Changeset 19632:b0966b6f5180 wasn't really complete: The Xen image mapping doesn't end at _end, but a full 16Mb gets mapped during boot (and never got unmapped so far), hence all of this space was subject to alias mappings when it comes to cache attribute changes. Unmap all full large pages between _end and the 16Mb boundary, and include all other pages beyond _end when checking for aliases. Signed-off-by: Jan Beulich --- a/xen/arch/x86/mm.c +++ b/xen/arch/x86/mm.c @@ -805,7 +805,7 @@ static int update_xen_mappings(unsigned int err = 0; #ifdef __x86_64__ bool_t alias = mfn >= PFN_DOWN(xen_phys_start) && - mfn < PFN_UP(xen_phys_start + (unsigned long)_end - XEN_VIRT_START); + mfn < PFN_UP(xen_phys_start + xen_virt_end - XEN_VIRT_START); unsigned long xen_va = XEN_VIRT_START + ((mfn - PFN_DOWN(xen_phys_start)) << PAGE_SHIFT); --- a/xen/arch/x86/setup.c +++ b/xen/arch/x86/setup.c @@ -94,6 +94,8 @@ unsigned long __read_mostly xen_phys_sta /* Limits of Xen heap, used to initialise the allocator. */ unsigned long __initdata xenheap_initial_phys_start; unsigned long __read_mostly xenheap_phys_end; +#else +unsigned long __read_mostly xen_virt_end; #endif DEFINE_PER_CPU(struct tss_struct, init_tss); @@ -1094,6 +1096,9 @@ void __init __start_xen(unsigned long mb map_pages_to_xen((unsigned long)__va(kexec_crash_area.start), kexec_crash_area.start >> PAGE_SHIFT, PFN_UP(kexec_crash_area.size), PAGE_HYPERVISOR); + xen_virt_end = ((unsigned long)_end + (1UL << L2_PAGETABLE_SHIFT) - 1) & + ~((1UL << L2_PAGETABLE_SHIFT) - 1); + destroy_xen_mappings(xen_virt_end, XEN_VIRT_START + BOOTSTRAP_MAP_BASE); #endif memguard_init(); --- a/xen/include/asm-x86/x86_64/page.h +++ b/xen/include/asm-x86/x86_64/page.h @@ -35,6 +35,8 @@ #include #include +extern unsigned long xen_virt_end; + extern unsigned long max_pdx; extern unsigned long pfn_pdx_bottom_mask, ma_va_bottom_mask; extern unsigned int pfn_pdx_hole_shift;