WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] yanked share, round 2

from [King, Steven R] [Permanent Link][Original]
To: <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] yanked share, round 2
From: "King, Steven R" <steven.r.king@xxxxxxxxx>
Date: Fri, 13 Jan 2006 11:07:48 -0800
Delivery-date: Fri, 13 Jan 2006 19:14:36 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcYYdKR+C0iJzAyIR4arK/GSCSnZRg==
Thread-topic: yanked share, round 2
Hi folks,
A previous thread discussed complications around DomU's sharing memory pages with each other:
 
To summarize, DomU's get into trouble, e.g. unable to shutdown, unless the remote DomU's play nice.  Since DomU's do not trust each other, that is problematic.  I'd like to discuss how to clean away this dependency.
 
Here's one idea.  The goal is to robustly decouple the sharing and remote domains.
 
Grant tables add a new GTF_safe flag, settable by the sharing DomU.
In order to map a GTF_safe page, a remote domain must provide a page of its own, which I'll call an "under page".
Xen holds the under-page on behalf of the remote DomU and maps the shared page into the remote DomU's machine.
At any time, the sharing DomU can unshare the page, crash, etc, which ends ALL foreign access to that page, not just new mappings.
For each remote domain that still maps the unshared page, Xen maps the remote's under-page in place of the unshared page.
The remote domain can unmap at any time and recover its under-page.
 
The purpose of the under-page is to plug the memory hole in the remote DomU created by a surprise unsharing.  A nervous remote DomU could check that a share is GTF_safe before proceeding to map the page.
 
Good, bad or ugly?
-steve
 
 
 
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Ownership of machine pages: Was: [Xen-devel] Essay on an important Xen decision (long), Magenheimer, Dan (HP Labs Fort Collins)
Next by Date:  Re: [Xen-devel] yanked share, round 2, Keir Fraser
Previous by Thread:  [Xen-devel] dom0_mem more flexible?, Marcus Hardt
Next by Thread:  Re: [Xen-devel] yanked share, round 2, Keir Fraser
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy