[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] x86/HVM: honor p2m_ram_ro in hvm_map_guest_frame_rw()

To: Jan Beulich <JBeulich@xxxxxxxx>
From: Wei Liu <wei.liu2@xxxxxxxxxx>
Date: Fri, 24 Jul 2015 11:26:47 +0100
Cc: Kevin Tian <kevin.tian@xxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Eddie Dong <eddie.dong@xxxxxxxxx>, Aravind Gopalakrishnan <aravind.gopalakrishnan@xxxxxxx>, suravee.suthikulpanit@xxxxxxx, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>, Keir Fraser <keir@xxxxxxx>
Delivery-date: Fri, 24 Jul 2015 10:26:58 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Fri, Jul 24, 2015 at 03:41:26AM -0600, Jan Beulich wrote:
> ... and its callers.
> 
> While all non-nested users are made fully honor the semantics of that
> type, doing so in the nested case seemed insane (if doable at all,
> considering VMCS shadowing), and hence there the respective operations
> are simply made fail.
> 
> One case not (yet) taken care of is that of a page getting transitioned
> to this type after a mapping got established.
> 
> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
> ---
> Beyond that log-dirty handling in _hvm_map_guest_frame() looks bogus
> too: What if a XEN_DOMCTL_SHADOW_OP_* gets issued and acted upon
> between the setting of the dirty flag and the actual write happening?
> I.e. shouldn't the flag instead be set in hvm_unmap_guest_frame()?
> 
> Note that this is conflicting with the altp2m series (adding another
> call to hvm_map_guest_frame_rw(), reviewing of which made me spot the
> issue in the first place).
> 
> --- a/xen/arch/x86/hvm/hvm.c
> +++ b/xen/arch/x86/hvm/hvm.c
> @@ -3594,8 +3594,8 @@ int hvm_virtual_to_linear_addr(
>  
>  /* On non-NULL return, we leave this function holding an additional 
>   * ref on the underlying mfn, if any */
> -static void *__hvm_map_guest_frame(unsigned long gfn, bool_t writable,
> -                                   bool_t permanent)
> +static void *_hvm_map_guest_frame(unsigned long gfn, bool_t permanent,
> +                                  bool_t *writable)
>  {
>      void *map;
>      p2m_type_t p2mt;
> @@ -3618,7 +3618,12 @@ static void *__hvm_map_guest_frame(unsig
>      }
>  
>      if ( writable )

I don't claim I know this piece of code, but checking the pointer but
not the content looks suspicious.

> -        paging_mark_dirty(d, page_to_mfn(page));
> +    {
> +        if ( !p2m_is_discard_write(p2mt) )
> +            paging_mark_dirty(d, page_to_mfn(page));
> +        else
> +            *writable = 0;

You then set *writable here, which makes it even more suspicious.

Wei.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] x86/HVM: honor p2m_ram_ro in hvm_map_guest_frame_rw()
  - From: Jan Beulich

References:
- [Xen-devel] [PATCH] x86/HVM: honor p2m_ram_ro in hvm_map_guest_frame_rw()
  - From: Jan Beulich

Prev by Date: Re: [Xen-devel] [PATCH v5 1/6] libxl: do not add a vkb backend to hvm guests
Next by Date: Re: [Xen-devel] PV-vNUMA issue: topology is misinterpreted by the guest
Previous by thread: [Xen-devel] [PATCH] x86/HVM: honor p2m_ram_ro in hvm_map_guest_frame_rw()
Next by thread: Re: [Xen-devel] [PATCH] x86/HVM: honor p2m_ram_ro in hvm_map_guest_frame_rw()
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.