[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Re: [PATCH] Add a new p2m type for broken memory

Hi, 

At 08:39 +0100 on 14 Jul (1279096791), Jiang, Yunhong wrote:
> Add a new p2m type for broken memory.
> 
> Currently, this is used only for EPT guest. When memory assigned to guest is 
> poisoned, we will mark it as broken in p2m table, the corresponding EPT entry 
> is set as not present. Later, if guest try to access the affected memory, EPT 
> violation will happen and Xen hypervisor can trap this access.
> 
> Signed-off-by: Jiang, Yunhong <yunhong.jiang@xxxxxxxxx>
> 
> diff -r 29f0479830cd xen/arch/x86/hvm/hvm.c
> --- a/xen/arch/x86/hvm/hvm.c  Mon Jul 12 13:12:31 2010 +0800
> +++ b/xen/arch/x86/hvm/hvm.c  Mon Jul 12 13:58:55 2010 +0800
> @@ -971,6 +971,12 @@ bool_t hvm_hap_nested_page_fault(unsigne
>  
>      mfn = gfn_to_mfn_type_current(gfn, &p2mt, p2m_guest);
>  
> +    if ( unlikely(p2mt == p2m_ram_broken) )
> +    {
> +        domain_crash(current->domain);
> +        return 1;
> +    }
> +

You should probably do this in more places, even if you don't care
about shadow pagetables -- MMIO emulation should behave the same as
normal accesses.

What behaviour would you like when qemu tries to DMA to a broken page?
Or when a backend driver grant-copies to it?

Is there a case for just having the P2M lookups (at least the _query()
kind) call domain_crash when they hit a poisoned page?

Cheers,

Tim.

>      /*
>       * If this GFN is emulated MMIO or marked as read-only, pass the fault
>       * to the mmio handler.
> diff -r 29f0479830cd xen/include/asm-x86/p2m.h
> --- a/xen/include/asm-x86/p2m.h       Mon Jul 12 13:12:31 2010 +0800
> +++ b/xen/include/asm-x86/p2m.h       Mon Jul 12 13:56:02 2010 +0800
> @@ -85,6 +85,7 @@ typedef enum {
>      p2m_ram_paging_in = 11,       /* Memory that is being paged in */
>      p2m_ram_paging_in_start = 12, /* Memory that is being paged in */
>      p2m_ram_shared = 13,          /* Shared or sharable memory */
> +    p2m_ram_broken  = 14,        /* broken page, access cause domain crash*/
>  } p2m_type_t;
>  
>  typedef enum {
> @@ -132,6 +133,8 @@ typedef enum {
>                            | p2m_to_mask(p2m_ram_paging_in))
>  
>  #define P2M_PAGED_TYPES (p2m_to_mask(p2m_ram_paged))
> +
> +#define P2M_BROKEN_TYPES (p2m_to_mask(p2m_ram_broken))
>  
>  /* Shared types */
>  /* XXX: Sharable types could include p2m_ram_ro too, but we would need to
> @@ -155,6 +158,7 @@ typedef enum {
>  #define p2m_is_paged(_t)    (p2m_to_mask(_t) & P2M_PAGED_TYPES)
>  #define p2m_is_sharable(_t) (p2m_to_mask(_t) & P2M_SHARABLE_TYPES)
>  #define p2m_is_shared(_t)   (p2m_to_mask(_t) & P2M_SHARED_TYPES)
> +#define p2m_is_broken(_t)   (p2m_to_mask(_t) & P2M_BROKEN_TYPES)
>  
>  
>  /* Populate-on-demand */
> diff -r 29f0479830cd xen/include/asm-x86/page.h
> --- a/xen/include/asm-x86/page.h      Mon Jul 12 13:12:31 2010 +0800
> +++ b/xen/include/asm-x86/page.h      Mon Jul 12 13:56:21 2010 +0800
> @@ -323,6 +323,7 @@ void setup_idle_pagetable(void);
>  #define _PAGE_PSE_PAT 0x1000U
>  #define _PAGE_PAGED   0x2000U
>  #define _PAGE_SHARED  0x4000U
> +#define _PAGE_BROKEN  0x8000U
>  
>  /*
>   * Debug option: Ensure that granted mappings are not implicitly unmapped.
> 
> 



-- 
Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Principal Software Engineer, XenServer Engineering
Citrix Systems UK Ltd.  (Company #02937203, SL9 0BG)

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.