From mboxrd@z Thu Jan  1 00:00:00 1970
From: Arun Sharma <arun.sharma@intel.com>
Subject: Re: passing hypercall parameters by pointer
Date: Wed, 17 Aug 2005 14:07:08 -0700
Message-ID: <4303A6FC.6040601@intel.com>
References: <A95E2296287EAD4EB592B5DEEFCE0E9D282BB8@liverpoolst.ad.cl.cam.ac.uk>
	None None <mailman.1124311483.4826@unix-os.sc.intel.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <mailman.1124311483.4826@unix-os.sc.intel.com>
List-Unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Ian Pratt <m+Ian.Pratt@cl.cam.ac.uk>
Cc: "Ling, Xiaofeng" <xiaofeng.ling@intel.com>, xen-devel <xen-devel@lists.xensource.com>, "Yu, Ke" <ke.yu@intel.com>
List-Id: xen-devel@lists.xenproject.org

Ian Pratt wrote:
>>Many Xen hypercalls pass mlocked pointers as parameters for 
>>both input and output. For example, xc_get_pfn_list() is a 
>>nice one with multiple levels of structures/mlocking.
>>
>>Considering just the tools for the moment, those pointers are 
>>userspace addresses. Ultimately the hypervisor ends up with 
>>that userspace address, from which it reads and writes data. 
>>This is OK for x86, since userspace, kernel, and hypervisor 
>>all share the same virtual address space (and userspace has 
>>carefully mlocked the relevent memory).

This is a problem even on x86 for VMX domains which execute hypercalls 
because of para virtualized device drivers.

>>
>>On PowerPC though, the hypervisor runs in real mode (no MMU 
>>translation).  
>>Unlike x86, PowerPC exceptions arrive in real mode, and also 
>>PowerPC does not force a TLB flush when switching between 
>>real and virtual modes. So a virtual address is pretty much 
>>worthless as a hypervisor parameter; performing the MMU 
>>translation in software is infeasible.
> 
> 
> I think I'd prefer to hide all of this by co-operation between the
> kernel and the hypervisor's copy to/from user.
>

This is basically what Xiaofeng attempted to do in this patch:

http://article.gmane.org/gmane.comp.emulators.xen.devel/11107

although the virtual -> pseudo physical is also done in the hypervisor.
Please let us know if the patch is acceptable in light of your email.

> The kernel can easily translate a virtual address and length into a list
> of psuedo-phyiscal frame numbers and initial offset. Xen's copy from
> user function can then use this list when doing its work. 

The other alternative (which we talked about at OLS) is to use a couple 
of pinned pages for parameter passing - but it doesn't work very well for:

a) Multiple levels of structures/pointers
b) Arguments which may be bigger than a couple of pages 
(xc_get_pfn_list() for a bigmem domain for example).

	-Arun