Currently there is only one user of in_atomic(), and that is in an
#ifdef 0 section. This has been so since Xen 4.1, so chances are
rather slim we suddenly want to enable it again.
Dropping in_atomic() will remove the last user of preempt_count()
in non-debug builds enabling further optimizations.
Signed-off-by: Juergen Gross <jgross@suse.com>
---
xen/arch/x86/hvm/hvm.c | 16 ----------------
xen/common/preempt.c | 5 -----
xen/include/xen/preempt.h | 2 --
3 files changed, 23 deletions(-)
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 8993c2aa57..7b36765b97 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -3185,22 +3185,6 @@ static enum hvm_translation_result __hvm_copy(
ASSERT(is_hvm_vcpu(v));
- /*
- * XXX Disable for 4.1.0: PV-on-HVM drivers will do grant-table ops
- * such as query_size. Grant-table code currently does copy_to/from_guest
- * accesses under the big per-domain lock, which this test would disallow.
- * The test is not needed until we implement sleeping-on-waitqueue when
- * we access a paged-out frame, and that's post 4.1.0 now.
- */
-#if 0
- /*
- * If the required guest memory is paged out, this function may sleep.
- * Hence we bail immediately if called from atomic context.
- */
- if ( in_atomic() )
- return HVMTRANS_unhandleable;
-#endif
-
while ( todo > 0 )
{
enum hvm_translation_result res;
diff --git a/xen/common/preempt.c b/xen/common/preempt.c
index 3b4178fd44..20913e20d3 100644
--- a/xen/common/preempt.c
+++ b/xen/common/preempt.c
@@ -25,11 +25,6 @@
DEFINE_PER_CPU(unsigned int, __preempt_count);
-bool_t in_atomic(void)
-{
- return preempt_count() || in_irq() || !local_irq_is_enabled();
-}
-
#ifndef NDEBUG
void ASSERT_NOT_IN_ATOMIC(void)
{
diff --git a/xen/include/xen/preempt.h b/xen/include/xen/preempt.h
index bef83135a1..f715ca09bc 100644
--- a/xen/include/xen/preempt.h
+++ b/xen/include/xen/preempt.h
@@ -26,8 +26,6 @@ DECLARE_PER_CPU(unsigned int, __preempt_count);
preempt_count()--; \
} while (0)
-bool_t in_atomic(void);
-
#ifndef NDEBUG
void ASSERT_NOT_IN_ATOMIC(void);
#else
--
2.16.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-develOn 22/05/2019 10:45, Juergen Gross wrote: > Currently there is only one user of in_atomic(), and that is in an > #ifdef 0 section. This has been so since Xen 4.1, so chances are > rather slim we suddenly want to enable it again. > > Dropping in_atomic() will remove the last user of preempt_count() > in non-debug builds enabling further optimizations. > > Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> This code has never been used and is obviously not doing anything useful. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
>>> On 22.05.19 at 11:45, <jgross@suse.com> wrote: > --- a/xen/arch/x86/hvm/hvm.c > +++ b/xen/arch/x86/hvm/hvm.c > @@ -3185,22 +3185,6 @@ static enum hvm_translation_result __hvm_copy( > > ASSERT(is_hvm_vcpu(v)); > > - /* > - * XXX Disable for 4.1.0: PV-on-HVM drivers will do grant-table ops > - * such as query_size. Grant-table code currently does copy_to/from_guest > - * accesses under the big per-domain lock, which this test would disallow. > - * The test is not needed until we implement sleeping-on-waitqueue when > - * we access a paged-out frame, and that's post 4.1.0 now. > - */ > -#if 0 > - /* > - * If the required guest memory is paged out, this function may sleep. > - * Hence we bail immediately if called from atomic context. > - */ > - if ( in_atomic() ) > - return HVMTRANS_unhandleable; > -#endif Dealing with this TODO item is of course much appreciated, but should it really be deleted altogether? The big-domain-lock issue is gone afair, in which case dropping the #if 0 would seem possible to me, even if it's not strictly needed without the sleep- on-waitqueue behavior mentioned. Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
On 22/05/2019 12:10, Jan Beulich wrote:
>>>> On 22.05.19 at 11:45, <jgross@suse.com> wrote:
>> --- a/xen/arch/x86/hvm/hvm.c
>> +++ b/xen/arch/x86/hvm/hvm.c
>> @@ -3185,22 +3185,6 @@ static enum hvm_translation_result __hvm_copy(
>>
>> ASSERT(is_hvm_vcpu(v));
>>
>> - /*
>> - * XXX Disable for 4.1.0: PV-on-HVM drivers will do grant-table ops
>> - * such as query_size. Grant-table code currently does copy_to/from_guest
>> - * accesses under the big per-domain lock, which this test would disallow.
