So, the idea seems sound, and avoids the shadow lock altogether on a
bunch more pagefaults, which is nice.
I think that since PV pagetables are guaranteed to be read-only above
l1e, the guest_map_l1e and guest_get_eff_l1e functions can be allowed to
drop the shadow lock and call guest_walk_tables with shadow_op == 0.
That would mean that there are no callers left setting shadow_op to 1,
and then the shadow_op argument (and the whole mechanism for calling
remove_write_access from guest_walk_tables) could be removed.
I think that in guest_walk_tables, you need to add an rmb() after
reading the version number to stop the compiler from hoisting the
pagetable reads to before the version read.
- I'd like to see the "version" field called something more
descriptive, and moved into the shadow-specific domain state,
since HAP won't be using it.
- In shadow_check_gwalk, maybe return 1 at the top of the function if
the version number hasn't changed, rather than putting most of the
function inside an if()?
- You've added a second "not a shadow_fault" printout without removing
- We can remove the comment at the top of multi.c about reworking the
guest_walk TLB flush logic. :)
Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Principal Software Engineer, Citrix Systems (R&D) Ltd.
[Company #02300071, SL9 0DZ, UK.]
Xen-devel mailing list