From: "Roger Pau Monné" <roger.pau@citrix.com>
To: Jan Beulich <jbeulich@suse.com>
Cc: Anthony PERARD <anthony@xenproject.org>,
Juergen Gross <jgross@suse.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
George Dunlap <george.dunlap@citrix.com>,
Julien Grall <julien@xen.org>,
Stefano Stabellini <sstabellini@kernel.org>,
Christian Lindig <christian.lindig@citrix.com>,
David Scott <dave@recoil.org>,
Bertrand Marquis <bertrand.marquis@arm.com>,
Michal Orzel <michal.orzel@amd.com>,
Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>,
"Daniel P. Smith" <dpsmith@apertussolutions.com>,
xen-devel@lists.xenproject.org
Subject: Re: [PATCH for-4.19 v3 2/3] xen: enable altp2m at create domain domctl
Date: Wed, 22 May 2024 18:21:41 +0200 [thread overview]
Message-ID: <Zk4blZ9z6cn-ORrv@macbook> (raw)
In-Reply-To: <5484aab7-b15d-46c5-9ff1-9a5b54640acc@suse.com>
On Wed, May 22, 2024 at 03:34:29PM +0200, Jan Beulich wrote:
> On 22.05.2024 15:16, Roger Pau Monné wrote:
> > On Tue, May 21, 2024 at 12:30:32PM +0200, Jan Beulich wrote:
> >> On 17.05.2024 15:33, Roger Pau Monne wrote:
> >>> Enabling it using an HVM param is fragile, and complicates the logic when
> >>> deciding whether options that interact with altp2m can also be enabled.
> >>>
> >>> Leave the HVM param value for consumption by the guest, but prevent it from
> >>> being set. Enabling is now done using and additional altp2m specific field in
> >>> xen_domctl_createdomain.
> >>>
> >>> Note that albeit only currently implemented in x86, altp2m could be implemented
> >>> in other architectures, hence why the field is added to xen_domctl_createdomain
> >>> instead of xen_arch_domainconfig.
> >>>
> >>> Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
> >>
> >> Reviewed-by: Jan Beulich <jbeulich@suse.com> # hypervisor
> >> albeit with one question:
> >>
> >>> --- a/xen/arch/x86/domain.c
> >>> +++ b/xen/arch/x86/domain.c
> >>> @@ -637,6 +637,8 @@ int arch_sanitise_domain_config(struct xen_domctl_createdomain *config)
> >>> bool hap = config->flags & XEN_DOMCTL_CDF_hap;
> >>> bool nested_virt = config->flags & XEN_DOMCTL_CDF_nested_virt;
> >>> unsigned int max_vcpus;
> >>> + unsigned int altp2m_mode = MASK_EXTR(config->altp2m_opts,
> >>> + XEN_DOMCTL_ALTP2M_mode_mask);
> >>>
> >>> if ( hvm ? !hvm_enabled : !IS_ENABLED(CONFIG_PV) )
> >>> {
> >>> @@ -715,6 +717,26 @@ int arch_sanitise_domain_config(struct xen_domctl_createdomain *config)
> >>> return -EINVAL;
> >>> }
> >>>
> >>> + if ( config->altp2m_opts & ~XEN_DOMCTL_ALTP2M_mode_mask )
> >>> + {
> >>> + dprintk(XENLOG_INFO, "Invalid altp2m options selected: %#x\n",
> >>> + config->flags);
> >>> + return -EINVAL;
> >>> + }
> >>> +
> >>> + if ( altp2m_mode && nested_virt )
> >>> + {
> >>> + dprintk(XENLOG_INFO,
> >>> + "Nested virt and altp2m are not supported together\n");
> >>> + return -EINVAL;
> >>> + }
> >>> +
> >>> + if ( altp2m_mode && !hap )
> >>> + {
> >>> + dprintk(XENLOG_INFO, "altp2m is only supported with HAP\n");
> >>> + return -EINVAL;
> >>> + }
> >>
> >> Should this last one perhaps be further extended to permit altp2m with EPT
> >> only?
> >
> > Hm, yes, that would be more accurate as:
> >
> > if ( altp2m_mode && (!hap || !hvm_altp2m_supported()) )
>
> Wouldn't
>
> if ( altp2m_mode && !hvm_altp2m_supported() )
>
> suffice? hvm_funcs.caps.altp2m is not supposed to be set when no HAP,
> as long as HAP continues to be a pre-condition?
No, `hap` here signals whether the domain is using HAP, and we need to
take this int account, otherwise we would allow enabling altp2m for
domains using shadow.
Thanks, Roger.
next prev parent reply other threads:[~2024-05-22 16:22 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-17 13:33 [PATCH for-4.19 v3 0/3] xen/x86: support foreign mappings for HVM/PVH Roger Pau Monne
2024-05-17 13:33 ` [PATCH for-4.19 v3 1/3] xen/x86: account number of foreign mappings in the p2m Roger Pau Monne
2024-05-17 13:33 ` [PATCH for-4.19 v3 2/3] xen: enable altp2m at create domain domctl Roger Pau Monne
2024-05-17 13:54 ` Christian Lindig
2024-05-21 10:30 ` Jan Beulich
2024-05-22 13:16 ` Roger Pau Monné
2024-05-22 13:34 ` Jan Beulich
2024-05-22 16:21 ` Roger Pau Monné [this message]
2024-05-23 6:54 ` Jan Beulich
2024-05-23 11:36 ` Roger Pau Monné
2024-05-23 18:28 ` Stefano Stabellini
2024-05-24 13:28 ` Jürgen Groß
2024-05-17 13:33 ` [PATCH for-4.19 v3 3/3] xen/x86: remove foreign mappings from the p2m on teardown Roger Pau Monne
2024-05-29 7:24 ` [PATCH for-4.19 v3 0/3] xen/x86: support foreign mappings for HVM/PVH Jan Beulich
2024-05-29 7:41 ` Oleksii K.
2024-05-29 12:21 ` Julien Grall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Zk4blZ9z6cn-ORrv@macbook \
--to=roger.pau@citrix.com \
--cc=Volodymyr_Babchuk@epam.com \
--cc=andrew.cooper3@citrix.com \
--cc=anthony@xenproject.org \
--cc=bertrand.marquis@arm.com \
--cc=christian.lindig@citrix.com \
--cc=dave@recoil.org \
--cc=dpsmith@apertussolutions.com \
--cc=george.dunlap@citrix.com \
--cc=jbeulich@suse.com \
--cc=jgross@suse.com \
--cc=julien@xen.org \
--cc=michal.orzel@amd.com \
--cc=sstabellini@kernel.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.