>> - * The test is not needed until we implement sleeping-on-waitqueue when
>> - * we access a paged-out frame, and that's post 4.1.0 now.
>> - */
>> -#if 0
>> - /*
>> - * If the required guest memory is paged out, this function may sleep.
>> - * Hence we bail immediately if called from atomic context.
>> - */
>> - if ( in_atomic() )
>> - return HVMTRANS_unhandleable;
>> -#endif
>
> Dealing with this TODO item is of course much appreciated, but
> should it really be deleted altogether? The big-domain-lock issue
> is gone afair, in which case dropping the #if 0 would seem
> possible to me, even if it's not strictly needed without the sleep-
> on-waitqueue behavior mentioned.
I just had a look and found the following path:
do_domctl() (takes domctl_lock and hypercall_deadlock_mutex)
arch_do_domctl()
raw_copy_from_guest()
copy_from_user_hvm()
hvm_copy_from_guest_linear()
__hvm_copy()
So no, we can't do the in_atomic() test IMO.
Juergen
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
>>> On 24.05.19 at 07:41, <jgross@suse.com> wrote: > On 22/05/2019 12:10, Jan Beulich wrote: >>>>> On 22.05.19 at 11:45, <jgross@suse.com> wrote: >>> --- a/xen/arch/x86/hvm/hvm.c >>> +++ b/xen/arch/x86/hvm/hvm.c >>> @@ -3185,22 +3185,6 @@ static enum hvm_translation_result __hvm_copy( >>> >>> ASSERT(is_hvm_vcpu(v)); >>> >>> - /* >>> - * XXX Disable for 4.1.0: PV-on-HVM drivers will do grant-table ops >>> - * such as query_size. Grant-table code currently does copy_to/from_guest >>> - * accesses under the big per-domain lock, which this test would disallow. >>> - * The test is not needed until we implement sleeping-on-waitqueue when >>> - * we access a paged-out frame, and that's post 4.1.0 now. >>> - */ >>> -#if 0 >>> - /* >>> - * If the required guest memory is paged out, this function may sleep. >>> - * Hence we bail immediately if called from atomic context. >>> - */ >>> - if ( in_atomic() ) >>> - return HVMTRANS_unhandleable; >>> -#endif >> >> Dealing with this TODO item is of course much appreciated, but >> should it really be deleted altogether? The big-domain-lock issue >> is gone afair, in which case dropping the #if 0 would seem >> possible to me, even if it's not strictly needed without the sleep- >> on-waitqueue behavior mentioned. > > I just had a look and found the following path: > > do_domctl() (takes domctl_lock and hypercall_deadlock_mutex) > arch_do_domctl() > raw_copy_from_guest() > copy_from_user_hvm() > hvm_copy_from_guest_linear() > __hvm_copy() > > So no, we can't do the in_atomic() test IMO. Oh, right - that's a PVH constraint that could probably not even be thought of that the time the comment was written. I'm still of the opinion though that at least the still applicable part of the comment should be kept in place. Whether this means also keeping in_atomic() itself is then an independent question, i.e. I wouldn't consider it overly bad if there was no implementation in the tree, but the above still served as documentation of what would need to be re-added. Still my preference would be for it to be kept. Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
On 24/05/2019 08:38, Jan Beulich wrote: >>>> On 24.05.19 at 07:41, <jgross@suse.com> wrote: >> On 22/05/2019 12:10, Jan Beulich wrote: >>>>>> On 22.05.19 at 11:45, <jgross@suse.com> wrote: >>>> --- a/xen/arch/x86/hvm/hvm.c >>>> +++ b/xen/arch/x86/hvm/hvm.c >>>> @@ -3185,22 +3185,6 @@ static enum hvm_translation_result __hvm_copy( >>>> >>>> ASSERT(is_hvm_vcpu(v)); >>>> >>>> - /* >>>> - * XXX Disable for 4.1.0: PV-on-HVM drivers will do grant-table ops >>>> - * such as query_size. Grant-table code currently does copy_to/from_guest >>>> - * accesses under the big per-domain lock, which this test would disallow. >>>> - * The test is not needed until we implement sleeping-on-waitqueue when >>>> - * we access a paged-out frame, and that's post 4.1.0 now. >>>> - */ >>>> -#if 0 >>>> - /* >>>> - * If the required guest memory is paged out, this function may sleep. >>>> - * Hence we bail immediately if called from atomic context. >>>> - */ >>>> - if ( in_atomic() ) >>>> - return HVMTRANS_unhandleable; >>>> -#endif >>> >>> Dealing with this TODO item is of course much appreciated, but >>> should it really be deleted altogether? The big-domain-lock issue >>> is gone afair, in which case dropping the #if 0 would seem >>> possible to me, even if it's not strictly needed without the sleep- >>> on-waitqueue behavior mentioned. >> >> I just had a look and found the following path: >> >> do_domctl() (takes domctl_lock and hypercall_deadlock_mutex) >> arch_do_domctl() >> raw_copy_from_guest() >> copy_from_user_hvm() >> hvm_copy_from_guest_linear() >> __hvm_copy() >> >> So no, we can't do the in_atomic() test IMO. > > Oh, right - that's a PVH constraint that could probably not even > be thought of that the time the comment was written. I'm still > of the opinion though that at least the still applicable part of > the comment should be kept in place. Whether this means also > keeping in_atomic() itself is then an independent question, i.e. > I wouldn't consider it overly bad if there was no implementation > in the tree, but the above still served as documentation of what > would need to be re-added. Still my preference would be for it > to be kept. Would you be okay with replacing the removed stuff above with: /* * If the required guest memory is paged out this function may sleep. * So in theory we should bail out if called in atomic context. * Unfortunately this is true for PVH dom0 doing domctl calls which * holds the domctl lock when accessing dom0 memory. OTOH dom0 memory * should never be paged out, so we are fine without testing for * atomic context. */ Juergen _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
>>> On 24.05.19 at 10:34, <jgross@suse.com> wrote: > On 24/05/2019 08:38, Jan Beulich wrote: >>>>> On 24.05.19 at 07:41, <jgross@suse.com> wrote: >>> On 22/05/2019 12:10, Jan Beulich wrote: >>>>>>> On 22.05.19 at 11:45, <jgross@suse.com> wrote: >>>>> --- a/xen/arch/x86/hvm/hvm.c >>>>> +++ b/xen/arch/x86/hvm/hvm.c >>>>> @@ -3185,22 +3185,6 @@ static enum hvm_translation_result __hvm_copy( >>>>> >>>>> ASSERT(is_hvm_vcpu(v)); >>>>> >>>>> - /* >>>>> - * XXX Disable for 4.1.0: PV-on-HVM drivers will do grant-table ops >>>>> - * such as query_size. Grant-table code currently does copy_to/from_guest >>>>> - * accesses under the big per-domain lock, which this test would disallow. >>>>> - * The test is not needed until we implement sleeping-on-waitqueue when >>>>> - * we access a paged-out frame, and that's post 4.1.0 now. >>>>> - */ >>>>> -#if 0 >>>>> - /* >>>>> - * If the required guest memory is paged out, this function may sleep. >>>>> - * Hence we bail immediately if called from atomic context. >>>>> - */ >>>>> - if ( in_atomic() ) >>>>> - return HVMTRANS_unhandleable; >>>>> -#endif >>>> >>>> Dealing with this TODO item is of course much appreciated, but >>>> should it really be deleted altogether? The big-domain-lock issue >>>> is gone afair, in which case dropping the #if 0 would seem >>>> possible to me, even if it's not strictly needed without the sleep- >>>> on-waitqueue behavior mentioned. >>> >>> I just had a look and found the following path: >>> >>> do_domctl() (takes domctl_lock and hypercall_deadlock_mutex) >>> arch_do_domctl() >>> raw_copy_from_guest() >>> copy_from_user_hvm() >>> hvm_copy_from_guest_linear() >>> __hvm_copy() >>> >>> So no, we can't do the in_atomic() test IMO. >> >> Oh, right - that's a PVH constraint that could probably not even >> be thought of that the time the comment was written. I'm still >> of the opinion though that at least the still applicable part of >> the comment should be kept in place. Whether this means