From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Ed White <edmund.h.white@intel.com>, xen-devel@lists.xen.org
Cc: Ravi Sahita <ravi.sahita@intel.com>,
Wei Liu <wei.liu2@citrix.com>,
Ian Jackson <ian.jackson@eu.citrix.com>, Tim Deegan <tim@xen.org>,
Jan Beulich <jbeulich@suse.com>,
tlengyel@novetta.com, Daniel De Graaf <dgdegra@tycho.nsa.gov>
Subject: Re: [PATCH v2 10/12] x86/altp2m: define and implement alternate p2m HVMOP types.
Date: Wed, 24 Jun 2015 14:58:31 +0100 [thread overview]
Message-ID: <558AB787.9000006@citrix.com> (raw)
In-Reply-To: <1434999372-3688-11-git-send-email-edmund.h.white@intel.com>
On 22/06/15 19:56, Ed White wrote:
> Signed-off-by: Ed White <edmund.h.white@intel.com>
> ---
> xen/arch/x86/hvm/hvm.c | 216 ++++++++++++++++++++++++++++++++++++++++
> xen/include/public/hvm/hvm_op.h | 69 +++++++++++++
> 2 files changed, 285 insertions(+)
>
> diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
> index b758ee1..b3e74ce 100644
> --- a/xen/arch/x86/hvm/hvm.c
> +++ b/xen/arch/x86/hvm/hvm.c
> @@ -6424,6 +6424,222 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg)
> break;
> }
>
> + case HVMOP_altp2m_get_domain_state:
> + {
> + struct xen_hvm_altp2m_domain_state a;
> + struct domain *d;
> +
> + if ( copy_from_guest(&a, arg, 1) )
> + return -EFAULT;
> +
> + d = rcu_lock_domain_by_any_id(a.domid);
> + if ( d == NULL )
> + return -ESRCH;
> +
> + rc = -EINVAL;
> + if ( !is_hvm_domain(d) || !hvm_altp2m_supported() )
> + goto param_fail9;
> +
> + a.state = altp2mhvm_active(d);
> + rc = copy_to_guest(arg, &a, 1) ? -EFAULT : 0;
> +
> + param_fail9:
> + rcu_unlock_domain(d);
> + break;
> + }
> +
> + case HVMOP_altp2m_set_domain_state:
> + {
> + struct xen_hvm_altp2m_domain_state a;
> + struct domain *d;
> + struct vcpu *v;
> + bool_t ostate;
> +
> + if ( copy_from_guest(&a, arg, 1) )
> + return -EFAULT;
> +
> + d = rcu_lock_domain_by_any_id(a.domid);
> + if ( d == NULL )
> + return -ESRCH;
> +
> + rc = -EINVAL;
> + if ( !is_hvm_domain(d) || !hvm_altp2m_supported() ||
> + nestedhvm_enabled(d) )
> + goto param_fail10;
> +
> + ostate = d->arch.altp2m_active;
> + d->arch.altp2m_active = !!a.state;
> +
> + /* If the alternate p2m state has changed, handle appropriately */
> + if ( d->arch.altp2m_active != ostate )
> + {
> + if ( !ostate && !p2m_init_altp2m_by_id(d, 0) )
> + goto param_fail10;
Indentation.
> +
> + for_each_vcpu( d, v )
> + if (!ostate)
> + altp2mhvm_vcpu_initialise(v);
> + else
> + altp2mhvm_vcpu_destroy(v);
Although strictly speaking this is (almost) ok by the style guidelines,
it would probably be better to have braces for the for_each_vcpu()
loop. Also, spaces for the brackets for !ostate.
