Re: [Xen-devel] [PATCH v4 3/3] x86/ioreq server: Add HVMOP to map guest ram with p2m_ioreq_server to an ioreq server.

[Yu Zhang <yu.c.zhang@xxxxxxxxxxxxxxx>]

On 6/16/2016 6:02 PM, Jan Beulich wrote:
> > > > > > @@ -94,8 +96,16 @@ static unsigned long p2m_type_to_flags(p2m_type_t t, mfn_t 
> > > > > > mfn,
> > > > > >         default:
> > > > > >             return flags | _PAGE_NX_BIT;
> > > > > >         case p2m_grant_map_ro:
> > > > > > -    case p2m_ioreq_server:
> > > > > >             return flags | P2M_BASE_FLAGS | _PAGE_NX_BIT;
> > > > > > +    case p2m_ioreq_server:
> > > > > > +    {
> > > > > > +        flags |= P2M_BASE_FLAGS | _PAGE_RW;
> > > > > > +
> > > > > > +        if ( p2m->ioreq.flags & P2M_IOREQ_HANDLE_WRITE_ACCESS )
> > > > > > +            return flags & ~_PAGE_RW;
> > > > > > +        else
> > > > > > +            return flags;
> > > > > > +    }
> > > > > Same here (for the missing _PAGE_NX) plus no need for braces.
> > > > I'll remove the brace. And we do not need to set the _PAGE_NX_BIT, like
> > > > the p2m_ram_ro case I guess.
> > > I hope you mean the inverse: You should set _PAGE_NX_BIT here.
> > Oh, right. I meant the reverse. Thanks for the remind. :)
> > And I have a question,  here in p2m_type_to_flags(), I saw current code
> > uses _PAGE_NX_BIT
> > to disable the executable permission,  and I wonder, why don't we choose
> > the _PAGE_NX,
> > which is defined as:
> >
> > #define _PAGE_NX       (cpu_has_nx ? _PAGE_NX_BIT : 0)
> >
> > How do we know for sure that bit 63 from pte is not a reserved one
> > without checking
> > the cpu capability(the cpu_has_nx)? Is there any other reasons, i.e. the
> > page tables might
> > be shared with IOMMU?
> Please wait for Andrew to confirm this (or correct me) - there are
> some differences between AMD and Intel, and iirc the bit gets
> ignored by AMD when NX is off.
>
> > > > > > +struct xen_hvm_map_mem_type_to_ioreq_server {
> > > > > > +    domid_t domid;      /* IN - domain to be serviced */
> > > > > > +    ioservid_t id;      /* IN - ioreq server id */
> > > > > > +    uint16_t type;      /* IN - memory type */
> > > > > > +    uint16_t pad;
> > > > > This field does not appear to get checked in the handler.
> > > > I am now wondering, how about we remove this pad field and define type
> > > > as uint32_t?
> > > As above - I think the current layout is fine. But I'm also not heavily
> > > opposed to using uint32_t here. It's not a stable interface anyway
> > > (and I already have a series mostly ready to split off all control
> > > operations from the HVMOP_* ones, into a new HVMCTL_* set,
> > > which will make all of them interface-versioned).
> > I'd like to keep this interface. BTW, you mentioned "this field does not
> > appear to
> > get checked in the handler", do you mean we need to check the pad in the
> > handler?
> Yes.
>
> > And why?
> In order to be able to later assign meaning to it without breaking
> existing users.
So the handler need to assure the pad is 0, right?

Thanks
Yu

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel