[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 03/14] xen/x86: Make mfn_to_gfn typesafe



On 10/05/2019 14:24, Jan Beulich wrote:

On 10.05.19 at 15:02, <julien.grall@xxxxxxx> wrote:




On 10/05/2019 12:35, Jan Beulich wrote:

On 07.05.19 at 17:14, <julien.grall@xxxxxxx> wrote:

--- a/xen/arch/x86/mm/shadow/common.c
+++ b/xen/arch/x86/mm/shadow/common.c
@@ -474,7 +474,8 @@ static inline void trace_resync(int event, mfn_t gmfn)
       if ( tb_init_done )
       {
           /* Convert gmfn to gfn */
-        unsigned long gfn = mfn_to_gfn(current->domain, gmfn);
+        unsigned long gfn = gfn_x(mfn_to_gfn(current->domain, gmfn));
+
           __trace_var(event, 0/*!tsc*/, sizeof(gfn), &gfn);
       }


Can't you use gfn_t here, and hence avoid the gfn_x()? Same again further
down.

Because __trace_var will export the value to the guest. I wasn't sure
whether we
can safely consider that gfn_t is exactly the same as unsigned long in
debug-build.


Hmm, well - see the definition of gfn_t. George, what do you think?
I know what's the current definition. My point is we never made that assumption before. In all honesty, sure assumption would definitely help in a few places, but I think we ought to safeguard with BUILD_BUG(...). 

Cheers,

--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.