From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: virtio-dev-return-2694-cohuck=redhat.com@lists.oasis-open.org Sender: List-Post: List-Help: List-Unsubscribe: List-Subscribe: Received: from lists.oasis-open.org (oasis-open.org [66.179.20.138]) by lists.oasis-open.org (Postfix) with ESMTP id 621265818CAB for ; Fri, 17 Nov 2017 05:18:13 -0800 (PST) Date: Fri, 17 Nov 2017 15:18:04 +0200 From: "Michael S. Tsirkin" Message-ID: <20171117144517-mutt-send-email-mst@kernel.org> References: <1509696786-1597-1-git-send-email-wei.w.wang@intel.com> <1509696786-1597-7-git-send-email-wei.w.wang@intel.com> <20171115220743-mutt-send-email-mst@kernel.org> <5A0D923C.4020807@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5A0D923C.4020807@intel.com> Subject: Re: [virtio-dev] Re: [PATCH v17 6/6] virtio-balloon: VIRTIO_BALLOON_F_FREE_PAGE_VQ To: Wei Wang Cc: virtio-dev@lists.oasis-open.org, linux-kernel@vger.kernel.org, qemu-devel@nongnu.org, virtualization@lists.linux-foundation.org, kvm@vger.kernel.org, linux-mm@kvack.org, mhocko@kernel.org, akpm@linux-foundation.org, mawilcox@microsoft.com, david@redhat.com, penguin-kernel@I-love.SAKURA.ne.jp, cornelia.huck@de.ibm.com, mgorman@techsingularity.net, aarcange@redhat.com, amit.shah@redhat.com, pbonzini@redhat.com, willy@infradead.org, liliang.opensource@gmail.com, yang.zhang.wz@gmail.com, quan.xu@aliyun.com List-ID: On Thu, Nov 16, 2017 at 09:27:24PM +0800, Wei Wang wrote: > On 11/16/2017 04:32 AM, Michael S. Tsirkin wrote: > > On Fri, Nov 03, 2017 at 04:13:06PM +0800, Wei Wang wrote: > > > Negotiation of the VIRTIO_BALLOON_F_FREE_PAGE_VQ feature indicates the > > > support of reporting hints of guest free pages to the host via > > > virtio-balloon. The host requests the guest to report the free pages by > > > sending commands via the virtio-balloon configuration registers. > > > > > > When the guest starts to report, the first element added to the free page > > > vq is a sequence id of the start reporting command. The id is given by > > > the host, and it indicates whether the following free pages correspond > > > to the command. For example, the host may stop the report and start again > > > with a new command id. The obsolete pages for the previous start command > > > can be detected by the id dismatching on the host. The id is added to the > > > vq using an output buffer, and the free pages are added to the vq using > > > input buffer. > > > > > > Here are some explainations about the added configuration registers: > > > - host2guest_cmd: a register used by the host to send commands to the > > > guest. > > > - guest2host_cmd: written by the guest to ACK to the host about the > > > commands that have been received. The host will clear the corresponding > > > bits on the host2guest_cmd register. The guest also uses this register > > > to send commands to the host (e.g. when finish free page reporting). > > > - free_page_cmd_id: the sequence id of the free page report command > > > given by the host. > > > > > > Signed-off-by: Wei Wang > > > Signed-off-by: Liang Li > > > Cc: Michael S. Tsirkin > > > Cc: Michal Hocko > > > --- > > > > > > + > > > +static void report_free_page(struct work_struct *work) > > > +{ > > > + struct virtio_balloon *vb; > > > + > > > + vb = container_of(work, struct virtio_balloon, report_free_page_work); > > > + report_free_page_cmd_id(vb); > > > + walk_free_mem_block(vb, 0, &virtio_balloon_send_free_pages); > > > + /* > > > + * The last few free page blocks that were added may not reach the > > > + * batch size, but need a kick to notify the device to handle them. > > > + */ > > > + virtqueue_kick(vb->free_page_vq); > > > + report_free_page_end(vb); > > > +} > > > + > > I think there's an issue here: if pages are poisoned and hypervisor > > subsequently drops them, testing them after allocation will > > trigger a false positive. > > > > The specific configuration: > > > > PAGE_POISONING on > > PAGE_POISONING_NO_SANITY off > > PAGE_POISONING_ZERO off > > > > > > Solutions: > > 1. disable the feature in that configuration > > suggested as an initial step > > Thanks for the finding. > Similar to this option: I'm thinking could we make walk_free_mem_block() > simply return if that option is on? > That is, at the beginning of the function: > if (!page_poisoning_enabled()) > return; > > I think in most usages, people would not choose to use the poisoning option > due to the