also >> keeping in_atomic() itself is then an independent question, i.e. >> I wouldn't consider it overly bad if there was no implementation >> in the tree, but the above still served as documentation of what >> would need to be re-added. Still my preference would be for it >> to be kept. > > Would you be okay with replacing the removed stuff above with: > > /* > * If the required guest memory is paged out this function may sleep. > * So in theory we should bail out if called in atomic context. > * Unfortunately this is true for PVH dom0 doing domctl calls which ... this is true at least for ... > * holds the domctl lock when accessing dom0 memory. OTOH dom0 memory > * should never be paged out, so we are fine without testing for > * atomic context. > */ Not sure about this Dom0-specific remark: Are we certain there are no other paths, similar to the gnttab one having been mentioned till now? Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
On 24/05/2019 09:39, Jan Beulich wrote: >>>> On 24.05.19 at 10:34, <jgross@suse.com> wrote: >> On 24/05/2019 08:38, Jan Beulich wrote: >>>>>> On 24.05.19 at 07:41, <jgross@suse.com> wrote: >>>> On 22/05/2019 12:10, Jan Beulich wrote: >>>>>>>> On 22.05.19 at 11:45, <jgross@suse.com> wrote: >>>>>> --- a/xen/arch/x86/hvm/hvm.c >>>>>> +++ b/xen/arch/x86/hvm/hvm.c >>>>>> @@ -3185,22 +3185,6 @@ static enum hvm_translation_result __hvm_copy( >>>>>> >>>>>> ASSERT(is_hvm_vcpu(v)); >>>>>> >>>>>> - /* >>>>>> - * XXX Disable for 4.1.0: PV-on-HVM drivers will do grant-table ops >>>>>> - * such as query_size. Grant-table code currently does copy_to/from_guest >>>>>> - * accesses under the big per-domain lock, which this test would disallow. >>>>>> - * The test is not needed until we implement sleeping-on-waitqueue when >>>>>> - * we access a paged-out frame, and that's post 4.1.0 now. >>>>>> - */ >>>>>> -#if 0 >>>>>> - /* >>>>>> - * If the required guest memory is paged out, this function may sleep. >>>>>> - * Hence we bail immediately if called from atomic context. >>>>>> - */ >>>>>> - if ( in_atomic() ) >>>>>> - return HVMTRANS_unhandleable; >>>>>> -#endif >>>>> Dealing with this TODO item is of course much appreciated, but >>>>> should it really be deleted altogether? The big-domain-lock issue >>>>> is gone afair, in which case dropping the #if 0 would seem >>>>> possible to me, even if it's not strictly needed without the sleep- >>>>> on-waitqueue behavior mentioned. >>>> I just had a look and found the following path: >>>> >>>> do_domctl() (takes domctl_lock and hypercall_deadlock_mutex) >>>> arch_do_domctl() >>>> raw_copy_from_guest() >>>> copy_from_user_hvm() >>>> hvm_copy_from_guest_linear() >>>> __hvm_copy() >>>> >>>> So no, we can't do the in_atomic() test IMO. >>> Oh, right - that's a PVH constraint that could probably not even >>> be thought of that the time the comment was written. I'm still >>> of the opinion though that at least the still applicable part of >>> the comment should be kept in place. Whether this means also >>> keeping in_atomic() itself is then an independent question, i.e. >>> I wouldn't consider it overly bad if there was no implementation >>> in the tree, but the above still served as documentation of what >>> would need to be re-added. Still my preference would be for it >>> to be kept. >> Would you be okay with replacing the removed stuff above with: >> >> /* >> * If the required guest memory is paged out this function may sleep. >> * So in theory we should bail out if called in atomic context. >> * Unfortunately this is true for PVH dom0 doing domctl calls which > ... this is true at least for ... > >> * holds the domctl lock when accessing dom0 memory. OTOH dom0 memory >> * should never be paged out, so we are fine without testing for >> * atomic context. >> */ > Not sure about this Dom0-specific remark: Are we certain there are > no other paths, similar to the gnttab one having been mentioned till > now? Why is __hvm_copy() so special? It is just one of many places which can end up touching guest memory. A comment here isn't going to help anyone who might find themselves with problems. Given that the test has never been used, and no issues have been raised, and this path isn't AFAICT special, I don't see why it should be special-cased. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
>>> On 24.05.19 at 14:30, <andrew.cooper3@citrix.com> wrote: > On 24/05/2019 09:39, Jan Beulich wrote: >>>>> On 24.05.19 at 10:34, <jgross@suse.com> wrote: >>> On 24/05/2019 08:38, Jan Beulich wrote: >>>>>>> On 24.05.19 at 07:41, <jgross@suse.com> wrote: >>>>> On 22/05/2019 12:10, Jan Beulich wrote: >>>>>>>>> On 22.05.19 at 11:45, <jgross@suse.com> wrote: >>>>>>> --- a/xen/arch/x86/hvm/hvm.c >>>>>>> +++ b/xen/arch/x86/hvm/hvm.c >>>>>>> @@ -3185,22 +3185,6 @@ static enum hvm_translation_result __hvm_copy( >>>>>>> >>>>>>> ASSERT(is_hvm_vcpu(v)); >>>>>>> >>>>>>> - /* >>>>>>> - * XXX Disable for 4.1.0: PV-on-HVM drivers will do grant-table ops >>>>>>> - * such as query_size. Grant-table code currently does > copy_to/from_guest >>>>>>> - * accesses under the big per-domain lock, which this test would > disallow. >>>>>>> - * The test is not needed until we implement sleeping-on-waitqueue when >>>>>>> - * we access a paged-out frame, and that's post 4.1.0 now. >>>>>>> - */ >>>>>>> -#if 0 >>>>>>> - /* >>>>>>> - * If the required guest memory is paged out, this function may sleep. >>>>>>> - * Hence we bail immediately if called from atomic context. >>>>>>> - */ >>>>>>> - if ( in_atomic() ) >>>>>>> - return HVMTRANS_unhandleable; >>>>>>> -#endif >>>>>> Dealing with this TODO item is of course much appreciated, but >>>>>> should it really be deleted altogether? The big-domain-lock issue >>>>>> is gone afair, in which case dropping the #if 0 would seem >>>>>> possible to me, even if it's not strictly needed without the sleep- >>>>>> on-waitqueue behavior mentioned. >>>>> I just had a look and found the following path: >>>>> >>>>> do_domctl() (takes domctl_lock and hypercall_deadlock_mutex) >>>>> arch_do_domctl() >>>>> raw_copy_from_guest() >>>>> copy_from_user_hvm() >>>>> hvm_copy_from_guest_linear() >>>>> __hvm_copy() >>>>> >>>>> So no, we can't do the in_atomic() test IMO. >>>> Oh, right - that's a PVH constraint that could probably not even >>>> be thought of that the time the comment was written. I'm still >>>> of the opinion though that at least the still applicable part of >>>> the comment should be kept in place. Whether this means also >>>> keeping in_atomic() itself is then an independent question, i.e. >>>> I wouldn't consider it overly bad if there was no implementation >>>> in the tree, but the above still served as documentation of what >>>> would need to be re-added. Still my preference would be for it >>>> to be kept. >>> Would you be okay with replacing the removed stuff above with: >>> >>> /* >>> * If the required guest memory is paged out this function may sleep. >>> * So in theory we should bail out if called in atomic context. >>> * Unfortunately this is true for PVH dom0 doing domctl calls which >> ... this is true at least for ... >> >>> * holds the domctl lock when accessing dom0 memory. OTOH dom0 memory >>> * should never be paged out, so we are fine without testing for >>> * atomic context. >>> */ >> Not sure about this Dom0-specific remark: Are we certain there are >> no other paths, similar to the gnttab one having been mentioned till >> now? > > Why is __hvm_copy() so special? It is just one of many places which can > end up touching guest memory. Are you sure? I think everything that can touch guest (HVM) memory actually ends up calling into this function. Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
© 2016 - 2026 Red Hat, Inc.