public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed
From: Zachary Amsden <zach@vmware.com>
To: Andi Kleen <ak@muc.de>
Cc: Linus Torvalds <torvalds@osdl.org>,
	Jeffrey Sheldon <jeffshel@vmware.com>,
	Ole Agesen <agesen@vmware.com>, Shai Fultheim <shai@scalex86.org>,
	Andrew Morton <akpm@odsl.org>, Jack Lo <jlo@vmware.com>,
	Ingo Molnar <mingo@elte.hu>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	Virtualization Mailing List <virtualization@lists.osdl.org>,
	Chris Wright <chrisw@osdl.org>, Martin Bligh <mbligh@mbligh.org>,
	Pratap Subrahmanyam <pratap@vmware.com>,
	Christopher Li <chrisl@vmware.com>,
	"H. Peter Anvin" <hpa@zytor.com>,
	Zwane Mwaikambo <zwane@arm.linux.org.uk>
Subject: Re: [PATCH 3/3] Gdt page isolation
Date: Fri, 23 Sep 2005 12:00:20 -0700	[thread overview]
Message-ID: <433450C4.2080104@vmware.com> (raw)
In-Reply-To: <20050922131714.GA97170@muc.de>

Andi Kleen wrote:

>> 	 * This grunge runs the startup process for
>> 	 * the targeted processor.
>> 	 */
>>+	cpu_gdt_descr[cpu].address = __get_free_page(GFP_KERNEL|__GFP_ZERO);
>>    
>>
>
>I can see why don't check it for NULL, but it's a ugly reason
>and would be better fixed. It at least needs a comment.
>
>-Andi (who would still prefer just going back to the array
>in head.S - would work as well and waste less memory) 
>  
>

The array in head.S does waste more memory if you compile for NR_CPUS >> 
actual cpus.  But the primary reason for allocating on individual pages 
is to preserve the hypervisor GDT entries for Xen.  Xen relies on a GDT 
virtualization technique which uses descriptors in the high part of the 
GDT.  Keep in mind, the GDT is a paged data structure.  So here is what 
they do:

Linear address space:

+---------------------------+  4GB
|                           | 
|  Xen code, heap           |
|                           |
|                           |
+---------------------------+
|                           |  GDT virtual mapping
|  Xen per-domain mappings  |==(page 15)====> hypervisor physical page
|                           |==(page 1-14)==> zeroed pages
|  GDT (16 pages)           |==(page 0)==+
+---------------------------+  -168 ? MB |
|                           |            |
|  MPT tables               |            |
|                           |            |
|                           |            |
+---------------------------+            |
|                           |            |
|  Guest kernel             |            |
|                           |            |
|                           |            |
|                           |            |
|                           |            |
|  GDT 256 bytes, read-only |============+==> guest physical page
|                           |
+---------------------------+  3GB


So, the GDT mapping which is live in the hypervisor consists of guest 
GDT pages following by blank pages, followed by a page which is reserved 
for Xen private GDT mappings.  The guest pages are mapped into the 
guest, read-only.

This imposes a strict requirement on the guest regarding sharing of data 
on the GDT pages; it is impossible to share arbitrary data, even if it 
is read-only.  All data on thes pages must conform to the rules for 
valid guest GDT descriptors, which only GDT and LDT entries are forced 
to do.

So while it is technically possible to share the per-cpu GDTs on the 
same set of pages, the entire thing must be padded, page-aligned, and 
zeroed of any unused data.  Unless you go to a complicated scheme where 
per-cpu GDTs are colored and shared, you have an arbitrary limit (240) 
on the number of virtual CPUs.

So for now, the approach Xen is currently using appears to be simplest 
and most flexible to implement in terms of one page per CPU for the GDT.

Zach

      parent reply	other threads:[~2005-09-23 19:00 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-09-22  7:49 [PATCH 3/3] Gdt page isolation Zachary Amsden
2005-09-22  8:59 ` Ingo Molnar
2005-09-22 13:17 ` Andi Kleen
2005-09-22 13:34   ` Ingo Molnar
2005-09-22 13:38     ` Andi Kleen
2005-09-23 19:00   ` Zachary Amsden [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=433450C4.2080104@vmware.com \
    --to=zach@vmware.com \
    --cc=agesen@vmware.com \
    --cc=ak@muc.de \
    --cc=akpm@odsl.org \
    --cc=chrisl@vmware.com \
    --cc=chrisw@osdl.org \
    --cc=hpa@zytor.com \
    --cc=jeffshel@vmware.com \
    --cc=jlo@vmware.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mbligh@mbligh.org \
    --cc=mingo@elte.hu \
    --cc=pratap@vmware.com \
    --cc=shai@scalex86.org \
    --cc=torvalds@osdl.org \
    --cc=virtualization@lists.osdl.org \
    --cc=zwane@arm.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox