[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] common: map_vcpu_info() wants to unshare the underlying page
- To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Tue, 11 Oct 2022 10:48:38 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=yCFMIznkAEoGtILkRiPo+tByavozNVbWDchF5HojaPI=; b=kTHUpV7NNYGwWvXg2QqY9zHcwR3/XVILStR3ZQXRyfBgeGddX7zA6breUMcvQDVyYi/8i2sP4P0CbVkIISVogfFOTOwx8E+/B6dPOZsiDKm52Pm2+oFISgHKX/zj+R19amME3B2gQqQhwpJLZOckOqSL0qxrD2jHpOQFoimpJKrBtt5f4g/sPoWx/wcNRhJVHFOc5awkYHs6IKdNk36oG4+1K3Jl6vB3EQVIMv033KSmCyPxV9rd80dPctJLGwYz6WHzScLco8rx9SK0XbRbCcg+ufIDRIuXtdFRJrxAyHzLrKJUiQ0doBCNngoDXQjB5GgOYHHOuECZyxIeUytQ6w==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DRo/OcTnm/1E4fpZ4ajhb3J69oUa8h596+EWEjoQ/GjN28NxZ2kPXur7ieaaS5sjfD9XduUA0BqP4ul1qm78ZPObhr3rCb6nmPqP1aa5TcymDvhxP9+BAYuDGeNZ2j+cPFBPIzUbJxtjuKdvHF+C5kvTkqhfUgbYUv7xvYiCcRNw/y4JFncS9H9dqgctyRSwt+AJ8Wx6N6skRG8wnuDA9X++6r0lB320QdqhZB1d/r2nmdGanoVWXvxOo0AW8jNOXrvumTDnBzN9Vgpoh38uC/4nyh1pkxI4i/+WqfXAwvT8nq4s8nW0orJN88AqYrHpyBjgJlo723SIwWHej2iDfA==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
- Delivery-date: Tue, 11 Oct 2022 08:48:49 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Not passing P2M_UNSHARE to get_page_from_gfn() means there won't even be
an attempt to unshare the referenced page, without any indication to the
caller (e.g. -EAGAIN). Note that guests have no direct control over
which of their pages are shared (or paged out), and hence they have no
way to make sure all on their own that the subsequent obtaining of a
writable type reference can actually succeed.
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
---
Really I wonder whether the function wouldn't better use
check_get_page_from_gfn() _and_ permit p2m_ram_rw only. Otoh the P2M
type is stale by the time it is being looked at, so all depends on the
subsequent obtaining of a writable type reference anyway ...
A similar issue then apparently exists in guest_wrmsr_xen() when writing
the hypercall page. Interestingly there p2m_is_paging() is being checked
for (but shared pages aren't).
--- a/xen/common/domain.c
+++ b/xen/common/domain.c
@@ -1484,7 +1484,7 @@ int map_vcpu_info(struct vcpu *v, unsign
if ( (v != current) && !(v->pause_flags & VPF_down) )
return -EINVAL;
- page = get_page_from_gfn(d, gfn, NULL, P2M_ALLOC);
+ page = get_page_from_gfn(d, gfn, NULL, P2M_UNSHARE);
if ( !page )
return -EINVAL;
|
