xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
From: Jan Beulich <jbeulich@suse.com>
To: "Roger Pau Monné" <roger.pau@citrix.com>
Cc: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>,
	Andrew Cooper <andrew.cooper3@citrix.com>, Wei Liu <wl@xen.org>,
	Julien Grall <julien@xen.org>,
	Stefano Stabellini <sstabellini@kernel.org>,
	Volodymyr Babchuk <volodymyr_babchuk@epam.com>,
	Bertrand Marquis <bertrand.marquis@arm.com>,
	Henry Wang <Henry.Wang@arm.com>
Subject: Re: [PATCH][4.17] EFI: don't convert memory marked for runtime use to ordinary RAM
Date: Tue, 4 Oct 2022 12:44:16 +0200	[thread overview]
Message-ID: <db9856f9-1777-8fe5-5b5a-ef3f132193dc@suse.com> (raw)
In-Reply-To: <YzwNGd0wiAbhDR9e@MacBook-Air-de-Roger.local>

On 04.10.2022 12:38, Roger Pau Monné wrote:
> On Tue, Oct 04, 2022 at 12:23:23PM +0200, Jan Beulich wrote:
>> On 04.10.2022 11:33, Roger Pau Monné wrote:
>>> On Tue, Oct 04, 2022 at 10:06:36AM +0200, Jan Beulich wrote:
>>>> On 30.09.2022 16:28, Roger Pau Monné wrote:
>>>>> On Fri, Sep 30, 2022 at 09:50:40AM +0200, Jan Beulich wrote:
>>>>>> efi_init_memory() in both relevant places is treating EFI_MEMORY_RUNTIME
>>>>>> higher priority than the type of the range. To avoid accessing memory at
>>>>>> runtime which was re-used for other purposes, make
>>>>>> efi_arch_process_memory_map() follow suit. While on x86 in theory the
>>>>>> same would apply to EfiACPIReclaimMemory, we don't actually "reclaim"
>>>>>> E820_ACPI memory there and hence that type's handling can be left alone.
>>>>>
>>>>> What about dom0?  Should it be translated to E820_RESERVED so that
>>>>> dom0 doesn't try to use it either?
>>>>
>>>> I'm afraid I don't understand the questions. Not the least because I
>>>> think "it" can't really mean "dom0" from the earlier sentence.
>>>
>>> Sorry, let me try again:
>>>
>>> The memory map provided to dom0 will contain E820_ACPI entries for
>>> memory ranges with the EFI_MEMORY_RUNTIME attributes in the EFI memory
>>> map.  Is there a risk from dom0 reclaiming such E820_ACPI ranges,
>>> overwriting the data needed for runtime services?
>>
>> How would Dom0 go about doing so? It has no control over what we hand
>> to the page allocator - it can only free pages which were actually
>> allocated to it. E820_ACPI and E820_RESERVED pages are assigned to
>> DomIO - Dom0 can map and access them, but it cannot free them.
> 
> Maybe I'm very confused, but what about dom0 overwriting the data
> there, won't it cause issues to runtime services?

If it overwrites it, of course there are going to be issues. Just like
there are going to be problems from anything else Dom0 does wrong.

> If the memory is reported in the memory map provided to dom0 as
> E820_ACPI dom0 is free to reclaim the region for it's own usage.

Could you outline to me how such a "reclaim" process would look like?
For the range to become ordinary RAM, Xen needs to be involved. But
there's no hypercall allowing Dom0 to free a page which wasn't
allocated to it. And the Dom0 kernel simply re-using the range as if
it was RAM is flawed - it would break the latest once Dom0 would try
to balloon out such a page.

Jan


  reply	other threads:[~2022-10-04 10:44 UTC|newest]

Thread overview: 33+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-09-30  7:50 [PATCH][4.17] EFI: don't convert memory marked for runtime use to ordinary RAM Jan Beulich
2022-09-30 11:55 ` Bertrand Marquis
2022-09-30 12:47 ` Luca Fancellu
2022-09-30 12:51 ` Bertrand Marquis
2022-10-04 15:58   ` Jan Beulich
2022-10-05 10:44     ` Julien Grall
2022-10-05 11:55       ` Jan Beulich
2022-10-05 18:09         ` Julien Grall
2022-10-06  8:39           ` Jan Beulich
2022-10-06 14:11             ` Jan Beulich
2022-10-08 19:08               ` Julien Grall
2022-10-10  6:20                 ` Jan Beulich
2022-10-10 23:58                   ` Stefano Stabellini
2022-10-11  7:52                     ` Bertrand Marquis
2022-09-30 12:53 ` Andrew Cooper
2022-09-30 13:07   ` Jan Beulich
2022-09-30 13:35   ` Bertrand Marquis
2022-09-30 14:28 ` Roger Pau Monné
2022-10-04  8:06   ` Jan Beulich
2022-10-04  9:33     ` Roger Pau Monné
2022-10-04 10:23       ` Jan Beulich
2022-10-04 10:38         ` Roger Pau Monné
2022-10-04 10:44           ` Jan Beulich [this message]
2022-10-04 10:54             ` Roger Pau Monné
2022-10-04 12:18               ` Jan Beulich
2022-10-04 12:52                 ` Roger Pau Monné
2022-10-04 13:10                   ` Jan Beulich
2022-10-04 14:01                     ` Roger Pau Monné
2022-10-04 14:39                       ` Jan Beulich
2022-10-04 15:20                         ` Roger Pau Monné
2022-10-04 15:55                           ` Jan Beulich
2022-10-04 10:49         ` Andrew Cooper
2022-10-04 11:09           ` Jan Beulich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=db9856f9-1777-8fe5-5b5a-ef3f132193dc@suse.com \
    --to=jbeulich@suse.com \
    --cc=Henry.Wang@arm.com \
    --cc=andrew.cooper3@citrix.com \
    --cc=bertrand.marquis@arm.com \
    --cc=julien@xen.org \
    --cc=roger.pau@citrix.com \
    --cc=sstabellini@kernel.org \
    --cc=volodymyr_babchuk@epam.com \
    --cc=wl@xen.org \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).