> +
> + if ( ostate )
> + p2m_flush_altp2m(d);
> + }
> +
> + rc = 0;
> +
> + param_fail10:
> + rcu_unlock_domain(d);
> + break;
> + }
> +
> + case HVMOP_altp2m_vcpu_enable_notify:
> + {
> + struct domain *curr_d = current->domain;
> + struct vcpu *curr = current;
> + struct xen_hvm_altp2m_vcpu_enable_notify a;
> +
> + if ( copy_from_guest(&a, arg, 1) )
> + return -EFAULT;
> +
> + if ( !is_hvm_domain(curr_d) || !hvm_altp2m_supported() ||
> + !curr_d->arch.altp2m_active || vcpu_altp2mhvm(curr).veinfo_gfn )
> + return -EINVAL;
> +
> + vcpu_altp2mhvm(curr).veinfo_gfn = a.pfn;
> + ahvm_vcpu_update_vmfunc_ve(curr);
You need a gfn bounds check against the host p2m here.
> + rc = 0;
> +
> + break;
> + }
> +
> + case HVMOP_altp2m_create_p2m:
> + {
> + struct xen_hvm_altp2m_view a;
> + struct domain *d;
> +
> + if ( copy_from_guest(&a, arg, 1) )
> + return -EFAULT;
> +
> + d = rcu_lock_domain_by_any_id(a.domid);
> + if ( d == NULL )
> + return -ESRCH;
> +
> + rc = -EINVAL;
> + if ( !is_hvm_domain(d) || !hvm_altp2m_supported() ||
> + !d->arch.altp2m_active )
> + goto param_fail11;
> +
> + if ( !p2m_init_next_altp2m(d, &a.view) )
> + goto param_fail11;
> +
> + rc = copy_to_guest(arg, &a, 1) ? -EFAULT : 0;
> +
> + param_fail11:
> + rcu_unlock_domain(d);
> + break;
> + }
> +
> + case HVMOP_altp2m_destroy_p2m:
> + {
> + struct xen_hvm_altp2m_view a;
> + struct domain *d;
> +
> + if ( copy_from_guest(&a, arg, 1) )
> + return -EFAULT;
> +
> + d = rcu_lock_domain_by_any_id(a.domid);
> + if ( d == NULL )
> + return -ESRCH;
> +
> + rc = -EINVAL;
> + if ( !is_hvm_domain(d) || !hvm_altp2m_supported() ||
> + !d->arch.altp2m_active )
> + goto param_fail12;
> +
> + if ( p2m_destroy_altp2m_by_id(d, a.view) )
> + rc = 0;
> +
> + param_fail12:
> + rcu_unlock_domain(d);
> + break;
> + }
> +
> + case HVMOP_altp2m_switch_p2m:
> + {
> + struct xen_hvm_altp2m_view a;
> + struct domain *d;
> +
> + if ( copy_from_guest(&a, arg, 1) )
> + return -EFAULT;
> +
> + d = rcu_lock_domain_by_any_id(a.domid);
> + if ( d == NULL )
> + return -ESRCH;
> +
> + rc = -EINVAL;
> + if ( !is_hvm_domain(d) || !hvm_altp2m_supported() ||
> + !d->arch.altp2m_active )
> + goto param_fail13;
> +
> + if ( p2m_switch_domain_altp2m_by_id(d, a.view) )
> + rc = 0;
> +
> + param_fail13:
> + rcu_unlock_domain(d);
> + break;
> + }
> +
> + case HVMOP_altp2m_set_mem_access:
> + {
> + struct xen_hvm_altp2m_set_mem_access a;
> + struct domain *d;
> +
> + if ( copy_from_guest(&a, arg, 1) )
> + return -EFAULT;
> +
> + d = rcu_lock_domain_by_any_id(a.domid);
> + if ( d == NULL )
> + return -ESRCH;
> +
> + rc = -EINVAL;
> + if ( !is_hvm_domain(d) || !hvm_altp2m_supported() ||
> + !d->arch.altp2m_active )
> + goto param_fail14;
> +
> + if ( p2m_set_altp2m_mem_access(d, a.view, a.pfn, a.hvmmem_access) )
> + rc = 0;
> +
> + param_fail14:
> + rcu_unlock_domain(d);
