[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v3 2/5] arch, arm: add consistency checks to REMOVE p2m changes
On 03/15/2014 11:19 PM, Julien Grall wrote: > Hello Arianna, > > Thanks for the patch. > Thank you for the feedback. > On 15/03/14 20:11, Arianna Avanzini wrote: >> --- >> xen/arch/arm/p2m.c | 33 +++++++++++++++++++++++++++++++-- >> 1 file changed, 31 insertions(+), 2 deletions(-) >> >> diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c >> index d00c882..47bf154 100644 >> --- a/xen/arcah/arm/p2m.c >> +++ b/xen/arch/arm/p2m.c >> @@ -243,7 +243,8 @@ static int apply_p2m_changes(struct domain *d, >> int rc; >> struct p2m_domain *p2m = &d->arch.p2m; >> lpae_t *first = NULL, *second = NULL, *third = NULL; >> - paddr_t addr; >> + p2m_type_t _t; >> + paddr_t addr, _maddr = INVALID_PADDR; >> unsigned long cur_first_page = ~0, >> cur_first_offset = ~0, >> cur_second_offset = ~0; >> @@ -252,6 +253,20 @@ static int apply_p2m_changes(struct domain *d, >> bool_t populate = (op == INSERT || op == ALLOCATE); >> lpae_t pte; >> >> + /* >> + * As of now, the lookup is needed only in in case >> + * of REMOVE operation, as a consistency check on >> + * the existence of a mapping between the machine >> + * address and the start guest address given as >> + * parameters. >> + */ >> + if (op == REMOVE) >> + /* >> + * Be sure to lookup before grabbing the p2m_lock, >> + * as the p2m_lookup() function holds it too. >> + */ >> + _maddr = p2m_lookup(d, start_gpaddr, &_t); >> + > > Did you try remove path? apply_p2m_changes is taking p2m->lock which is also > taken by p2m_lookup. With this solution it will end up to a deadlock. > The lookup is performed before grabbing p2m->lock, as stated in the comment. I'll certainly remove it as it is useless, thank you for the feedback and for the many suggestions. > Anyway, you don't need to use p2m_lookup because you already have all the data > in pte (if pte.p2m.valid == 1): > - pte.p2m.type = p2m type > - pte.p2m.base = MFN > >> spin_lock(&p2m->lock); >> >> if ( d != current->domain ) >> @@ -367,9 +382,23 @@ static int apply_p2m_changes(struct domain *d, >> maddr += PAGE_SIZE; >> } >> break; >> - case RELINQUISH: >> case REMOVE: >> { >> + /* >> + * Ensure that, if we are trying to unmap I/O memory >> + * ranges, the given gfn is p2m_mmio_direct. >> + */ > >> + if ( t == p2m_mmio_direct ? _t != p2m_mmio_direct : 0 || >> + paddr_to_pfn(_maddr) == INVALID_MFN || > > Testing pte.p2m.valid instead of paddr_to(_maddr)... is right answer. > > Moreover, why do you need to check t? Every call to guest_physmap_remove_page > is > done with a valid mfn (I guess it can be enhanced by a BUG_ON(mfn != > INVALID_MFN) in this function). > I might be wrong, but it seems to me that apply_p2m_changes() is called with op == REMOVE also from guest_physmap_remove_page(), and in that case t == p2m_invalid. > >> + maddr != _maddr ) > > maddr is not incremented during where the page is removed. The next iteration > will likely fail. You need to increment it in various place. > I actually was checking at each iteration the start maddr against the result of the lookup performed before the loop, which is a mistake. Sorry, and thank you again for the feedback. >> + { >> + count++; >> + break; > > IHMO, skipping the page is totally wrong. You should return an error here. > > Regards, > -- /* * Arianna Avanzini * avanzini.arianna@xxxxxxxxx * 73628@xxxxxxxxxxxxxxxxxxx */ _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |