WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-changelog

[Xen-changelog] [xen-4.0-testing] Enable tmem functionality for PV on HV

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-4.0-testing] Enable tmem functionality for PV on HVM guests. Guest kernel
From: "Xen patchbot-4.0-testing" <patchbot-4.0-testing@xxxxxxxxxxxxxxxxxxx>
Date: Mon, 21 Jun 2010 11:25:25 -0700
Delivery-date: Mon, 21 Jun 2010 11:26:59 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1277144415 -3600
# Node ID c7c87b802d0b25c9c5434c8534adb069ab551539
# Parent  e08e15ee938c1cf84da93bce89d82808fa0846d3
Enable tmem functionality for PV on HVM guests.  Guest kernel
must still be tmem-enabled to use this functionality (e.g.
won't work for Windows), but upstream Linux tmem (aka
cleancache and frontswap) patches apply cleanly on top
of PV on HVM patches.

Also, fix up some ASSERTS and code used only when bad guest
mfns are passed to tmem.  Previous code could crash Xen
if a buggy/malicious guest passes bad gmfns.

Signed-off-by: Dan Magenheimer <dan.magenheimer@xxxxxxxxxx>
xen-unstable changeset:   21648:72c6228b5f0f
xen-unstable date:        Mon Jun 21 19:19:25 2010 +0100
---
 xen/arch/x86/hvm/hvm.c     |    9 ++++++---
 xen/common/tmem.c          |   24 ++++++++++++------------
 xen/common/tmem_xen.c      |    2 +-
 xen/include/xen/tmem_xen.h |    4 +++-
 4 files changed, 22 insertions(+), 17 deletions(-)

diff -r e08e15ee938c -r c7c87b802d0b xen/arch/x86/hvm/hvm.c
--- a/xen/arch/x86/hvm/hvm.c    Mon Jun 21 19:13:46 2010 +0100
+++ b/xen/arch/x86/hvm/hvm.c    Mon Jun 21 19:20:15 2010 +0100
@@ -2265,7 +2265,8 @@ static hvm_hypercall_t *hvm_hypercall32_
     HYPERCALL(xen_version),
     HYPERCALL(event_channel_op),
     HYPERCALL(sched_op),
-    HYPERCALL(hvm_op)
+    HYPERCALL(hvm_op),
+    HYPERCALL(tmem_op)
 };
 
 #else /* defined(__x86_64__) */
@@ -2313,7 +2314,8 @@ static hvm_hypercall_t *hvm_hypercall64_
     HYPERCALL(xen_version),
     HYPERCALL(event_channel_op),
     HYPERCALL(sched_op),
-    HYPERCALL(hvm_op)
+    HYPERCALL(hvm_op),
+    HYPERCALL(tmem_op)
 };
 
 static hvm_hypercall_t *hvm_hypercall32_table[NR_hypercalls] = {
@@ -2323,7 +2325,8 @@ static hvm_hypercall_t *hvm_hypercall32_
     HYPERCALL(xen_version),
     HYPERCALL(event_channel_op),
     HYPERCALL(sched_op),
-    HYPERCALL(hvm_op)
+    HYPERCALL(hvm_op),
+    HYPERCALL(tmem_op)
 };
 
 #endif /* defined(__x86_64__) */
diff -r e08e15ee938c -r c7c87b802d0b xen/common/tmem.c
--- a/xen/common/tmem.c Mon Jun 21 19:13:46 2010 +0100
+++ b/xen/common/tmem.c Mon Jun 21 19:20:15 2010 +0100
@@ -1483,6 +1483,7 @@ copy_uncompressed:
         pgp_free_data(pgp, pool);
     if ( ( pgp->pfp = tmem_page_alloc(pool) ) == NULL )
         goto failed_dup;
+    pgp->size = 0;
     /* tmh_copy_from_client properly handles len==0 and offsets != 0 */
     ret = tmh_copy_from_client(pgp->pfp,cmfn,tmem_offset,pfn_offset,len,0);
     if ( ret == -EFAULT )
@@ -1492,7 +1493,6 @@ copy_uncompressed:
         if ( pcd_associate(pgp,NULL,0) == -ENOMEM )
             goto failed_dup;
     }
-    pgp->size = 0;
 
 done:
     /* successfully replaced data, clean up and return success */
@@ -1509,12 +1509,14 @@ bad_copy:
 bad_copy:
     /* this should only happen if the client passed a bad mfn */
     failed_copies++;
-ASSERT(0);
-    return -EFAULT;
+    ret = -EFAULT;
+    goto cleanup;
 
 failed_dup:
    /* couldn't change out the data, flush the old data and return
     * -ENOSPC instead of -ENOMEM to differentiate failed _dup_ put */
+    ret = -ENOSPC;
+cleanup:
     pgpfound = pgp_delete_from_obj(obj, pgp->index);
     ASSERT(pgpfound == pgp);
     pgp_delete(pgpfound,0);
@@ -1528,7 +1530,7 @@ failed_dup:
         tmem_spin_unlock(&obj->obj_spinlock);
     }
     pool->dup_puts_flushed++;
-    return -ENOSPC;
+    return ret;
 }
 
 
@@ -1579,6 +1581,7 @@ static NOINLINE int do_tmem_put(pool_t *
         goto free;
     ASSERT(ret != -EEXIST);
     pgp->index = index;
+    pgp->size = 0;
 
     if ( len != 0 && client->compress )
     {
@@ -1615,7 +1618,6 @@ copy_uncompressed:
         if ( pcd_associate(pgp,NULL,0) == -ENOMEM )
             goto delete_and_free;
     }
-    pgp->size = 0;
 
 insert_page:
     if ( is_ephemeral(pool) )
@@ -1648,6 +1650,11 @@ insert_page:
         tot_good_eph_puts++;
     return 1;
 
+bad_copy:
+    /* this should only happen if the client passed a bad mfn */
+    ret = -EFAULT;
+    failed_copies++;
+
 delete_and_free:
     ASSERT((obj != NULL) && (pgp != NULL) && (pgp->index != -1));
     pgpdel = pgp_delete_from_obj(obj, pgp->index);
@@ -1669,12 +1676,6 @@ free:
     }
     pool->no_mem_puts++;
     return ret;
-
-bad_copy:
-    /* this should only happen if the client passed a bad mfn */
-    failed_copies++;
-ASSERT(0);
-    goto free;
 }
 
 static NOINLINE int do_tmem_get(pool_t *pool, uint64_t oid, uint32_t index,
@@ -1758,7 +1759,6 @@ bad_copy:
 bad_copy:
     /* this should only happen if the client passed a bad mfn */
     failed_copies++;
-ASSERT(0);
     return -EFAULT;
 
 }
diff -r e08e15ee938c -r c7c87b802d0b xen/common/tmem_xen.c
--- a/xen/common/tmem_xen.c     Mon Jun 21 19:13:46 2010 +0100
+++ b/xen/common/tmem_xen.c     Mon Jun 21 19:20:15 2010 +0100
@@ -100,7 +100,7 @@ static inline void *cli_mfn_to_va(tmem_c
     p2m_type_t t;
 
     cli_mfn = mfn_x(gfn_to_mfn(current->domain, cmfn, &t));
-    if (t != p2m_ram_rw)
+    if (t != p2m_ram_rw || cli_mfn == INVALID_MFN)
         return NULL;
     if (pcli_mfn != NULL)
         *pcli_mfn = cli_mfn;
diff -r e08e15ee938c -r c7c87b802d0b xen/include/xen/tmem_xen.h
--- a/xen/include/xen/tmem_xen.h        Mon Jun 21 19:13:46 2010 +0100
+++ b/xen/include/xen/tmem_xen.h        Mon Jun 21 19:20:15 2010 +0100
@@ -456,7 +456,9 @@ static inline int tmh_get_tmemop_from_cl
 static inline int tmh_get_tmemop_from_client(tmem_op_t *op, tmem_cli_op_t uops)
 {
 #ifdef CONFIG_COMPAT
-    if ( is_pv_32on64_vcpu(current) )
+    if ( is_hvm_vcpu(current) ?
+         hvm_guest_x86_mode(current) != 8 :
+         is_pv_32on64_vcpu(current) )
     {
         int rc;
         enum XLAT_tmem_op_u u;

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-4.0-testing] Enable tmem functionality for PV on HVM guests. Guest kernel, Xen patchbot-4.0-testing <=