On 10.02.2021 16:24, Roger Pau Monné wrote: > On Wed, Feb 10, 2021 at 02:12:38PM +0100, Jan Beulich wrote: >> On 10.02.2021 12:54, Roger Pau Monné wrote: >>> On Wed, Feb 10, 2021 at 11:48:40AM +0000, Julien Grall wrote: >>>> It feels wrong to me to setup a per-domain mapping when initializing the >>>> first vCPU. >>>> >>>> But, I was under the impression that there is plan to remove >>>> XEN_DOMCTL_max_vcpus. So it would only buy just a bit of time... >>> >>> I was also under that impression. We could setup the lapic access page >>> at vlapic_init for the BSP (which is part of XEN_DOMCTL_max_vcpus >>> ATM). >>> >>> But then I think there should be some kind of check to prevent >>> populating either the CPU or the IOMMU page tables at domain creation >>> hypercall, and so the logic to free CPU table tables on failure could >>> be removed. >> >> I can spot paging_final_teardown() on an error path there, but I >> don't suppose that's what you mean? I guess I'm not looking in >> the right place (there are quite a few after all) ... > > Well, I assume some freeing of the EPT page tables must happen on > error paths, or else we would be leaking them like IOMMU tables are > leaked currently?
Well, you can't eliminate paging_final_teardown() from that error path because it frees internal structures. It _also_ sets HAP's / shadow's allocation to zero, so has the side effect of freeing why may have been CPU page tables. Jan
