ChangeSet 1.1159.273.1, 2005/03/26 01:12:37+00:00, cl349@xxxxxxxxxxxxxxxxxxxx
No direct entry to __enter_scheduler allowed. Must always pass through
softirq handler. Also domain_crash() now returns and defers
descheduling from local CPU: old behaviour is still provided by
domain_crash_synchronous().
Signed-off-by: Keir Fraser <keir@xxxxxxxxxxxxx>
Signed-off-by: Christian Limpach <Christian.Limpach@xxxxxxxxxxxx>
arch/x86/domain.c | 3 ++-
arch/x86/memory.c | 44 ++++++++------------------------------------
arch/x86/shadow.c | 16 ++++++++++------
arch/x86/traps.c | 4 ++--
arch/x86/x86_32/entry.S | 10 +++++-----
common/domain.c | 26 +++++++++++++++-----------
common/schedule.c | 5 +++--
include/xen/sched.h | 15 ++++++++++++---
8 files changed, 57 insertions(+), 66 deletions(-)
diff -Nru a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c
--- a/xen/arch/x86/domain.c 2005-03-25 21:04:02 -05:00
+++ b/xen/arch/x86/domain.c 2005-03-25 21:04:02 -05:00
@@ -82,7 +82,8 @@
/* Just some sanity to ensure that the scheduler is set up okay. */
ASSERT(current->id == IDLE_DOMAIN_ID);
domain_unpause_by_systemcontroller(current);
- __enter_scheduler();
+ raise_softirq(SCHEDULE_SOFTIRQ);
+ do_softirq();
/*
* Declares CPU setup done to the boot processor.
diff -Nru a/xen/arch/x86/memory.c b/xen/arch/x86/memory.c
--- a/xen/arch/x86/memory.c 2005-03-25 21:04:02 -05:00
+++ b/xen/arch/x86/memory.c 2005-03-25 21:04:02 -05:00
@@ -1686,7 +1686,7 @@
MEM_LOG("ptwr: Could not read pte at %p\n", ptep);
/*
* Really a bug. We could read this PTE during the initial fault,
- * and pagetables can't have changed meantime. XXX Multi-CPU guests?
+ * and pagetables can't have changed meantime.
*/
BUG();
}
@@ -1713,7 +1713,7 @@
MEM_LOG("ptwr: Could not update pte at %p\n", ptep);
/*
* Really a bug. We could write this PTE during the initial fault,
- * and pagetables can't have changed meantime. XXX Multi-CPU guests?
+ * and pagetables can't have changed meantime.
*/
BUG();
}
@@ -1771,6 +1771,7 @@
*pl2e = mk_l2_pgentry(l2_pgentry_val(*pl2e) | _PAGE_PRESENT);
}
domain_crash();
+ return;
}
if ( unlikely(sl1e != NULL) )
@@ -1834,13 +1835,17 @@
/* Get the L2 index at which this L1 p.t. is always mapped. */
l2_idx = page->u.inuse.type_info & PGT_va_mask;
if ( unlikely(l2_idx >= PGT_va_unknown) )
+ {
domain_crash(); /* Urk! This L1 is mapped in multiple L2 slots! */
+ return 0;
+ }
l2_idx >>= PGT_va_shift;
if ( l2_idx == (addr >> L2_PAGETABLE_SHIFT) )
{
MEM_LOG("PTWR failure! Pagetable maps itself at %08lx\n", addr);
domain_crash();
+ return 0;
}
/*
@@ -1908,6 +1913,7 @@
unmap_domain_mem(ptwr_info[cpu].ptinfo[which].pl1e);
ptwr_info[cpu].ptinfo[which].l1va = 0;
domain_crash();
+ return 0;
}
return EXCRET_fault_fixed;
@@ -1937,40 +1943,6 @@
/************************************************************************/
#ifndef NDEBUG
-
-void ptwr_status(void)
-{
- unsigned long pte, *ptep, pfn;
- struct pfn_info *page;
- int cpu = smp_processor_id();
-
- ptep = (unsigned long *)&linear_pg_table
- [ptwr_info[cpu].ptinfo[PTWR_PT_INACTIVE].l1va>>PAGE_SHIFT];
-
- if ( __get_user(pte, ptep) ) {
- MEM_LOG("ptwr: Could not read pte at %p\n", ptep);
- domain_crash();
- }
-
- pfn = pte >> PAGE_SHIFT;
- page = &frame_table[pfn];
- printk("need to alloc l1 page %p\n", page);
- /* make pt page writable */
- printk("need to make read-only l1-page at %p is %08lx\n",
- ptep, pte);
-
- if ( ptwr_info[cpu].ptinfo[PTWR_PT_ACTIVE].l1va == 0 )
- return;
-
- if ( __get_user(pte, (unsigned long *)
- ptwr_info[cpu].ptinfo[PTWR_PT_ACTIVE].l1va) ) {
- MEM_LOG("ptwr: Could not read pte at %p\n", (unsigned long *)
- ptwr_info[cpu].ptinfo[PTWR_PT_ACTIVE].l1va);
- domain_crash();
- }
- pfn = pte >> PAGE_SHIFT;
- page = &frame_table[pfn];
-}
void audit_domain(struct domain *d)
{
diff -Nru a/xen/arch/x86/shadow.c b/xen/arch/x86/shadow.c
--- a/xen/arch/x86/shadow.c 2005-03-25 21:04:02 -05:00
+++ b/xen/arch/x86/shadow.c 2005-03-25 21:04:02 -05:00
@@ -580,15 +580,13 @@
&linear_pg_table[va >> PAGE_SHIFT])) )
{
SH_VVLOG("shadow_fault - EXIT: read gpte faulted" );
- shadow_unlock(m);
- return 0;
+ goto fail;
}
if ( unlikely(!(gpte & _PAGE_PRESENT)) )
{
SH_VVLOG("shadow_fault - EXIT: gpte not present (%lx)",gpte );
- shadow_unlock(m);
- return 0;
+ goto fail;
}
/* Write fault? */
@@ -598,8 +596,7 @@
{
/* Write fault on a read-only mapping. */
SH_VVLOG("shadow_fault - EXIT: wr fault on RO page (%lx)", gpte);
- shadow_unlock(m);
- return 0;
+ goto fail;
}
l1pte_write_fault(m, &gpte, &spte);
@@ -616,7 +613,10 @@
/* XXX Watch out for read-only L2 entries! (not used in Linux). */
if ( unlikely(__put_user(gpte, (unsigned long *)
&linear_pg_table[va >> PAGE_SHIFT])) )
+ {
domain_crash();
+ goto fail;
+ }
/*
* Update of shadow PTE can fail because the L1 p.t. is not shadowed,
@@ -637,6 +637,10 @@
check_pagetable(m, current->mm.pagetable, "post-sf");
return EXCRET_fault_fixed;
+
+ fail:
+ shadow_unlock(m);
+ return 0;
}
diff -Nru a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
--- a/xen/arch/x86/traps.c 2005-03-25 21:04:02 -05:00
+++ b/xen/arch/x86/traps.c 2005-03-25 21:04:02 -05:00
@@ -654,8 +654,6 @@
struct domain *d = current;
struct trap_bounce *tb = &d->thread.trap_bounce;
- DEBUGGER_trap_entry(TRAP_debug, regs);
-
__asm__ __volatile__("movl %%db6,%0" : "=r" (condition));
/* Mask out spurious debug traps due to lazy DR7 setting */
@@ -665,6 +663,8 @@
__asm__("movl %0,%%db7" : : "r" (0));
goto out;
}
+
+ DEBUGGER_trap_entry(TRAP_debug, regs);
if ( !GUEST_FAULT(regs) )
{
diff -Nru a/xen/arch/x86/x86_32/entry.S b/xen/arch/x86/x86_32/entry.S
--- a/xen/arch/x86/x86_32/entry.S 2005-03-25 21:04:02 -05:00
+++ b/xen/arch/x86/x86_32/entry.S 2005-03-25 21:04:02 -05:00
@@ -112,7 +112,7 @@
jmp test_all_events
DBLFIX1:GET_CURRENT(%ebx)
testb $TF_failsafe_return,DOMAIN_thread_flags(%ebx)
- jnz domain_crash # cannot reenter failsafe code
+ jnz domain_crash_synchronous # cannot reenter failsafe code
orb $TF_failsafe_return,DOMAIN_thread_flags(%ebx)
jmp test_all_events # will return via failsafe code
.previous
@@ -330,7 +330,7 @@
.long FLT23,FIX7 , FLT24,FIX7 , FLT25,FIX7 , FLT26,FIX7 , FLT27,FIX7
.previous
.section __ex_table,"a"
- .long DBLFLT2,domain_crash
+ .long DBLFLT2,domain_crash_synchronous
.previous
ALIGN
@@ -620,9 +620,9 @@
jmp test_all_events
.section __ex_table,"a"
- .long VFLT1,domain_crash
- .long VFLT2,domain_crash
- .long VFLT3,domain_crash
+ .long VFLT1,domain_crash_synchronous
+ .long VFLT2,domain_crash_synchronous
+ .long VFLT3,domain_crash_synchronous
.previous
.data
diff -Nru a/xen/common/domain.c b/xen/common/domain.c
--- a/xen/common/domain.c 2005-03-25 21:04:02 -05:00
+++ b/xen/common/domain.c 2005-03-25 21:04:02 -05:00
@@ -9,6 +9,7 @@
#include <xen/lib.h>
#include <xen/errno.h>
#include <xen/sched.h>
+#include <xen/softirq.h>
#include <xen/mm.h>
#include <xen/event.h>
#include <xen/time.h>
@@ -146,8 +147,15 @@
send_guest_virq(dom0, VIRQ_DOM_EXC);
- __enter_scheduler();
- BUG();
+ raise_softirq(SCHEDULE_SOFTIRQ);
+}
+
+
+void domain_crash_synchronous(void)
+{
+ domain_crash();
+ for ( ; ; )
+ do_softirq();
}
void domain_shutdown(u8 reason)
@@ -169,18 +177,14 @@
}
}
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-changelog
|
Home