[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v22 1/2] common: add a new mappable resource type: XENMEM_resource_grant_table

To: "Paul Durrant" <paul.durrant@xxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Thu, 09 Aug 2018 02:46:46 -0600
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Thu, 09 Aug 2018 08:47:00 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

>>> On 08.08.18 at 16:16, <paul.durrant@xxxxxxxxxx> wrote:
> +static int gnttab_get_status_frame_mfn(struct domain *d,
> +                                       unsigned long idx, mfn_t *mfn)
> +{
> +    const struct grant_table *gt = d->grant_table;
> +
> +    ASSERT(gt->gt_version == 2);
> +
> +    if ( idx >= nr_status_frames(gt) )
> +    {
> +        unsigned long nr_status;
> +        unsigned long nr_grant;
> +
> +        nr_status = idx + 1; /* sufficient frames to make idx valid */
> +        nr_grant = status_to_grant_frames(nr_status);
> +
> +        if ( nr_grant <= nr_grant_frames(gt) ) /* overflow check */
> +            return -EINVAL;

If the table is currently empty, this would always fail, wouldn't
it? You haven't grown the table yet by this point.

> +        if ( nr_grant <= gt->max_grant_frames )
> +            gnttab_grow_table(d, nr_grant);

And here (other than originally in gnttab_map_frame()) you
invoke gnttab_grow_table() perhaps pointlessly (when the table
doesn't in fact need growing).

> @@ -1027,6 +1066,11 @@ static int acquire_resource(
>  
>      switch ( xmar.type )
>      {
> +    case XENMEM_resource_grant_table:
> +        rc = acquire_grant_table(d, xmar.id, xmar.frame, xmar.nr_frames,
> +                                 mfn_list);
> +        break;
> +
>      default:
>          rc = arch_acquire_resource(d, xmar.type, xmar.id, xmar.frame,
>                                     xmar.nr_frames, mfn_list, &xmar.flags);
> @@ -1046,6 +1090,16 @@ static int acquire_resource(
>          xen_pfn_t gfn_list[ARRAY_SIZE(mfn_list)];
>          unsigned int i;
>  
> +        /*
> +         * FIXME: Until foreign pages inserted into the P2M are properly
> +         *        reference counted, it is unsafe to allow mapping of
> +         *        non-caller-owned resource pages unless the caller is
> +         *        the hardware domain.
> +         */
> +        if ( !(xmar.flags & XENMEM_rsrc_acq_caller_owned) &&
> +             !is_hardware_domain(currd) )
> +            return -EOPNOTSUPP;
> +

Now that I look at this again - wouldn't this check better live ahead
of the main switch()? I find it odd, for example, that in this case the
grant table would still have got grown.

Jan



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v22 1/2] common: add a new mappable resource type: XENMEM_resource_grant_table
  - From: Paul Durrant

References:
- [Xen-devel] [PATCH v22 0/2] guest resource mapping (reprise)
  - From: Paul Durrant
- [Xen-devel] [PATCH v22 1/2] common: add a new mappable resource type: XENMEM_resource_grant_table
  - From: Paul Durrant

Prev by Date: Re: [Xen-devel] Emulation and active (valid) interrupts
Next by Date: Re: [Xen-devel] [PATCH v22 1/2] common: add a new mappable resource type: XENMEM_resource_grant_table
Previous by thread: [Xen-devel] [PATCH v22 1/2] common: add a new mappable resource type: XENMEM_resource_grant_table
Next by thread: Re: [Xen-devel] [PATCH v22 1/2] common: add a new mappable resource type: XENMEM_resource_grant_table
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.