added overhead. > > > Probably we could make it a separate fix patch of this report following > patch 5 to explain the above reasons in the commit. > > > 2. pass poison value to host so it can validate page content > > before it drops it > > 3. pass poison value to host so it can init allocated pages with that value > > > > In fact one nice side effect would be that unmap > > becomes safe even though free list is not locked anymore. > > I haven't got this point yet, how would it bring performance benefit? Upon getting a free page, host could check that its content matches the poison value. If it doesn't page has been used. But let's ignore this for now. > > It would be interesting to see whether this last has > > any value performance-wise. > > > > Best, > Wei --------------------------------------------------------------------- To unsubscribe, e-mail: virtio-dev-unsubscribe@lists.oasis-open.org For additional commands, e-mail: virtio-dev-help@lists.oasis-open.org From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Michael S. Tsirkin" Subject: Re: [virtio-dev] Re: [PATCH v17 6/6] virtio-balloon: VIRTIO_BALLOON_F_FREE_PAGE_VQ Date: Fri, 17 Nov 2017 15:18:04 +0200 Message-ID: <20171117144517-mutt-send-email-mst@kernel.org> References: <1509696786-1597-1-git-send-email-wei.w.wang@intel.com> <1509696786-1597-7-git-send-email-wei.w.wang@intel.com> <20171115220743-mutt-send-email-mst@kernel.org> <5A0D923C.4020807@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Content-Disposition: inline In-Reply-To: <5A0D923C.4020807@intel.com> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: virtualization-bounces@lists.linux-foundation.org Errors-To: virtualization-bounces@lists.linux-foundation.org To: Wei Wang Cc: aarcange@redhat.com, virtio-dev@lists.oasis-open.org, kvm@vger.kernel.org, mawilcox@microsoft.com, qemu-devel@nongnu.org, amit.shah@redhat.com, penguin-kernel@I-love.SAKURA.ne.jp, linux-kernel@vger.kernel.org, willy@infradead.org, virtualization@lists.linux-foundation.org, linux-mm@kvack.org, yang.zhang.wz@gmail.com, quan.xu@aliyun.com, cornelia.huck@de.ibm.com, pbonzini@redhat.com, akpm@linux-foundation.org, mhocko@kernel.org, mgorman@techsingularity.net, liliang.opensource@gmail.com List-Id: virtualization@lists.linuxfoundation.org On Thu, Nov 16, 2017 at 09:27:24PM +0800, Wei Wang wrote: > On 11/16/2017 04:32 AM, Michael S. Tsirkin wrote: > > On Fri, Nov 03, 2017 at 04:13:06PM +0800, Wei Wang wrote: > > > Negotiation of the VIRTIO_BALLOON_F_FREE_PAGE_VQ feature indicates the > > > support of reporting hints of guest free pages to the host via > > > virtio-balloon. The host requests the guest to report the free pages by > > > sending commands via the virtio-balloon configuration registers. > > > > > > When the guest starts to report, the first element added to the free page > > > vq is a sequence id of the start reporting command. The id is given by > > > the host, and it indicates whether the following free pages correspond > > > to the command. For example, the host may stop the report and start again > > > with a new command id. The obsolete pages for the previous start command > > > can be detected by the id dismatching on the host. The id is added to the > > > vq using an output buffer, and the free pages are added to the vq using > > > input buffer. > > > > > > Here are some explainations about the added configuration registers: > > > - host2guest_cmd: a register used by the host to send commands to the > > > guest. > > > - guest2host_cmd: written by the guest to ACK to the host about the > > > commands that have been received. The host will clear the corresponding > > > bits on the host2guest_cmd register. The guest also uses this register > > > to send commands to the host (e.g. when finish free page reporting). > > > - free_page_cmd_id: the sequence id of the free page report command > > > given by the host. > > > > > > Signed-off-by: Wei Wang > > > Signed-off-by: Liang Li > > > Cc: Michael S. Tsirkin > > > Cc: Michal Hocko > > > --- > > > > > > + > > > +static void report_free_page(struct work_struct *work) > > > +{ > > > + struct virtio_balloon *vb; > > > + > > > + vb = container_of(work, struct virtio_balloon, report_free_page_work); > > > + report_free_page_cmd_id(vb); > > > + walk_free_mem_block(vb, 0, &virtio_balloon_send_free_pages); > > > + /* > > > + * The last few free page blocks that were added may not reach the > > > + * batch size, but need a kick to notify the device to handle them. > > > + */ > > > + virtqueue_kick(vb->free_page_vq); > > > + report_free_page_end(vb); > > > +} > > > + > > I think there's an issue here: if pages are poisoned and hypervisor > > subsequently drops them, testing them after allocation will > > trigger a false positive. > > > > The specific configuration: > > > > PAGE_POISONING on > > PAGE_POISONING_NO_SANITY off > > PAGE_POISONING_ZERO off > > > > > > Solutions: > > 1. disable the feature in that configuration > > suggested as an initial step > > Thanks for the finding. > Similar to this option: I'm thinking could we make walk_free_mem_block() > simply return if that option is on? > That is, at the beginning of the function: > if (!page_poisoning_enabled()) > return; > > I think in most usages, people would not choose to use the poisoning option > due to the added overhead. > > > Probably we could make it a separate fix patch of this report following > patch 5 to explain the above reasons in the commit. > > > 2. pass poison value to host so it can validate page content > > before it drops it > > 3. pass poison value to host so it can init allocated pages with that value > > > > In fact one nice side effect would be that unmap > > becomes safe even though free list is not locked anymore. > > I haven't got this point yet, how would it bring performance benefit? Upon getting a free page, host could check that its content matches the poison value. If it doesn't page has been used. But let's ignore this for now. > > It would be interesting to see whether this last has > > any value performance-wise. > > > > Best, > Wei From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oi0-f71.google.com (mail-oi0-f71.google.com [209.85.218.71]) by kanga.kvack.org (Postfix) with ESMTP id 5F4D06B0038 for ; Fri, 17 Nov 2017 08:18:13 -0500 (EST) Received: by mail-oi0-f71.google.com with SMTP id n16so1085570oig.19 for ; Fri, 17 Nov 2017 05:18:13 -0800 (PST) Received: from mx1.redhat.com (mx1.redhat.com. [209.132.183.28]) by mx.google.com with ESMTPS id u65si1157641oig.364.2017.11.17.05.18.12 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 17 Nov 2017 05:18:12 -0800 (PST) Date: Fri, 17 Nov 2017 15:18:04 +0200 From: "Michael S. Tsirkin" Subject: Re: [virtio-dev] Re: [PATCH v17 6/6] virtio-balloon: VIRTIO_BALLOON_F_FREE_PAGE_VQ Message-ID: <20171117144517-mutt-send-email-mst@kernel.org> References: <1509696786-1597-1-git-send-email-wei.w.wang@intel.com> <1509696786-1597-7-git-send-email-wei.w.wang@intel.com> <20171115220743-mutt-send-email-mst@kernel.org> <5A0D923C.4020807@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5A0D923C.4020807@intel.com> Sender: owner-linux-mm@kvack.org List-ID: To: Wei Wang Cc: virtio-dev@lists.oasis-open.org, linux-kernel@vger.kernel.org, qemu-devel@nongnu.org, virtualization@lists.linux-foundation.org, kvm@vger.kernel.org, linux-mm@kvack.org, mhocko@kernel.org, akpm@linux-foundation.org, mawilcox@microsoft.com, david@redhat.com, penguin-kernel@I-love.SAKURA.ne.jp, cornelia.huck@de.ibm.com, mgorman@techsingularity.net, aarcange@redhat.com, amit.shah@redhat.com, pbonzini@redhat.com, willy@infradead.org, liliang.opensource@gmail.com, yang.zhang.wz@gmail.com, quan.xu@aliyun.com On Thu, Nov 16, 2017 at 09:27:24PM +0800, Wei Wang wrote: > On 11/16/2017 04:32 AM, Michael S. Tsirkin wrote: > > On Fri, Nov 03, 2017 at 04:13:06PM +0800, Wei Wang wrote: > > > Negotiation of the VIRTIO_BALLOON_F_FREE_PAGE_VQ feature indicates the > > > support of reporting hints of guest free pages to the host via > > > virtio-balloon. The host requests the guest to report the free pages by > > > sending commands via the virtio-balloon configuration registers. > > > > > > When the guest starts to report, the first element added to the free page > > > vq is a sequence id of the start reporting command. The id is given by > > > the host, and it indicates whether the following free pages correspond > > > to the command. For example, the host may stop the report and start again > > > with a new command id. The obsolete pages for the previous start command > > > can be detected by the id dismatching on the host. The id is added to the > > > vq using an output buffer, and the free pages are added to the vq using > > > input buffer. > > > > > > Here are some explainations about the added configuration registers: > > > - host2guest_cmd: