From: Juergen Gross <jgross@suse.com>
To: Ian Jackson <ian.jackson@eu.citrix.com>, xen-devel@lists.xensource.com
Cc: Wei Liu <wei.liu2@citrix.com>,
George Dunlap <george.dunlap@eu.citrix.com>,
Dario Faggioli <dario.faggioli@citrix.com>,
Tim Deegan <tim@xen.org>, Jan Beulich <jbeulich@suse.com>
Subject: Re: [PATCH 3/3] xen: Document XEN_SYSCTL_CPUPOOL_OP_RMCPU anomalous EBUSY result
Date: Fri, 15 Apr 2016 07:35:46 +0200 [thread overview]
Message-ID: <57107DB2.6060809@suse.com> (raw)
In-Reply-To: <1460653660-6654-4-git-send-email-ian.jackson@eu.citrix.com>
On 14/04/16 19:07, Ian Jackson wrote:
> This is my attempt at understanding the situation, from reading
> descriptions provided on list in the context of toolstack patches
> which were attempting to work around the anomaly.
>
> The multiple `xxx' entries reflect 1. my lack of complete understanding
> 2. API defects which I think I have identified.
>
> Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
> Cc: Wei Liu <wei.liu2@citrix.com>
> CC: Dario Faggioli <dario.faggioli@citrix.com>
> CC: Juergen Gross <jgross@suse.com>
> CC: George Dunlap <george.dunlap@eu.citrix.com>
> CC: Jan Beulich <jbeulich@suse.com>
> CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> ---
> xen/include/public/sysctl.h | 28 ++++++++++++++++++++++++++++
> 1 file changed, 28 insertions(+)
>
> diff --git a/xen/include/public/sysctl.h b/xen/include/public/sysctl.h
> index 0849908..cfccf38 100644
> --- a/xen/include/public/sysctl.h
> +++ b/xen/include/public/sysctl.h
> @@ -560,6 +560,34 @@ struct xen_sysctl_cpupool_op {
> typedef struct xen_sysctl_cpupool_op xen_sysctl_cpupool_op_t;
> DEFINE_XEN_GUEST_HANDLE(xen_sysctl_cpupool_op_t);
>
> +/*
> + * cpupool operations may return EBUSY if the operation cannot be
> + * executed right now because of another cpupool operation which is
> + * still in progress. In this case, EBUSY means that the failed
> + * operation had no effect.
> + *
> + * Some operations including at least RMCPU (xxx which others?) may
Only this one.
> + * also return EBUSY because a guest has temporarily pinned one of its
> + * vcpus to the pcpu in question. It is the pious hope (xxx) of the
> + * author of this comment that this can only occur for domains which
> + * have been granted some kind of hardware privilege (eg passthrough).
Only the hardware domain is allowed to do this.
> + * In this case the operation may have been partially carried out and
> + * the pcpu is left in an anomalous state. In this state the pcpu may
> + * be used by some not readily predictable subset of the vcpus
> + * (domains) whose vcpus are in the old cpupool. (xxx is this true?)
Yes.
> + *
> + * This can be detected by seeing whether the pcpu can be added to a
> + * different cpupool. (xxx this is a silly interface; the situation
> + * should be reported by a different errno value, at least.) If the
I'm open for suggestions. :-)
> + * pcpu can't be added to a different cpupool for this reason,
> + * attempts to do so will returning (xxx what errno value?)
You might have guessed: EBUSY
> + *
> + * The anomalous situation can be recovered by adding the pcpu back to
> + * the cpupool it came from (xxx this permits a buggy or malicious
> + * guest to prevent the cpu ever being removed from its cpupool).
Only the hardware domain, which has other means to inject problems.
Juergen
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-04-15 5:35 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-14 17:07 [PATCH 0/3] Revert xc cpupool retries and document anomaly Ian Jackson
2016-04-14 17:07 ` [PATCH 1/3] libxc: Revert "do some retries in xc_cpupool_removecpu() for EBUSY case" Ian Jackson
2016-04-15 5:15 ` Juergen Gross
2016-04-15 7:46 ` Dario Faggioli
2016-04-14 17:07 ` [PATCH 2/3] xen: hypercall docs annotations for xen_sysctl_cpupool_op Ian Jackson
2016-04-14 20:37 ` Dario Faggioli
2016-04-15 10:27 ` Ian Jackson
2016-04-14 17:07 ` [PATCH 3/3] xen: Document XEN_SYSCTL_CPUPOOL_OP_RMCPU anomalous EBUSY result Ian Jackson
2016-04-14 17:24 ` Andrew Cooper
2016-04-14 17:56 ` Ian Jackson
2016-04-14 20:22 ` Dario Faggioli
2016-04-15 10:20 ` Ian Jackson
2016-04-15 10:43 ` Juergen Gross
2016-04-15 10:58 ` Dario Faggioli
2016-04-15 11:37 ` Juergen Gross
2016-04-15 13:20 ` Juergen Gross
2016-04-15 13:33 ` Dario Faggioli
2016-04-15 14:11 ` Ian Jackson
2016-04-15 14:39 ` Juergen Gross
2016-04-15 5:35 ` Juergen Gross [this message]
2016-04-15 7:42 ` Dario Faggioli
2016-04-15 14:12 ` Ian Jackson
2016-04-15 14:17 ` Konrad Rzeszutek Wilk
2016-04-15 14:34 ` Juergen Gross
2016-04-15 14:44 ` Ian Jackson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=57107DB2.6060809@suse.com \
--to=jgross@suse.com \
--cc=dario.faggioli@citrix.com \
--cc=george.dunlap@eu.citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jbeulich@suse.com \
--cc=tim@xen.org \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).