Xen project Mailing List

Re: [PATCH 11/16] x86/shadow: drop is_hvm_...() where easily possible

To: Jan Beulich <jbeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Thu, 23 Mar 2023 18:18:08 +0000

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sR1Kug5lHjFi9rtZ5Os0lRIE8TCgVsa0STkg9RB8TeQ=; b=PlrLG4lTrrMDpRZ1ucaiLTFGj7nCjHCABsFYF/jcdgsSqY9XeQvBxUVrLt2fORzWRBRWE/EA18HC2uXz0NnneOXc77bsJn1GMADhZx0loz//cJ0r0u9r41N2JFNeuWpizEvkzrIi1i7bfBOBL0bBUkH8QAh1n2ZcLAxfw8o6lxSPJ1WVAUv21gLqMT4R/hkrhjiAR+TYaUMeSgc3EtYF1LK+arvoUKrxEtTbpbHi0Vp9NMzik+daEl9H/WLxDr3nQyguFPdtTJAPPhBp/O04SPCatAvyFp9Zh+6KNlT7q/7mBnGRthVMSuehA028y+4vwvYVLXNVqgkmvS5pbkNczA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CQ5uxY38e7uHyUZie1n3Ca0s9XRjYM+IdPWrGzB32TaQkYHKz9ubm3rUCSMeaLxiqXVoA71AxFxEisF8LNdP0weYZu7Ms4RptFxeUF6gDmL3OVrGUcNbieqcpvs3GfblUV0Dig4lmd7mszzYG1pbb4M3nbKbWHtwC58qavWCsc8FCdcXoGcfKraaUqdItS/+/ELSeCxU55TCbIDnbxYXHx8+6+o6CQkECVWoLyV6Ux26ncLYvSacVALeGqIh61PGNJqwF91ue9gqj9R2cE58msyjoVxRucuOiK+2nhSi5pQHNBxANaZfp4q8f555KmFmfXhTtAD0bpKH36bOiGKLgA==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;

Cc: Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>

Delivery-date: Thu, 23 Mar 2023 18:18:49 +0000

Ironport-data: A9a23:r1Vuga3YbfG30vFM0/bD5eNwkn2cJEfYwER7XKvMYLTBsI5bp2ACy zNMW2/UMvuNN2akL41watni8xgBuJfSydBiSVFlpC1hF35El5HIVI+TRqvS04F+DeWYFR46s J9OAjXkBJppJpMJjk71atANlVEliefTAOK6ULWeUsxIbVcMYD87jh5+kPIOjIdtgNyoayuAo tq3qMDEULOf82cc3lk8tuTS+HuDgNyo4GlD5gdkPqgR1LPjvyJ94Kw3dPnZw0TQGuG4LsbiL 87fwbew+H/u/htFIrtJRZ6iLyXm6paLVeS/oiI+t5qK23CulQRrukoPD9IOaF8/ttm8t4sZJ OOhF3CHYVxB0qXkwIzxWvTDes10FfUuFLTveRBTvSEPpqFvnrSFL/hGVSkL0YMkFulfBlFfp KURLw02MzOFhOKqyamhFLlUv5F2RCXrFNt3VnBI6xj8VK5jZK+ZBqLA6JlfwSs6gd1IEbDGf c0FZDFzbRPGJRpSJlMQD5F4l+Ct7pX9W2QA9BTJ+uxqvi6KlFUZPLvFabI5fvSjQ8lPk1nej WXB52njWTkRNcCFyCrD+XWp7gPKtXqjAdNCTuHjr5aGhnWz/XY9CEEsWWKHrPTg1HWkQupBd mE9r39GQa8asRbDosPGdx+yrWOAvxUcc8FNCOB84waIooLE7gDcCmUaQzppbN09qNRwVTEsz kWOnd7iGXpoqrL9YW2Z3qeZq3W1Iyd9BXMDYAcUQA1D5MPsyLzflTrKR9dnVauq1Nv8HGiox yjQ9XBnwbIOkcQMyqO3u0jdhC6hrYTISQhz4RjLWmWi7UVyY4vNi5GU1GU3JM1odO6xJmRtd lBe8yRCxIji1a2wqRE=

Ironport-hdrordr: A9a23:NRB1navgsG/bWFg8nLqbq8KA7skDR9V00zEX/kB9WHVpm5qj5q WTdZUgpGTJYVMqMhwdcL+7Sc69qB/nhOdICOoqXItKPjOW3FdARbsKheDfKlvbak7DH8FmpM VdmsNFebvN5DZB/L7HCcqDfOrIAuPqzEllv4njJr5WLT1XVw==

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 22/03/2023 9:35 am, Jan Beulich wrote: > Emulation related functions are involved in HVM handling only, and in > some cases they even invoke such checks after having already done things > which are valid for HVM domains only. OOS active also implies HVM. In > sh_remove_all_mappings() one of the two checks is redundant with an > earlier paging_mode_external() one (the other, however, needs to stay). > > Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> > > --- a/xen/arch/x86/mm/shadow/common.c > +++ b/xen/arch/x86/mm/shadow/common.c > @@ -1522,7 +1522,7 @@ int sh_remove_all_mappings(struct domain > && (page->count_info & PGC_count_mask) <= 3 > && ((page->u.inuse.type_info & PGT_count_mask) > == (is_special_page(page) || > - (is_hvm_domain(d) && is_ioreq_server_page(d, > page))))) ) > + is_ioreq_server_page(d, page)))) ) > printk(XENLOG_G_ERR "can't find all mappings of mfn %"PRI_mfn > " (gfn %"PRI_gfn"): c=%lx t=%lx s=%d i=%d\n", > mfn_x(gmfn), gfn_x(gfn), Out of context here needs an equivalent adjustment. But in this case, I'm not sure the commit message covers the relevant details. ioreq servers have been made fully common since this code was written, and *that* is a better reason for dropping the predicates IMO than the redundancy with paging_mode_external(). That said... I'm not sure the logic here is correct any more. It used to be the case that ioreq pages were in the p2m, but they're outside of the p2m these days, so don't see how there can be any interaction with unexpected refcounts any more. I suspect that one way or another, this change wants to be in a separate patch. > --- a/xen/arch/x86/mm/shadow/multi.c > +++ b/xen/arch/x86/mm/shadow/multi.c > @@ -3441,7 +3441,7 @@ int sh_rm_write_access_from_sl1p(struct > > #ifdef CONFIG_HVM > /* Remember if we've been told that this process is being torn down */ > - if ( curr->domain == d && is_hvm_domain(d) ) > + if ( curr->domain == d ) > curr->arch.paging.shadow.pagetable_dying > = mfn_to_page(gmfn)->pagetable_dying; > #endif This one is dangerous. After tracing, I can see that sh_rm_write_access_from_sl1p() is only called from OOS functions, but this function itself does its very best to look like it has mixed PV + HVM usage, and dropping this conditional means that pagetable_dying can, in principle at least, become non-NULL for a PV guest. I think this function needs to be made far more obviously HVM-only first. > --- a/xen/arch/x86/mm/shadow/oos.c > +++ b/xen/arch/x86/mm/shadow/oos.c > @@ -577,7 +577,6 @@ int sh_unsync(struct vcpu *v, mfn_t gmfn > if ( pg->shadow_flags & > ((SHF_page_type_mask & ~SHF_L1_ANY) | SHF_out_of_sync) > || sh_page_has_multiple_shadows(pg) > - || !is_hvm_vcpu(v) > || !v->domain->arch.paging.shadow.oos_active ) This is reachable for PV guests as far as I can see. What am I missing ? The changes in hvm.c are all fine, and for those alone, consider it R-by if you end up splitting the patch. ~Andrew

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.