> + break;
> + }
> +
> + case HVMOP_altp2m_change_pfn:
> + {
> + struct xen_hvm_altp2m_change_pfn a;
> + struct domain *d;
> +
> + if ( copy_from_guest(&a, arg, 1) )
> + return -EFAULT;
> +
> + d = rcu_lock_domain_by_any_id(a.domid);
> + if ( d == NULL )
> + return -ESRCH;
> +
> + rc = -EINVAL;
> + if ( !is_hvm_domain(d) || !hvm_altp2m_supported() ||
> + !d->arch.altp2m_active )
> + goto param_fail15;
> +
> + if ( p2m_change_altp2m_pfn(d, a.view, a.old_pfn, a.new_pfn) )
> + rc = 0;
> +
> + param_fail15:
> + rcu_unlock_domain(d);
> + break;
> + }
> +
> default:
> {
> gdprintk(XENLOG_DEBUG, "Bad HVM op %ld.\n", op);
> diff --git a/xen/include/public/hvm/hvm_op.h b/xen/include/public/hvm/hvm_op.h
> index cde3571..f6abce9 100644
> --- a/xen/include/public/hvm/hvm_op.h
> +++ b/xen/include/public/hvm/hvm_op.h
> @@ -389,6 +389,75 @@ DEFINE_XEN_GUEST_HANDLE(xen_hvm_evtchn_upcall_vector_t);
>
> #endif /* defined(__i386__) || defined(__x86_64__) */
>
We have an upper ABI limit of 255 HVMOPs. As such, I would recommend
having a single HVMOP_altp2m and a subop which lives as the first
parameter in any structure.
~Andrew
> +/* Set/get the altp2m state for a domain */
> +#define HVMOP_altp2m_set_domain_state 24
> +#define HVMOP_altp2m_get_domain_state 25
> +struct xen_hvm_altp2m_domain_state {
> + /* Domain to be updated or queried */
> + domid_t domid;
> + /* IN or OUT variable on/off */
> + uint8_t state;
> +};
> +typedef struct xen_hvm_altp2m_domain_state xen_hvm_altp2m_domain_state_t;
> +DEFINE_XEN_GUEST_HANDLE(xen_hvm_altp2m_domain_state_t);
> +
> +/* Set the current VCPU to receive altp2m event notifications */
> +#define HVMOP_altp2m_vcpu_enable_notify 26
> +struct xen_hvm_altp2m_vcpu_enable_notify {
> + /* #VE info area pfn */
> + uint64_t pfn;
> +};
> +typedef struct xen_hvm_altp2m_vcpu_enable_notify xen_hvm_altp2m_vcpu_enable_notify_t;
> +DEFINE_XEN_GUEST_HANDLE(xen_hvm_altp2m_vcpu_enable_notify_t);
> +
> +/* Create a new view */
> +#define HVMOP_altp2m_create_p2m 27
> +/* Destroy a view */
> +#define HVMOP_altp2m_destroy_p2m 28
> +/* Switch view for an entire domain */
> +#define HVMOP_altp2m_switch_p2m 29
> +struct xen_hvm_altp2m_view {
> + /* Domain to be updated */
> + domid_t domid;
> + /* IN/OUT variable */
> + uint16_t view;
> + /* Create view only: default access type
> + * NOTE: currently ignored */
> + uint16_t hvmmem_default_access; /* xenmem_access_t */
> +};
> +typedef struct xen_hvm_altp2m_view xen_hvm_altp2m_view_t;
> +DEFINE_XEN_GUEST_HANDLE(xen_hvm_altp2m_view_t);
> +
> +/* Notify that a page of memory is to have specific access types */
> +#define HVMOP_altp2m_set_mem_access 30
> +struct xen_hvm_altp2m_set_mem_access {
> + /* Domain to be updated. */
> + domid_t domid;
> + /* view */
> + uint16_t view;
> + /* Memory type */
> + uint16_t hvmmem_access; /* xenmem_access_t */
