From: "Jan Beulich" <JBeulich@suse.com>
To: Xin Li <talons.lee@gmail.com>, Daniel de Graaf <dgdegra@tycho.nsa.gov>
Cc: Sergey Dyasli <sergey.dyasli@citrix.com>,
Stefano Stabellini <sstabellini@kernel.org>,
Wei Liu <wei.liu2@citrix.com>,
George Dunlap <George.Dunlap@eu.citrix.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Tim Deegan <tim@xen.org>,
xen-devel@lists.xen.org, Xin Li <xin.li@citrix.com>,
Ming Lu <ming.lu@citrix.com>
Subject: Re: [PATCH 2/2] xen/xsm: Add new SILO mode for XSM
Date: Tue, 03 Jul 2018 01:33:54 -0600 [thread overview]
Message-ID: <5B3B26E202000078001D0114@prv1-mh.provo.novell.com> (raw)
In-Reply-To: <20180703012629.507-2-xin.li@citrix.com>
>>> On 03.07.18 at 03:26, <talons.lee@gmail.com> wrote:
> v2
> To further discuss:
> 1) is the new Kconfig option XSM_SILO necessary?
> we can handle SILO similar as DUMMY, using exsting CONFIG_XSM.
>
> 2) explain "unmediated communication channel"
I'm confused: As said in the reply to patch 1, this section is generally
expected to contain information on what has changed from the prior
version. I take it the above item instead related to the "To further
discuss" sub-heading.
> 3) is it OK to use the indirect call dummy_xsm_ops.evtchn_unbound?
I'm not convinced it was worthwhile to send v2 with all of these still
open.
> +/*
> + * Check if inter-domain communication is allowed.
> + * Return true when pass check.
> + */
> +static bool silo_mode_dom_check(struct domain *ldom, struct domain *rdom)
> +{
> + struct domain *cur_dom = current->domain;
const (three times altogether)
> + return (is_control_domain(cur_dom) || is_control_domain(ldom) ||
> + is_control_domain(rdom) || ldom == rdom);
> +}
> +
> +static int silo_evtchn_unbound(struct domain *d1, struct evtchn *chn,
> + domid_t id2)
> +{
> + int rc = -EPERM;
> + struct domain *d2 = rcu_lock_domain_by_id(id2);
> + if ( d2 != NULL && silo_mode_dom_check(d1, d2) )
Blank line please between declaration(s) and statement(s). And
const on the local variable declaration again.
Also, is DOMID_SELF really not allowed here for id2? I don't think
so, looking at e.g. evtchn_alloc_unbound().
> +static int silo_grant_copy(struct domain *d1, struct domain *d2)
> +{
> + if ( silo_mode_dom_check(d1, d2) )
> + return dummy_xsm_ops.grant_copy(d1, d2);
> + return -EPERM;
> +}
I know transitive grants are a bad child, but they shouldn't be left out
altogether in deciding what SILO mode is going to mean. In fact it looks
to me as if there was no XSM check at all for the second half of a
transitive grant copy's domain handling (the recursive
acquire_grant_for_copy() call), which would mean that the fencing
SILO mode looks to mean to establish wouldn't be complete. Daniel?
Speaking of completeness: What about TMEM? Isn't one of the two
pool types also meant to allow page sharing between domains?
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
next prev parent reply other threads:[~2018-07-03 7:33 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-03 1:26 [PATCH 1/2] xen/xsm: Introduce new boot parameter xsm Xin Li
2018-07-03 1:26 ` [PATCH 2/2] xen/xsm: Add new SILO mode for XSM Xin Li
2018-07-03 7:33 ` Jan Beulich [this message]
2018-07-03 9:07 ` Xin Li (Talons)
2018-07-03 10:15 ` Jan Beulich
2018-07-03 10:53 ` Xin Li (Talons)
2018-07-03 6:10 ` [PATCH 1/2] xen/xsm: Introduce new boot parameter xsm Xin Li (Talons)
2018-07-03 7:12 ` Jan Beulich
2018-07-03 8:58 ` Xin Li (Talons)
2018-07-04 16:54 ` George Dunlap
2018-07-05 1:38 ` Xin Li (Talons)
2018-08-17 19:11 ` Daniel De Graaf
-- strict thread matches above, loose matches on Subject: below --
2018-09-29 9:22 Xin Li
2018-09-29 9:22 ` [PATCH 2/2] xen/xsm: Add new SILO mode for XSM Xin Li
2018-10-02 9:33 ` Jan Beulich
2018-10-08 7:49 ` Xin Li (Talons)
2018-10-08 8:28 ` Jan Beulich
2018-09-28 8:18 [PATCH 1/2] xen/xsm: Introduce new boot parameter xsm Xin Li
2018-09-28 8:18 ` [PATCH 2/2] xen/xsm: Add new SILO mode for XSM Xin Li
2018-09-28 17:24 ` Daniel De Graaf
2018-06-29 9:28 [PATCH 1/2] xen/xsm: Introduce new boot parameter xsm Xin Li
2018-06-29 9:28 ` [PATCH 2/2] xen/xsm: Add new SILO mode for XSM Xin Li
2018-06-29 9:51 ` Andrew Cooper
2018-07-02 6:42 ` Xin Li (Talons)
2018-06-29 10:36 ` Jan Beulich
2018-07-02 6:57 ` Xin Li (Talons)
2018-07-02 7:28 ` Jan Beulich
2018-07-02 9:22 ` Xin Li (Talons)
2018-07-02 9:38 ` Jan Beulich
2018-07-23 10:45 ` Xin Li (Talons)
2018-07-24 7:49 ` Jan Beulich
2018-07-24 8:18 ` Xin Li (Talons)
2018-08-17 19:25 ` Daniel De Graaf
2018-06-29 13:21 ` Julien Grall
2018-07-02 6:41 ` Xin Li (Talons)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5B3B26E202000078001D0114@prv1-mh.provo.novell.com \
--to=jbeulich@suse.com \
--cc=George.Dunlap@eu.citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=dgdegra@tycho.nsa.gov \
--cc=ming.lu@citrix.com \
--cc=sergey.dyasli@citrix.com \
--cc=sstabellini@kernel.org \
--cc=talons.lee@gmail.com \
--cc=tim@xen.org \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
--cc=xin.li@citrix.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.