Jan Beulich <mailto:jbeulich@xxxxxxxxxx> wrote:
>>>> "Jiang, Yunhong" <yunhong.jiang@xxxxxxxxx> 20.03.09 03:52 >>>
>> The method to exchange the offline pending page for PV domain is: 1)
>> Suspend the guest. 2) Allocate a new page for the guest
>> 3) Get a copy for the content
>> 4) User space tools will scan all page table page to see if
> any reference to the offending page, if yes, then it will
> hypercall to Xen
>> to replace the entry to point to the new one. (Through the mmu_*ops)
>> 5) After update all page tables, user space tools will try to
> exchange the old page with the new page. If the new mfn has no
>> reference anymore (i.e. count_info & count_mask = 1), the
> exchange will update the m2p and return success, otherwise it will
>> return fail. (the page may be referenced by other domain,
> like grant table or foreign mapped).
>
> Hmm, if you consider the possibility of this case, then you
> should also consider the possibility of a page still being
> accessible by another domain at the point where you copy its
> content, but no longer in use when you do the exchange (which
> means that the content may have changed between the two points
> in time).
Aha, yes, thanks for pointing this. I considerd this but apparently missed this
race condition.
When the page is freed, we can't map the page from the user space anymore, so
we have to do it in the exchange hypercall to gurantee the atomic.
Keir, I checked the XENMEM_exchange before, and it didn't do the copy, are
there any reason for that? Or if we can add the copy to it?
Thanks
Yunhong Jiang
>
>> 6) If step 5 is success, user space tools will update the
> content of the new page and the p2m table, else it will try to
> undo step 4
>> to revert page table changes.
>> 7) Resume the guest.
>
> Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|