xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
From: Andrew Cooper <andrew.cooper3@citrix.com>
To: George Dunlap <george.dunlap@citrix.com>, xen-devel@lists.xenproject.org
Cc: Razvan Cojocaru <rcojocaru@bitdefender.com>,
	Tamas K Lengyel <tamas.lengyel@zentific.com>,
	Tim Deegan <tim@xen.org>, Paul Durrant <paul.durrant@citrix.com>,
	Jan Beulich <jbeulich@suse.com>,
	Isaila Alexandru <aisaila@bitdefender.com>
Subject: Re: [RFC PATCH 2/2] x86/mm: Add mem access rights to NPT
Date: Wed, 26 Sep 2018 18:22:56 +0100	[thread overview]
Message-ID: <6c2e77c5-fe94-3644-8b33-ac8785e4d065@citrix.com> (raw)
In-Reply-To: <20180926164741.13405-2-george.dunlap@citrix.com>

On 26/09/18 17:47, George Dunlap wrote:
> From: Isaila Alexandru <aisaila@bitdefender.com>
>
> This patch adds access control for NPT mode.
>
> There aren’t enough extra bits to store the access rights in the NPT p2m
> table, so we add a radix tree to store extra information.

I'm sorry to re-open this argument, but why?

ISTR there being some argument based on pagetable sharing with the
IOMMU, but that doesn't work at the moment and can't reasonably be made
to work.  For one, attempting to use pt sharing will break as soon as
you try and DMA to a mapped grant.

I'm disinclined to let a broken vestigial feature get in the way of real
improvements.

Beyond that, an NPT PTE has basically the same number of software
available bits as an EPT PTE.

Am I missing anything?

>
> For efficiency:
>  - Only allocate this radix tree when we first store "non-default"
>    extra information
>
>  - Remove entires which match the default extra information rather
>    than continuing to store them
>
>  - For superpages, only store an entry for the first gfn in the
>    superpage.  Use the order of the p2m entry being read to determine
>    the proper place to look in the radix table.
>
> Modify p2m_type_to_flags() to accept and interpret an access value,
> parallel to the ept code.
>
> Add a set_default_access() method to the p2m-pt and p2m-ept versions
> of the p2m rather than setting it directly, to deal with different
> default permitted access values.
>
> Signed-off-by: Alexandru Isaila <aisaila@bitdefender.com>
> Signed-off-by: George Dunlap <george.dunlap@citrix.com>
> ---
> NB, this is compile-tested only.
>
> cc'ing Paul because this is functionality he may want at some point in
> the future.
>
> I'm not sure why we only allow 'int' to be stored in the radix tree,
> but that throws away 30-some bits we could otherwise use.  We might
> consider revising this if we run out of bits here.

Probably because we have a old fork of the Linux radix tree
functionality, rather than any specific reason to waste 30-some bits.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

  reply	other threads:[~2018-09-26 17:23 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-09-26 16:47 [RFC PATCH 1/2] mem_access: Fix npfec.kind propagation George Dunlap
2018-09-26 16:47 ` [RFC PATCH 2/2] x86/mm: Add mem access rights to NPT George Dunlap
2018-09-26 17:22   ` Andrew Cooper [this message]
2018-09-27 10:37     ` George Dunlap
2018-09-27 10:53       ` Paul Durrant
2019-01-09  9:30       ` Alexandru Stefan ISAILA
2018-09-27  9:38   ` Isaila Alexandru
2019-06-13 10:56   ` [Xen-devel] " Alexandru Stefan ISAILA
2019-06-17 10:48     ` George Dunlap
2019-06-17 11:58       ` Andrew Cooper
2019-06-13 15:19   ` Tamas Lengyel
2019-06-13 15:21     ` Razvan Cojocaru
2018-09-26 16:51 ` [RFC PATCH 1/2] mem_access: Fix npfec.kind propagation Tamas Lengyel
2018-09-26 17:00 ` Andrew Cooper
2018-09-27  7:04   ` Jan Beulich
2018-09-27  8:46     ` George Dunlap

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=6c2e77c5-fe94-3644-8b33-ac8785e4d065@citrix.com \
    --to=andrew.cooper3@citrix.com \
    --cc=aisaila@bitdefender.com \
    --cc=george.dunlap@citrix.com \
    --cc=jbeulich@suse.com \
    --cc=paul.durrant@citrix.com \
    --cc=rcojocaru@bitdefender.com \
    --cc=tamas.lengyel@zentific.com \
    --cc=tim@xen.org \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).