Now get_page on x86 is implemented to atomic exchange both _domain and count_info simultaneously. Cmpxchg8b is used to cover two fields because they are all 32bit width. However on ia64 where _domain is 64bit, hard to use single instruction to cover two fields. Yes, there''s workaround to solve that, like adding spinlock with some overhead. But I''d like to know the reason why _domain and count_info should be operated together. Is there any case that ownership changes just after checking ownership and before modifying count_info? Thanks, Kevin _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
On 11 Jun 2005, at 05:08, Tian, Kevin wrote:> However on ia64 where _domain is 64bit, hard to use single instruction > to cover two fields. Yes, there''s workaround to solve that, like adding > spinlock with some overhead. But I''d like to know the reason why > _domain > and count_info should be operated together. Is there any case that > ownership changes just after checking ownership and before modifying > count_info?There''d be nothing to stop the domain pointer changing while you modify the reference count. On x86/64 we ''pickle'' the domain pointer into a 32-bit field by simply masking off the high bits. Do you really need the 64-bit range? Checking the domain field after modifying the reference count would probably be okay really, it''s just that a domain could get a handle on another domain''s page for a short while without that other domain''s permission. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
>-----Original Message----- >From: Keir Fraser [mailto:Keir.Fraser@cl.cam.ac.uk] >Sent: Saturday, June 11, 2005 1:36 PM >To: Tian, Kevin > > >On 11 Jun 2005, at 05:08, Tian, Kevin wrote: > >> However on ia64 where _domain is 64bit, hard to use singleinstruction>> to cover two fields. Yes, there''s workaround to solve that, likeadding>> spinlock with some overhead. But I''d like to know the reason why >> _domain >> and count_info should be operated together. Is there any case that >> ownership changes just after checking ownership and before modifying >> count_info? > >There''d be nothing to stop the domain pointer changing while you modify >the reference count. On x86/64 we ''pickle'' the domain pointer into a >32-bit field by simply masking off the high bits. Do you really need >the 64-bit range? Checking the domain field after modifying the >reference count would probably be okay really, it''s just that a domain >could get a handle on another domain''s page for a short while without >that other domain''s permission. > > -- KeirGot it. And one prerequisite for this trick is that xen heap always stays in area < 4G machine memory, or else ''unpickle'' will go weird then. :) Currently seems xen heap can satisfy it on all archs, including ia64. Then I will also change that field back to 32bit and everything will work same as x86. Thanks a lot, Kevin _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel