_t gfn;
> + unsigned long mask;
> +
> + mask = ~((1UL << page_order) - 1);
> + gfn = _gfn(gfn_x(old_gfn) & mask);
> + mfn = _mfn(mfn_x(mfn) & mask);
> +
> + if ( ap2m->set_entry(ap2m, gfn_x(gfn), mfn, page_order, t, a, 1)
> )
> + goto out;
> + }
> + }
> +
> + mfn = ap2m->get_entry(ap2m, gfn_x(new_gfn), &t, &a, 0, NULL, NULL);
> +
> + if ( !mfn_valid(mfn) )
> + mfn = hp2m->get_entry(hp2m, gfn_x(new_gfn), &t, &a, 0, NULL, NULL);
> +
> + if ( !mfn_valid(mfn) || (t != p2m_ram_rw) )
> + goto out;
> +
> + if ( !ap2m->set_entry(ap2m, gfn_x(old_gfn), mfn, PAGE_ORDER_4K, t, a,
> + (current->domain != d)) )
> + {
> + rc = 0;
> +
> + if ( ap2m->min_remapped_gfn == INVALID_GFN ||
> + gfn_x(new_gfn) < ap2m->min_remapped_gfn )
> + ap2m->min_remapped_gfn = gfn_x(new_gfn);
> + if ( ap2m->max_remapped_gfn == INVALID_GFN ||
> + gfn_x(new_gfn) > ap2m->max_remapped_gfn )
> + ap2m->max_remapped_gfn = gfn_x(new_gfn);
For the purpose here (and without conflict with the consumer side)
it would seem to be better to initialize max_remapped_gfn to zero,
as then both if() can get away with just one comparison.
> +void p2m_altp2m_propagate_change(struct domain *d, gfn_t gfn,
> + mfn_t mfn, unsigned int page_order,
> + p2m_type_t p2mt, p2m_access_t p2ma)
> +{
> + struct p2m_domain *p2m;
> + p2m_access_t a;
> + p2m_type_t t;
> + mfn_t m;
> + uint16_t i;
> + bool_t reset_p2m;
> + unsigned int reset_count = 0;
> + uint16_t last_reset_idx = ~0;
> +
> + if ( !altp2m_active(d) )
> + return;
> +
> + altp2m_list_lock(d);
> +
> + for ( i = 0; i < MAX_ALTP2M; i++ )
> + {
> + if ( d->arch.altp2m_eptp[i] == INVALID_MFN )
> + continue;
> +
> + p2m = d->arch.altp2m_p2m[i];
> + m = get_gfn_type_access(p2m, gfn_x(gfn), &t, &a, 0, NULL);
> +
> + reset_p2m = 0;
> +
> + /* Check for a dropped page that may impact this altp2m */
> + if ( mfn_x(mfn) == INVALID_MFN &&
> + gfn_x(gfn) >= p2m->min_remapped_gfn &&
> + gfn_x(gfn) <= p2m->max_remapped_gfn )
> + reset_p2m = 1;
Considering that this looks like an optimization, what's the downside
of possibly having min=0 and max=<end-of-address-space>? I.e.
can there a long latency operation result that's this way a guest can
effect?
Jan
next prev parent reply other threads:[~2015-07-14 14:31 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-14 0:14 [PATCH v5 00/15] Alternate p2m: support multiple copies of host p2m Ed White
2015-07-14 0:14 ` [PATCH v5 01/15] common/domain: Helpers to pause a domain while in context Ed White
2015-07-14 0:14 ` [PATCH v5 02/15] VMX: VMFUNC and #VE definitions and detection Ed White
2015-07-14 0:14 ` [PATCH v5 03/15] VMX: implement suppress #VE Ed White
2015-07-14 12:46 ` Jan Beulich
2015-07-14 13:47 ` George Dunlap
2015-07-14 0:14 ` [PATCH v5 04/15] x86/HVM: Hardware alternate p2m support detection Ed White
2015-07-14 0:14 ` [PATCH v5 05/15] x86/altp2m: basic data structures and support routines Ed White
2015-07-14 13:13 ` Jan Beulich
2015-07-14 14:45 ` George Dunlap
2015-07-14 14:58 ` Jan Beulich
2015-07-16 8:57 ` Sahita, Ravi
2015-07-16 9:07 ` Jan Beulich
2015-07-17 22:36 ` Sahita, Ravi
2015-07-20 6:20 ` Jan Beulich
2015-07-21 5:18 ` Sahita, Ravi
2015-07-14 15:57 ` George Dunlap
2015-07-21 17:44 ` Sahita, Ravi
2015-07-14 0:14 ` [PATCH v5 06/15] VMX/altp2m: add code to support EPTP switching and #VE Ed White
2015-07-14 13:57 ` Jan Beulich
2015-07-16 9:20 ` Sahita, Ravi
2015-07-16 9:38 ` Jan Beulich
2015-07-17 21:08 ` Sahita, Ravi
2015-07-20 6:21 ` Jan Beulich
2015-07-21 5:49 ` Sahita, Ravi
2015-07-14 0:14 ` [PATCH v5 07/15] VMX: add VMFUNC leaf 0 (EPTP switching) to emulator Ed White
2015-07-14 14:04 ` Jan Beulich
2015-07-14 17:56 ` Sahita, Ravi
2015-07-17 22:41 ` Sahita, Ravi
2015-07-14 0:14 ` [PATCH v5 08/15] x86/altp2m: add control of suppress_ve Ed White
2015-07-14 17:03 ` George Dunlap
2015-07-14 0:14 ` [PATCH v5 09/15] x86/altp2m: alternate p2m memory events Ed White
2015-07-14 14:08 ` Jan Beulich
2015-07-16 9:22 ` Sahita, Ravi
2015-07-14 0:14 ` [PATCH v5 10/15] x86/altp2m: add remaining support routines Ed White
2015-07-14 14:31 ` Jan Beulich [this message]
2015-07-16 9:16 ` Sahita, Ravi
2015-07-16 9:34 ` Jan Beulich
2015-07-17 22:32 ` Sahita, Ravi
2015-07-20 6:53 ` Jan Beulich
2015-07-21 5:46 ` Sahita, Ravi
2015-07-21 6:38 ` Jan Beulich
2015-07-21 18:33 ` Sahita, Ravi
2015-07-22 7:33 ` Jan Beulich
2015-07-16 14:44 ` George Dunlap
2015-07-17 21:01 ` Sahita, Ravi
2015-07-14 0:14 ` [PATCH v5 11/15] x86/altp2m: define and implement alternate p2m HVMOP types Ed White
2015-07-14 14:36 ` Jan Beulich
2015-07-16 9:02 ` Sahita, Ravi
2015-07-16 9:09 ` Jan Beulich
2015-07-14 0:15 ` [PATCH v5 12/15] x86/altp2m: Add altp2mhvm HVM domain parameter Ed White
2015-07-14 0:15 ` [PATCH v5 13/15] x86/altp2m: XSM hooks for altp2m HVM ops Ed White
2015-07-14 0:15 ` [PATCH v5 14/15] tools/libxc: add support to altp2m hvmops Ed White
2015-07-14 0:15 ` [PATCH v5 15/15] tools/xen-access: altp2m testcases Ed White
2015-07-14 9:56 ` Wei Liu
2015-07-14 11:52 ` Lengyel, Tamas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55A539710200007800090CB0@mail.emea.novell.com \
--to=jbeulich@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=dgdegra@tycho.nsa.gov \
--cc=edmund.h.white@intel.com \
--cc=george.dunlap@eu.citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=ravi.sahita@intel.com \
--cc=tim@xen.org \
--cc=tlengyel@novetta.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.