[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 09/10] xen/arm: Set foreign page type to p2m_map_foreign





On 12/09/2013 04:40 PM, Ian Campbell wrote:
On Mon, 2013-12-09 at 03:34 +0000, Julien Grall wrote:
Xen needs to know that the current page belongs to another domain. Also take
the refcount to this page.

Signed-off-by: Julien Grall <julien.grall@xxxxxxxxxx>

---
     Changes in v2:
         - Even if gcc is buggy (see 
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=18501)
         define p2m type per mapspace to let the compiler warns about 
unitialized
         values.
---
  xen/arch/arm/mm.c |   24 ++++++++++++++++--------
  1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c
index ba51f6e..b08ffa0 100644
--- a/xen/arch/arm/mm.c
+++ b/xen/arch/arm/mm.c
@@ -993,6 +993,7 @@ static int xenmem_add_to_physmap_one(
  {
      unsigned long mfn = 0;
      int rc;
+    p2m_type_t t;

      switch ( space )
      {
@@ -1025,18 +1026,22 @@ static int xenmem_add_to_physmap_one(

          d->arch.grant_table_gpfn[idx] = gpfn;

+        t = p2m_ram_rw;
+
          spin_unlock(&d->grant_table->lock);
          break;
      case XENMAPSPACE_shared_info:
-        if ( idx == 0 )
-            mfn = virt_to_mfn(d->shared_info);
-        else
+        if ( idx != 0 )
              return -EINVAL;
+
+        mfn = virt_to_mfn(d->shared_info);
+        t = p2m_ram_rw;
+
          break;
      case XENMAPSPACE_gmfn_foreign:
      {
-        paddr_t maddr;
          struct domain *od;
+        struct page_info *page;
          od = rcu_lock_domain_by_any_id(foreign_domid);
          if ( od == NULL )
              return -ESRCH;
@@ -1048,15 +1053,18 @@ static int xenmem_add_to_physmap_one(
              return rc;
          }

-        maddr = p2m_lookup(od, pfn_to_paddr(idx));
-        if ( maddr == INVALID_PADDR )
+        /* Take refcount to the foreign domain page.

"refcount on...". Or "Take a reference to..."

+         * Refcount will be release in XENMEM_remove_from_physmap */

and a few other places...

Like with the unmap it might be best to push this reference manipulation
down into the eventual function which makes the mapping. That would keep
this stuff much more localised.

+        page = get_page_from_gfn(od, idx, NULL, P2M_ALLOC);

This made me wonder what happens if the guest drops its mapping while
the foreign one is around. At least the page won't be freed until the
foreign mapping goes away, but it won't be what the tools think it is.

In this case, the domain will get wrong data and can crash. It won't corrupted the domain who mapped the foreign mapping.

--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.