a register used by the host to send commands to the > > > guest. > > > - guest2host_cmd: written by the guest to ACK to the host about the > > > commands that have been received. The host will clear the corresponding > > > bits on the host2guest_cmd register. The guest also uses this register > > > to send commands to the host (e.g. when finish free page reporting). > > > - free_page_cmd_id: the sequence id of the free page report command > > > given by the host. > > > > > > Signed-off-by: Wei Wang > > > Signed-off-by: Liang Li > > > Cc: Michael S. Tsirkin > > > Cc: Michal Hocko > > > --- > > > > > > + > > > +static void report_free_page(struct work_struct *work) > > > +{ > > > + struct virtio_balloon *vb; > > > + > > > + vb = container_of(work, struct virtio_balloon, report_free_page_work); > > > + report_free_page_cmd_id(vb); > > > + walk_free_mem_block(vb, 0, &virtio_balloon_send_free_pages); > > > + /* > > > + * The last few free page blocks that were added may not reach the > > > + * batch size, but need a kick to notify the device to handle them. > > > + */ > > > + virtqueue_kick(vb->free_page_vq); > > > + report_free_page_end(vb); > > > +} > > > + > > I think there's an issue here: if pages are poisoned and hypervisor > > subsequently drops them, testing them after allocation will > > trigger a false positive. > > > > The specific configuration: > > > > PAGE_POISONING on > > PAGE_POISONING_NO_SANITY off > > PAGE_POISONING_ZERO off > > > > > > Solutions: > > 1. disable the feature in that configuration > > suggested as an initial step > > Thanks for the finding. > Similar to this option: I'm thinking could we make walk_free_mem_block() > simply return if that option is on? > That is, at the beginning of the function: > if (!page_poisoning_enabled()) > return; > > I think in most usages, people would not choose to use the poisoning option > due to the added overhead. > > > Probably we could make it a separate fix patch of this report following > patch 5 to explain the above reasons in the commit. > > > 2. pass poison value to host so it can validate page content > > before it drops it > > 3. pass poison value to host so it can init allocated pages with that value > > > > In fact one nice side effect would be that unmap > > becomes safe even though free list is not locked anymore. > > I haven't got this point yet, how would it bring performance benefit? Upon getting a free page, host could check that its content matches the poison value. If it doesn't page has been used. But let's ignore this for now. > > It would be interesting to see whether this last has > > any value performance-wise. > > > > Best, > Wei -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756710AbdKQNSW (ORCPT ); Fri, 17 Nov 2017 08:18:22 -0500 Received: from mx1.redhat.com ([209.132.183.28]:44170 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756405AbdKQNSL (ORCPT ); Fri, 17 Nov 2017 08:18:11 -0500 Date: Fri, 17 Nov 2017 15:18:04 +0200 From: "Michael S. Tsirkin" To: Wei Wang Cc: virtio-dev@lists.oasis-open.org, linux-kernel@vger.kernel.org, qemu-devel@nongnu.org, virtualization@lists.linux-foundation.org, kvm@vger.kernel.org, linux-mm@kvack.org, mhocko@kernel.org, akpm@linux-foundation.org, mawilcox@microsoft.com, david@redhat.com, penguin-kernel@I-love.SAKURA.ne.jp, cornelia.huck@de.ibm.com, mgorman@techsingularity.net, aarcange@redhat.com, amit.shah@redhat.com, pbonzini@redhat.com, willy@infradead.org, liliang.opensource@gmail.com, yang.zhang.wz@gmail.com, quan.xu@aliyun.com Subject: Re: [virtio-dev] Re: [PATCH v17 6/6] virtio-balloon: VIRTIO_BALLOON_F_FREE_PAGE_VQ Message-ID: <20171117144517-mutt-send-email-mst@kernel.org> References: <1509696786-1597-1-git-send-email-wei.w.wang@intel.com> <1509696786-1597-7-git-send-email-wei.w.wang@intel.com> <20171115220743-mutt-send-email-mst@kernel.org> <5A0D923C.4020807@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5A0D923C.4020807@intel.com> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Fri, 17 Nov 2017 13:18:11 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Nov 16, 2017 at 09:27:24PM +0800, Wei Wang wrote: > On 11/16/2017 04:32 AM, Michael S. Tsirkin wrote: > > On Fri, Nov 03, 2017 at 04:13:06PM +0800, Wei Wang wrote: > > > Negotiation of the VIRTIO_BALLOON_F_FREE_PAGE_VQ feature indicates the > > > support of reporting hints of guest free pages to the host via > > > virtio-balloon. The host