[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen-unstable] x86 shadow: fix vram tracking
# HG changeset patch # User Keir Fraser <keir.fraser@xxxxxxxxxx> # Date 1236855343 0 # Node ID cc9b41a476dc62149d7a385aad70ce6e221e928f # Parent 8ce14a3bcf05966a4623b1aae2b6bd6570ffd480 x86 shadow: fix vram tracking Check for writable mappings in ptes before assuming that the type count in the page has changed. Signed-off-by: Gianluca Guida <gianluca.guida@xxxxxxxxxxxxx> --- xen/arch/x86/mm/shadow/multi.c | 53 ++++++++++++++++++++++++----------------- 1 files changed, 32 insertions(+), 21 deletions(-) diff -r 8ce14a3bcf05 -r cc9b41a476dc xen/arch/x86/mm/shadow/multi.c --- a/xen/arch/x86/mm/shadow/multi.c Thu Mar 12 08:35:12 2009 +0000 +++ b/xen/arch/x86/mm/shadow/multi.c Thu Mar 12 10:55:43 2009 +0000 @@ -1039,18 +1039,19 @@ static inline void shadow_vram_get_l1e(s mfn_t sl1mfn, struct domain *d) { - mfn_t mfn; + mfn_t mfn = shadow_l1e_get_mfn(new_sl1e); + int flags = shadow_l1e_get_flags(new_sl1e); unsigned long gfn; - if ( !d->dirty_vram ) return; - - mfn = shadow_l1e_get_mfn(new_sl1e); - - if ( !mfn_valid(mfn) ) return; /* m2p for mmio_direct may not exist */ + if ( !d->dirty_vram /* tracking disabled? */ + || !(flags & _PAGE_RW) /* read-only mapping? */ + || !mfn_valid(mfn) ) /* mfn can be invalid in mmio_direct */ + return; gfn = mfn_to_gfn(d, mfn); - if ( (gfn >= d->dirty_vram->begin_pfn) && (gfn < d->dirty_vram->end_pfn) ) { + if ( (gfn >= d->dirty_vram->begin_pfn) && (gfn < d->dirty_vram->end_pfn) ) + { unsigned long i = gfn - d->dirty_vram->begin_pfn; struct page_info *page = mfn_to_page(mfn); @@ -1066,48 +1067,58 @@ static inline void shadow_vram_put_l1e(s mfn_t sl1mfn, struct domain *d) { - mfn_t mfn; + mfn_t mfn = shadow_l1e_get_mfn(old_sl1e); + int flags = shadow_l1e_get_flags(old_sl1e); unsigned long gfn; - if ( !d->dirty_vram ) return; - - mfn = shadow_l1e_get_mfn(old_sl1e); - - if ( !mfn_valid(mfn) ) return; + if ( !d->dirty_vram /* tracking disabled? */ + || !(flags & _PAGE_RW) /* read-only mapping? */ + || !mfn_valid(mfn) ) /* mfn can be invalid in mmio_direct */ + return; gfn = mfn_to_gfn(d, mfn); - if ( (gfn >= d->dirty_vram->begin_pfn) && (gfn < d->dirty_vram->end_pfn) ) { + if ( (gfn >= d->dirty_vram->begin_pfn) && (gfn < d->dirty_vram->end_pfn) ) + { unsigned long i = gfn - d->dirty_vram->begin_pfn; struct page_info *page = mfn_to_page(mfn); int dirty = 0; paddr_t sl1ma = pfn_to_paddr(mfn_x(sl1mfn)) | ((unsigned long)sl1e & ~PAGE_MASK); - if ( (page->u.inuse.type_info & PGT_count_mask) == 1 ) { + if ( (page->u.inuse.type_info & PGT_count_mask) == 1 ) + { /* Last reference */ if ( d->dirty_vram->sl1ma[i] == INVALID_PADDR ) { /* We didn't know it was that one, let's say it is dirty */ dirty = 1; - } else { + } + else + { ASSERT(d->dirty_vram->sl1ma[i] == sl1ma); d->dirty_vram->sl1ma[i] = INVALID_PADDR; - if ( shadow_l1e_get_flags(old_sl1e) & _PAGE_DIRTY ) + if ( flags & _PAGE_DIRTY ) dirty = 1; } - } else { + } + else + { /* We had more than one reference, just consider the page dirty. */ dirty = 1; /* Check that it's not the one we recorded. */ - if ( d->dirty_vram->sl1ma[i] == sl1ma ) { + if ( d->dirty_vram->sl1ma[i] == sl1ma ) + { /* Too bad, we remembered the wrong one... */ d->dirty_vram->sl1ma[i] = INVALID_PADDR; - } else { + } + else + { /* Ok, our recorded sl1e is still pointing to this page, let's * just hope it will remain. */ } } - if ( dirty ) { + if ( dirty ) + { d->dirty_vram->dirty_bitmap[i / 8] |= 1 << (i % 8); d->dirty_vram->last_dirty = NOW(); } _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-changelog
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |