Hi,
On 11/06/2019 11:22, Andrii Anisov wrote:
On 11.06.19 12:10, Jan Beulich wrote:
@@ -35,8 +37,16 @@ arch_compat_vcpu_op(
!compat_handle_okay(area.addr.h, 1) )
break;
+ while( xchg(&v->runstate_in_use, 1) == 0);
At the very least such loops want a cpu_relax() in their bodies.
But this being on a hypercall path - are there theoretical guarantees
that a guest can't abuse this to lock up a CPU?
Hmmm, I suggested this but it looks like a guest may call the hypercall multiple
time from different vCPU. So this could be a way to delay work on the CPU.
Julien, I'm not sure I understand how work on (p?)CPU could be delayed. We are
here with interrupts enabled, so here guest would just spend his own vcpu time
budget.
Xen only supports only voluntary preemption. This means that if the hypercall
run for a long time, you have no way to interrupt it and schedule another vCPU.
In other words, the rest of the work on that specific pCPU would be delayed.
In this context, I think Jan is seeking guarantees that the lock can be taken in
timely manner. If not, then we want to use a try-lock style.
Cheers,
--
Julien Grall
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
