On Mon, Apr 12, 2021 at 05:24:41PM +0200, Jan Beulich wrote:
> On 12.04.2021 16:49, Roger Pau Monné wrote:
> > On Mon, Apr 12, 2021 at 12:07:12PM +0200, Jan Beulich wrote:
> >> On 12.04.2021 11:34, Roger Pau Monné wrote:
> >>> On Fri, Nov 27, 2020 at 05:54:57PM +0100, Jan Beulich wrote:
> >>>> --- a/xen/include/xen/sched.h
> >>>> +++ b/xen/include/xen/sched.h
> >>>> @@ -985,7 +985,7 @@ static always_inline bool is_control_dom
> >>>>
> >>>> static always_inline bool is_pv_domain(const struct domain *d)
> >>>> {
> >>>> - return IS_ENABLED(CONFIG_PV) &&
> >>>> + return IS_ENABLED(CONFIG_X86) &&
> >>>> evaluate_nospec(!(d->options & XEN_DOMCTL_CDF_hvm));
> >>>> }
> >>>>
> >>>> @@ -1011,7 +1011,7 @@ static always_inline bool is_pv_32bit_vc
> >>>>
> >>>> static always_inline bool is_pv_64bit_domain(const struct domain *d)
> >>>> {
> >>>> - if ( !is_pv_domain(d) )
> >>>> + if ( !IS_ENABLED(CONFIG_PV) || !is_pv_domain(d) )
> >>>> return false;
> >>>
> >>> I think overall is confusing to have a domain that returns true for
> >>> is_pv_domain but false for both is_pv_{64,32}bit_domain checks.
> >>>
> >>> I know those are only the system domains, but it feels confusing and
> >>> could cause mistakes in the future IMO, as then we would have to
> >>> carefully think where to use ( is_pv_64bit_domain(d)
> >>> || is_pv_32bit_domain(d) ) vs just using is_pv_domain(d), or
> >>> IS_ENABLED(CONFIG_PV) && is_pv_domain(d)
> >>
> >> Imo it's not "then we would have to carefully think where to use ..."
> >> but instead this patch is an indication that we should have been for
> >> quite some time. For this reason (coming back to your first comment
> >> at the top) I'm not sure adding a comment _there_ is actually useful.
> >> Every use of is_pv_*() needs carefully considering which domains are
> >> really meant.
> >
> > Maybe we shouldn't have used is_pv_domain as a way to hide code from
> > the compiler and instead always provide dummy functions, as even with
> > PV support compiled out we still need some of it for system domains.
> >
> > I'm not sure I have a good proposal to make, but it seems wrong to me
> > that is_pv_domain(d) could be different than is_pv_64bit_domain(d) ||
> > is_pv_32bit_domain(d).
>
> Hmm, so we're of opposite opinions - not sure what to do. Short of
> having / introducing is_system_domain() or some such (with all the
> needed auditing) I can't see how assuming the two would mean the
> same could ever have been true. With what we have is_pv_domain() is
> legitimately true for them, and both is_pv_{32,64}bit_domain() ought
> to be false (as there's no specific bitness associated with them)
> imo _at least_ when !PV.
It's all quite ugly, but I wasn't really getting your reasoning that
system domains can be considered PV domains without a bitness.
I think we both agree that long term having is_system_domain would be
the cleanest solution, but it needs a lot of auditing. I think I would
be fine if you could add a comment somewhere noting that system
domains can be identified as PV domains without a bitness, so that
it's likely less confusing in the future.
Thanks, Roger.