requests the guest to report the free pages by > > > sending commands via the virtio-balloon configuration registers. > > > > > > When the guest starts to report, the first element added to the free page > > > vq is a sequence id of the start reporting command. The id is given by > > > the host, and it indicates whether the following free pages correspond > > > to the command. For example, the host may stop the report and start again > > > with a new command id. The obsolete pages for the previous start command > > > can be detected by the id dismatching on the host. The id is added to the > > > vq using an output buffer, and the free pages are added to the vq using > > > input buffer. > > > > > > Here are some explainations about the added configuration registers: > > > - host2guest_cmd: a register used by the host to send commands to the > > > guest. > > > - guest2host_cmd: written by the guest to ACK to the host about the > > > commands that have been received. The host will clear the corresponding > > > bits on the host2guest_cmd register. The guest also uses this register > > > to send commands to the host (e.g. when finish free page reporting). > > > - free_page_cmd_id: the sequence id of the free page report command > > > given by the host. > > > > > > Signed-off-by: Wei Wang > > > Signed-off-by: Liang Li > > > Cc: Michael S. Tsirkin > > > Cc: Michal Hocko > > > --- > > > > > > + > > > +static void report_free_page(struct work_struct *work) > > > +{ > > > + struct virtio_balloon *vb; > > > + > > > + vb = container_of(work, struct virtio_balloon, report_free_page_work); > > > + report_free_page_cmd_id(vb); > > > + walk_free_mem_block(vb, 0, &virtio_balloon_send_free_pages); > > > + /* > > > + * The last few free page blocks that were added may not reach the > > > + * batch size, but need a kick to notify the device to handle them. > > > + */ > > > + virtqueue_kick(vb->free_page_vq); > > > + report_free_page_end(vb); > > > +} > > > + > > I think there's an issue here: if pages are poisoned and hypervisor > > subsequently drops them, testing them after allocation will > > trigger a false positive. > > > > The specific configuration: > > > > PAGE_POISONING on > > PAGE_POISONING_NO_SANITY off > > PAGE_POISONING_ZERO off > > > > > > Solutions: > > 1. disable the feature in that configuration > > suggested as an initial step > > Thanks for the finding. > Similar to this option: I'm thinking could we make walk_free_mem_block() > simply return if that option is on? > That is, at the beginning of the function: > if (!page_poisoning_enabled()) > return; > > I think in most usages, people would not choose to use the poisoning option > due to the added overhead. > > > Probably we could make it a separate fix patch of this report following > patch 5 to explain the above reasons in the commit. > > > 2. pass poison value to host so it can validate page content > > before it drops it > > 3. pass poison value to host so it can init allocated pages with that value > > > > In fact one nice side effect would be that unmap > > becomes safe even though free list is not locked anymore. > > I haven't got this point yet, how would it bring performance benefit? Upon getting a free page, host could check that its content matches the poison value. If it doesn't page has been used. But let's ignore this for now. > > It would be interesting to see whether this last has > > any value performance-wise. > > > > Best, > Wei From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46756) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eFgXB-0000sf-97 for qemu-devel@nongnu.org; Fri, 17 Nov 2017 08:18:29 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eFgX6-00041P-SD for qemu-devel@nongnu.org; Fri, 17 Nov 2017 08:18:17 -0500 Received: from mx1.redhat.com ([209.132.183.28]:50376) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eFgX6-0003zW-GZ for qemu-devel@nongnu.org; Fri, 17 Nov 2017 08:18:12 -0500 Date: Fri, 17 Nov 2017 15:18:04 +0200 From: "Michael S. Tsirkin" Message-ID: <20171117144517-mutt-send-email-mst@kernel.org> References: <1509696786-1597-1-git-send-email-wei.w.wang@intel.com> <1509696786-1597-7-git-send-email-wei.w.wang@intel.com> <20171115220743-mutt-send-email-mst@kernel.org> <5A0D923C.4020807@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5A0D923C.4020807@intel.com> Subject: Re: [Qemu-devel] [virtio-dev] Re: [PATCH v17 6/6] virtio-balloon: VIRTIO_BALLOON_F_FREE_PAGE_VQ List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Wei Wang Cc: virtio-dev@lists.oasis-open.org, linux-kernel@vger.kernel.org, qemu-devel@nongnu.org, virtualization@lists.linux-foundation.org, kvm@vger.kernel.org, linux-mm@kvack.org, mhocko@kernel.org, akpm@linux-foundation.org, mawilcox@microsoft.com, david@redhat.com, penguin-kernel@I-love.SAKURA.ne.jp, cornelia.huck@de.ibm.com, mgorman@techsingularity.net, aarcange@redhat.com, amit.shah@redhat.com, pbonzini@redhat.com, willy@infradead.org, liliang.opensource@gmail.com, yang.zhang.wz@gmail.com, quan.xu@aliyun.com On Thu, Nov 16, 2017 at 09:27:24PM +0800, Wei Wang wrote: > On 11/16/2017 04:32 AM, Michael S. Tsirkin wrote: > > On Fri, Nov 03, 2017 at 04:13:06PM +0800, Wei Wang wrote: > > > Negotiation of the VIRTIO_BALLOON_F_FREE_PAGE_VQ feature indicates the > > > support of reporting hints of guest free pages to the host via > > > virtio-balloon. The host requests the guest to report the free pages by > > > sending commands via the virtio-balloon configuration registers. > > > > > > When the guest starts to report, the first element added to the free page > > > vq is a sequence id of the start reporting command. The id is given by > > > the host, and it indicates whether the following free pages correspond > > > to the command. For example, the host may stop the report and start again > > > with a new command id. The obsolete pages for the previous start command > > > can be detected by the id dismatching on the host. The id is added to the > > > vq using an output buffer, and the free pages are added to the vq using > > > input buffer. > > > > > > Here are some explainations about the added configuration registers: > > > - host2guest_cmd: a register used by the host to send commands to the > > > guest. > > > - guest2host_cmd: written by the guest to ACK to the host about the > > > commands that have been received. The host will clear the corresponding > > > bits on the host2guest_cmd register. The guest also uses this register > > > to send commands to the host (e.g. when finish free page reporting). > > > - free_page_cmd_id: the sequence id of the free page report command > > > given by the host. > > > > > > Signed-off-by: Wei Wang > > > Signed-off-by: Liang Li > > > Cc: Michael S. Tsirkin > > > Cc: Michal Hocko > > > --- > > > > > > + > > > +static void report_free_page(struct work_struct *work) > > > +{ > > > + struct virtio_balloon *vb; > > > + > > > + vb = container_of(work, struct virtio_balloon, report_free_page_work); > > > + report_free_page_cmd_id(vb); > > > + walk_free_mem_block(vb, 0, &virtio_balloon_send_free_pages); > > > + /* > > > + * The last few free page blocks that were added may not reach the > > > + * batch size, but need a kick to notify the device to handle them. > > > + */ > > > + virtqueue_kick(vb->free_page_vq); > > > + report_free_page_end(vb); > > > +} > > > + > > I think there's an issue here: if pages are poisoned and hypervisor > > subsequently drops them, testing them after allocation will > > trigger a false positive. > > > > The specific configuration: > > > > PAGE_POISONING on > > PAGE_POISONING_NO_SANITY off > > PAGE_POISONING_ZERO off > > > > > > Solutions: > > 1. disable the feature in that configuration > > suggested as an initial step > > Thanks for the finding. > Similar to this option: I'm thinking could we make walk_free_mem_block() > simply return if that option is on? > That is, at the beginning of the function: > if (!page_poisoning_enabled()) > return; > > I think in most usages, people would not choose to use the poisoning option > due to the added overhead. > > > Probably we could make it a separate fix patch of this report following > patch 5 to explain the above reasons in the commit. > > > 2. pass poison value to host so it can validate page content > > before it drops it > > 3. pass poison value to host so it can init allocated pages with that value > > > > In fact one nice side effect would be that unmap > > becomes safe even though free list is not locked anymore. > > I haven't got this point yet, how would it bring performance benefit? Upon getting a free page, host could check that its content matches the poison value. If it doesn't page has been used. But let's ignore this for now. > > It would be interesting to see whether this last has > > any value performance-wise. > > > > Best, > Wei