From: "Roger Pau Monné" <roger.pau@citrix.com>
To: Jan Beulich <jbeulich@suse.com>
Cc: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>,
Andrew Cooper <andrew.cooper3@citrix.com>,
George Dunlap <george.dunlap@citrix.com>,
Julien Grall <julien@xen.org>,
Stefano Stabellini <sstabellini@kernel.org>, Wei Liu <wl@xen.org>
Subject: Re: [PATCH v3 1/8] domain: GADDR based shared guest area registration alternative - teardown
Date: Wed, 27 Sep 2023 12:42:11 +0200 [thread overview]
Message-ID: <ZRQHA0u5wPXkuILV@MacBookPdeRoger> (raw)
In-Reply-To: <4e1e0b28-bb0b-03f9-d62e-dd04846dd2e4@suse.com>
On Wed, Sep 27, 2023 at 11:55:19AM +0200, Jan Beulich wrote:
> On 27.09.2023 10:51, Roger Pau Monné wrote:
> > On Wed, May 03, 2023 at 05:54:47PM +0200, Jan Beulich wrote:
> > I guess we should also zap the runstate handlers, or else we might
> > corrupt guest state.
>
> So you think the guest might re-register a different area post resume?
> I can certainly add another patch to zap the handles; I don't think it
> should be done right here, not the least because if we see room for
> such behavior, that change may even want backporting.
For correctness it would be good to zap them, but there's no rush, as
I do think guests will set to the same address on resume.
> >> @@ -1568,6 +1572,19 @@ void unmap_vcpu_info(struct vcpu *v)
> >> put_page_and_type(mfn_to_page(mfn));
> >> }
> >>
> >> +/*
> >> + * This is only intended to be used for domain cleanup (or more generally only
> >> + * with at least the respective vCPU, if it's not the current one, reliably
> >> + * paused).
> >> + */
> >> +void unmap_guest_area(struct vcpu *v, struct guest_area *area)
> >
> > vcpu param could be const given the current code, but I assume this
> > will be changed by future patches. Same could be said about
> > guest_area but I'm confident that will change.
>
> True for both.
>
> >> +{
> >> + struct domain *d = v->domain;
> >> +
> >> + if ( v != current )
> >> + ASSERT(atomic_read(&v->pause_count) | atomic_read(&d->pause_count));
> >
> > Isn't this racy?
>
> It is, yes.
>
> > What guarantees that the vcpu won't be kicked just
> > after the check has been performed?
>
> Nothing. This check isn't any better than assertions towards an ordinary
> spinlock being held. I assume you realize that we've got a number of such
> assertions elsewhere already.
Right, but different from spinlock assertions, the code here could be
made safe just by pausing the vCPU?
Thanks, Roger.
next prev parent reply other threads:[~2023-09-27 10:42 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-03 15:53 [PATCH v3 0/8] runstate/time area registration by (guest) physical address Jan Beulich
2023-05-03 15:54 ` [PATCH v3 1/8] domain: GADDR based shared guest area registration alternative - teardown Jan Beulich
2023-09-27 8:51 ` Roger Pau Monné
2023-09-27 9:55 ` Jan Beulich
2023-09-27 10:42 ` Roger Pau Monné [this message]
2023-09-27 10:46 ` Jan Beulich
2023-09-27 10:50 ` Roger Pau Monné
2023-09-27 11:44 ` Jan Beulich
2023-05-03 15:55 ` [PATCH v3 2/8] domain: update GADDR based runstate guest area Jan Beulich
2023-09-27 9:44 ` Roger Pau Monné
2023-09-27 10:19 ` Jan Beulich
2023-05-03 15:55 ` [PATCH v3 3/8] x86: update GADDR based secondary time area Jan Beulich
2023-09-27 10:14 ` Roger Pau Monné
2023-05-03 15:56 ` [PATCH v3 4/8] x86/mem-sharing: copy GADDR based shared guest areas Jan Beulich
2023-05-03 17:14 ` Tamas K Lengyel
2023-05-04 7:44 ` Jan Beulich
2023-05-04 12:50 ` Tamas K Lengyel
2023-05-04 14:25 ` Jan Beulich
2023-09-27 11:08 ` Roger Pau Monné
2023-09-27 12:06 ` Jan Beulich
2023-09-27 14:05 ` Roger Pau Monné
2023-09-27 15:11 ` Jan Beulich
[not found] ` <CABfawhkn1xXA+qEjB4-HtOVUZHONDE6ngMJZPe3fSPtoAtmg+Q@mail.gmail.com>
2023-09-27 13:54 ` Roger Pau Monné
2023-05-03 15:57 ` [PATCH v3 5/8] domain: map/unmap " Jan Beulich
2023-09-27 14:53 ` Roger Pau Monné
2023-09-27 15:29 ` Jan Beulich
2023-05-03 15:57 ` [PATCH v3 6/8] domain: introduce GADDR based runstate area registration alternative Jan Beulich
2023-09-27 15:24 ` Roger Pau Monné
2023-09-27 15:36 ` Jan Beulich
2023-05-03 15:58 ` [PATCH v3 7/8] x86: introduce GADDR based secondary time " Jan Beulich
2023-09-27 15:50 ` Roger Pau Monné
2023-09-27 16:12 ` Jan Beulich
2023-05-03 15:58 ` [PATCH v3 8/8] common: convert vCPU info area registration Jan Beulich
2023-09-28 8:24 ` Roger Pau Monné
2023-09-28 9:53 ` Jan Beulich
2023-09-28 10:15 ` Roger Pau Monné
2023-09-28 10:35 ` Jan Beulich
2023-09-28 11:24 ` Roger Pau Monné
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZRQHA0u5wPXkuILV@MacBookPdeRoger \
--to=roger.pau@citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=george.dunlap@citrix.com \
--cc=jbeulich@suse.com \
--cc=julien@xen.org \
--cc=sstabellini@kernel.org \
--cc=wl@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.