> + /* pfn */
> + uint64_t pfn;
> +};
> +typedef struct xen_hvm_altp2m_set_mem_access xen_hvm_altp2m_set_mem_access_t;
> +DEFINE_XEN_GUEST_HANDLE(xen_hvm_altp2m_set_mem_access_t);
> +
> +/* Change a p2m entry to map a different pfn */
> +#define HVMOP_altp2m_change_pfn 31
> +struct xen_hvm_altp2m_change_pfn {
> + /* Domain to be updated. */
> + domid_t domid;
> + /* view */
> + uint16_t view;
> + /* old pfn */
> + uint64_t old_pfn;
> + /* new pfn, -1 means revert */
> + uint64_t new_pfn;
> +};
> +typedef struct xen_hvm_altp2m_change_pfn xen_hvm_altp2m_change_pfn_t;
> +DEFINE_XEN_GUEST_HANDLE(xen_hvm_altp2m_change_pfn_t);
> +
> #endif /* __XEN_PUBLIC_HVM_HVM_OP_H__ */
>
> /*
next prev parent reply other threads:[~2015-06-24 13:58 UTC|newest]
Thread overview: 116+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-22 18:56 [PATCH v2 00/12] Alternate p2m: support multiple copies of host p2m Ed White
2015-06-22 18:56 ` [PATCH v2 01/12] VMX: VMFUNC and #VE definitions and detection Ed White
2015-06-24 8:45 ` Andrew Cooper
2015-06-22 18:56 ` [PATCH v2 02/12] VMX: implement suppress #VE Ed White
2015-06-24 9:35 ` Andrew Cooper
2015-06-29 14:20 ` George Dunlap
2015-06-29 14:31 ` Andrew Cooper
2015-06-29 15:03 ` George Dunlap
2015-06-29 16:21 ` Sahita, Ravi
2015-06-29 16:21 ` Ed White
2015-06-22 18:56 ` [PATCH v2 03/12] x86/HVM: Hardware alternate p2m support detection Ed White
2015-06-24 9:44 ` Andrew Cooper
2015-06-24 10:07 ` Jan Beulich
2015-06-22 18:56 ` [PATCH v2 04/12] x86/altp2m: basic data structures and support routines Ed White
2015-06-24 10:06 ` Andrew Cooper
2015-06-24 10:23 ` Jan Beulich
2015-06-24 17:20 ` Ed White
2015-06-24 10:29 ` Andrew Cooper
2015-06-24 11:14 ` Andrew Cooper
2015-06-26 21:17 ` Ed White
2015-06-27 19:25 ` Ed White
2015-06-29 13:00 ` Andrew Cooper
2015-06-29 16:23 ` Ed White
2015-06-24 14:44 ` Jan Beulich
2015-06-22 18:56 ` [PATCH v2 05/12] VMX/altp2m: add code to support EPTP switching and #VE Ed White
2015-06-24 11:59 ` Andrew Cooper
2015-06-24 17:31 ` Ed White
2015-06-24 17:40 ` Andrew Cooper
2015-06-22 18:56 ` [PATCH v2 06/12] VMX: add VMFUNC leaf 0 (EPTP switching) to emulator Ed White
2015-06-24 12:47 ` Andrew Cooper
2015-06-24 20:29 ` Ed White
2015-06-25 8:26 ` Jan Beulich
2015-06-24 14:26 ` Jan Beulich
2015-06-22 18:56 ` [PATCH v2 07/12] x86/altp2m: add control of suppress_ve Ed White
2015-06-24 13:05 ` Andrew Cooper
2015-06-24 14:38 ` Jan Beulich
2015-06-24 17:53 ` Ed White
2015-06-25 8:12 ` Jan Beulich
2015-06-25 16:36 ` Ed White
2015-06-26 6:04 ` Jan Beulich
2015-06-26 16:27 ` Ed White
2015-07-06 17:12 ` George Dunlap
2015-07-06 17:35 ` Ed White
2015-07-06 18:29 ` George Dunlap
2015-07-06 18:43 ` Ed White
2015-07-07 10:10 ` George Dunlap
2015-07-07 16:24 ` Ed White
2015-07-07 17:33 ` George Dunlap
2015-07-07 17:38 ` Sahita, Ravi
2015-07-08 7:24 ` Jan Beulich
