[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] vunmap: let vunmap align virtual address by itself

  • To: Julien Grall <julien.grall@xxxxxxx>
  • From: Jan Beulich <JBeulich@xxxxxxxx>
  • Date: Mon, 22 Jul 2019 12:11:02 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=suse.com;dmarc=pass action=none header.from=suse.com;dkim=pass header.d=suse.com;arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kuG1DHHOm/Z/OyGLuU/9gJOM9DC+NLq+Uhednd10q2o=; b=bX6RkLb6/ukx5y4JZ8oPILxP/OufTPE8EM/DaMCQ2Ee29AzFJnEyxph9LzeBZnDn72vopZ396psgxlTgeEePMc5R7d4arTCNccADNdAOUqXSV+CdcQFCTy4Dw5KSFZlN3oLzBYcLPukoDK8Sp4DdKaxn9m0q80bJrNw7sOyuF7ScPbG2Kb7rkjTJOmpEk4dYJwbClaKL8BCzWrV5m5hCCb7j0mc6ZP796VcVvdxaHblX/rk+wzGyVjA7mphaoyG8PJnBtnxpqKMewBE4Bny5dxZlCoUxbhkMMatF48jv/nPlZgfufqbgV+zXDXqrSpXk03YlFTcQSTtkqqFXXgPVkw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Axl7kLgdrJ64pD1oJPzPG/jUnvflYKMvMS2zMDZvN6WLMY29OmyE/Crwge5M5BGrtlQfB5gJCcezz0rU1r/ZVbJrV6ioYGDOJoyb6F2r8w1wAYYKWZeP62R+Si1jybSmC3YTxC2AWzJK2MGlKSuZF0TchOWwYetC+GNxH0oV2FzRZn7c4Gqd89cz+lG0wdblOdFTSgFSjAAsd7C3eHEEqZqY9rWPX0hrp1NNjRD4lYL63WpAh0tZVoIhumP3vTVHdWrp7ObjNaq1z6LrDPYHAQXd+tcXqEzFTtc5iNg9dWnV9tOiJPm3gtlfLccHjaI8z8qRFA6752ftebjRgFrFfA==
  • Authentication-results: spf=none (sender IP is ) smtp.mailfrom=JBeulich@xxxxxxxx;
  • Cc: Tim Deegan <tim@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Andrii Anisov <andrii_anisov@xxxxxxxx>, Wei Liu <wl@xxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Andrii Anisov <andrii.anisov@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Mon, 22 Jul 2019 12:12:28 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHVPhWLg4cyYnQWKUW8aYX9saIQuqbWZDjPgAAOmQCAABvi84AAAicA
  • Thread-topic: [PATCH] vunmap: let vunmap align virtual address by itself
On 22.07.2019 14:02, Julien Grall wrote:
> On 22/07/2019 11:23, Jan Beulich wrote:
>> On 22.07.2019 11:30, Andrii Anisov wrote:
>>>
>>>
>>> On 19.07.19 12:37, Jan Beulich wrote:
>>>> On 18.07.2019 19:11, Andrii Anisov wrote:
>>>>> Let vunmap align passed virtual address by PAGE_SIZE.
>>>>
>>>> Despite seeing Andrew's R-b you've already got I'd like to point out
>>>> that this increases the risk of some code passing the wrong pointer
>>>> into here. {,un}map_domain_page() act on single pages only, so there's
>>>> no ambiguity. When talking about multi-page regions though, not undoing
>>>> arithmetic previously done may mean actually pointing at other than the
>>>> first page of the mapping.
>>>
>>> Well, what we are moving into vunmap(), is a page alignment only. It can't 
>>> save us from the wrong pointer, even if it is done outside the vunmap().
>>>
>>>>> With the main change, also:
>>>>>     - strip all existing vunmap() calls from prior masking
>>>>
>>>> _If_ we are to go this route, then unmap_domain_page_global()
>>>> callers should also be adjusted. There, as for unmap_domain_page(),
>>>> I agree it would make sense to be more tolerant.
>>>
>>> I've found two page alignments prior to `unmap_domain_page_global()` call. 
>>> Should I wipe them in this patch, or in separate?
>>
>> If we're to go the suggested route then it might not matter much.
>> As I'm not entirely certain yet that we will, making this a prereq
>> one dealing with the alignment in unmap_domain_page_global() might
>> be better. Your existing patch would then further shift this into
>> vunmap().
> 
> I think allowing vunmap to deal with unaligned address could simplify some of 
> the callers. Passing the wrong page-aligned pointer is less critical than 
> passing an unaligned address.
> 
> The latter may result in misbehaving code.

Why only the latter?

> The vmap will end-up to not be sync with the page-table as we assume
> page-table update cannot fail (this probably should be changed). On
> Arm, this will result to any new vmap function to likely fail (we
> don't allow replace an existing valid page-table entry).
> 
> IIUC the code, the former will result to only unmapping some part of
> the vmap. 

AIUI the unmap request will simply fail: vm_index() and hence vm_size()
will simply return 0. Hence, with vunmap() not itself returning any
error, there'll be a silent leak of mappings.

Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.