[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] x86/PV: assert page state in mark_pv_pt_pages_rdonly()

  • To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Mon, 16 Aug 2021 17:29:04 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=e34TaObqebYYNOnrJ2Uk48Z9gMDnN/4F0FjiG6Xfpcg=; b=SuZok7sKL2bSre1nR/T4lyghXK7hOrH3ox2W8FYUNaSuYMZcmylqeSfhEJjcV5VR+fSEEh1wn1Tzk6lO9dxUnEi6NSNqqSgBhUyKdnPheMuM4gvW67Dja9k9T2xWrOlB/KMXbO6BQs0/ymuVXo4WC+q86ZmuoJjophUoSEealm/oIXysbsE0dDXPx7G1ZtOpn7sAJkHT+/OTBv952SQWVGiAr/MJi9yiPSJYXm8ZyQLhxHLU2ySd7pR1QvI2NXKm/mSm3AMMP1QrGqhPQ1I2a+qAxOrEEjGrxNXqvbk8UVl/nlMZHaOqr+DwkvWknEkF5xMtFVYq/7DBDMtJv1985w==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RwMFSrzDTGFhXUfzUzSuibDdNxsGgL41PpShrzq99+Ii6i+FMTVpONIAb5E5zUwJRAUbQo2USN0qlVZkhr3SohBdQUwZF7ehphjmNnXC+bzfFDtfOLbZIrZd3un21jOd9CtlkphOXt2WxvQXlkBZ2mvPuNlSER/mPjphW/BFR1qCmYH2gtSBcmrAnFaK+Qiw13ABIkAD0aFaXav0LpclqIoQ/H7/jom1C9fRhAmJESnxngrFEBhvDO9xEdGTou65ilrSJ5oxkKezm5VNZb23JesslfRbpn0yif1ZAgqaymL4Gy6vdzO9vcbcvmzxy7Xy+WTFnegOq+H943UDbAM1tQ==
  • Authentication-results: citrix.com; dkim=none (message not signed) header.d=none;citrix.com; dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Mon, 16 Aug 2021 15:29:27 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
About every time I look at dom0_construct_pv()'s "calculation" of
nr_pt_pages I question (myself) whether the result is precise or merely
an upper bound. I think it is meant to be precise, but I think we would
be better off having some checking in place. Hence add ASSERT()s to
verify that
- all pages have a valid L1...Ln (currently L4) page table type and
- no other bits are set, in particular the type refcount is still zero.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
---
There are (at least) two factors supporting my uncertainty about the
"calculation" being precise: The loop starting from 2 (which clearly is
too small for a possible result) and an apparently wrong comment stating
that not only v_end but also v_start would be superpage aligned (in fact
v_end is 4MiB aligned, which is the superpage size only on long
abandoned [by us] non-PAE x86-32).

--- a/xen/arch/x86/pv/dom0_build.c
+++ b/xen/arch/x86/pv/dom0_build.c
@@ -59,6 +59,10 @@ static __init void mark_pv_pt_pages_rdon
         l1e_remove_flags(*pl1e, _PAGE_RW);
         page = mfn_to_page(l1e_get_mfn(*pl1e));
 
+        ASSERT(page->u.inuse.type_info & PGT_type_mask);
+        ASSERT((page->u.inuse.type_info & PGT_type_mask) <= 
PGT_root_page_table);
+        ASSERT(!(page->u.inuse.type_info & ~PGT_type_mask));
+
         /* Read-only mapping + PGC_allocated + page-table page. */
         page->count_info         = PGC_allocated | 3;
         page->u.inuse.type_info |= PGT_validated | 1;

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.