2015-07-08 10:12 ` Tim Deegan
2015-07-08 12:51 ` George Dunlap
2015-07-08 7:23 ` Jan Beulich
2015-07-07 8:04 ` Jan Beulich
2015-06-22 18:56 ` [PATCH v2 08/12] x86/altp2m: alternate p2m memory events Ed White
2015-06-24 13:09 ` Andrew Cooper
2015-06-24 16:01 ` Lengyel, Tamas
2015-06-24 18:02 ` Ed White
2015-06-22 18:56 ` [PATCH v2 09/12] x86/altp2m: add remaining support routines Ed White
2015-06-23 18:15 ` Lengyel, Tamas
2015-06-23 18:52 ` Ed White
2015-06-23 19:35 ` Lengyel, Tamas
2015-06-24 13:46 ` Andrew Cooper
2015-06-24 17:47 ` Ed White
2015-06-24 18:19 ` Andrew Cooper
2015-06-26 16:30 ` Ed White
2015-06-29 13:03 ` Andrew Cooper
2015-06-29 16:24 ` Ed White
2015-06-24 16:15 ` Lengyel, Tamas
2015-06-24 18:06 ` Ed White
2015-06-25 8:52 ` Ian Campbell
2015-06-25 16:27 ` Ed White
2015-06-25 12:44 ` Lengyel, Tamas
2015-06-25 13:40 ` Razvan Cojocaru
2015-06-25 16:48 ` Ed White
2015-06-25 17:39 ` Sahita, Ravi
2015-06-25 18:22 ` Razvan Cojocaru
2015-06-25 18:23 ` Lengyel, Tamas
2015-06-25 20:46 ` Ed White
2015-06-25 22:45 ` Lengyel, Tamas
2015-06-25 23:10 ` Ed White
2015-06-25 2:44 ` Lengyel, Tamas
2015-06-25 16:31 ` Ed White
2015-06-25 17:42 ` Lengyel, Tamas
2015-06-25 20:27 ` Ed White
2015-06-25 21:33 ` Lengyel, Tamas
2015-06-22 18:56 ` [PATCH v2 10/12] x86/altp2m: define and implement alternate p2m HVMOP types Ed White
2015-06-24 13:58 ` Andrew Cooper [this message]
2015-06-24 14:53 ` Jan Beulich
2015-06-22 18:56 ` [PATCH v2 11/12] x86/altp2m: Add altp2mhvm HVM domain parameter Ed White
2015-06-24 14:06 ` Andrew Cooper
2015-06-24 14:59 ` Jan Beulich
2015-06-24 17:57 ` Ed White
2015-06-24 18:08 ` Andrew Cooper
2015-06-25 8:34 ` Jan Beulich
2015-06-25 8:33 ` Jan Beulich
2015-06-22 18:56 ` [PATCH v2 12/12] x86/altp2m: XSM hooks for altp2m HVM ops Ed White
2015-06-26 19:24 ` Daniel De Graaf
2015-06-26 19:35 ` Ed White
2015-06-29 17:52 ` Daniel De Graaf
2015-06-29 17:55 ` Sahita, Ravi
2015-06-23 21:27 ` [PATCH v2 00/12] Alternate p2m: support multiple copies of host p2m Lengyel, Tamas
2015-06-23 22:25 ` Ed White
2015-06-24 5:39 ` Razvan Cojocaru
2015-06-24 13:32 ` Lengyel, Tamas
2015-06-24 13:37 ` Razvan Cojocaru
2015-06-24 16:43 ` Ed White
2015-06-24 21:34 ` Lengyel, Tamas
2015-06-24 22:02 ` Ed White
2015-06-24 22:45 ` Lengyel, Tamas
2015-06-24 22:55 ` Ed White
2015-06-25 9:00 ` Andrew Cooper
2015-06-25 16:38 ` Ed White
2015-06-25 17:29 ` Lengyel, Tamas
2015-06-25 20:34 ` Ed White
2015-06-24 14:10 ` Andrew Cooper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=558AB787.9000006@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=dgdegra@tycho.nsa.gov \
--cc=edmund.h.white@intel.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jbeulich@suse.com \
--cc=ravi.sahita@intel.com \
--cc=tim@xen.org \
--cc=tlengyel@novetta.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.