[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 4/6] arm/mpu: Destroy an existing entry in Xen MPU memory mapping table

To: Hari Limaye <Hari.Limaye@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
From: Ayan Kumar Halder <ayankuma@xxxxxxx>
Date: Wed, 2 Jul 2025 14:11:03 +0100
Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ZO3kjlm1BXjOnAvp3dDS+we62CxdTpeWYM4xslke51g=; b=JfTWa7q4Bb4GUxAbHR1mwltKJ0tZfI2/g0TWN+iLKfboX12ymWidB51Vts0OdnrZQ4J0pemV1qsOjDKF0ujX7zGnvIWigKrGC/LcIXvm++kMZlbXXEHTO74N/H37xAoJS6DJn1qeDvL8gFwOCvmbTPcoZTVQof0HBtm/BnSPR4YTyv85+SDU/LV2NTVP9Szl+v/0mWqMfJV3cObwBbC06OYvq3aEbGgWZFkmsImK7jZ9LYaA9/vgxdaH8X19o9aIMV2FtW5sDcs0KbB0tQaWOZjDmb7kHyPmMQPMqi6eWauknepbumTuUMrvH2ZVE5KcworAGeDn9hZKsTWxjDWxDg==
Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=big7Xyibs9GoVcLuBDg7RakwnUnmqEyjO5kXRb9Tu/4p/VEyxr6K+npr5maVoAEkK5LLrzcjpSBytILkhJRzR4QrqGNM9pPUxdJrBKOtq9gEmlmv9oKOrVKfihb/N2hFCG+khkX7y807t/aDV10cANlmB7afsK57ZDxuQy6jvXex611XPv1wjTfYl+vHrhVlftF4ZXL2Lb97iCT9CiOXHEsecZlfrzpmkJb+u1a6g2hfsTCwkh/i4f93xq2YdJxl2xac6bzipOcUbwi0r6uUoLFi4IHkqWVE/5Tm2zytTa74lyEYG2vanneFFhJ1V+uV7cy5L8MpsO0AUGABGJ1teQ==
Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com;
Cc: Luca Fancellu <Luca.Fancellu@xxxxxxx>, Penny Zheng <Penny.Zheng@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Wei Chen <Wei.Chen@xxxxxxx>
Delivery-date: Wed, 02 Jul 2025 13:11:18 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>


On 01/07/2025 15:56, Hari Limaye wrote:


Hi Ayan,

Hi Hari,


Thank you for the review. I have just a couple of clarifications before I

re-spin the series to address all the comments:

> > -    if ( flags & _PAGE_PRESENT )

> > +    if ( (flags & _PAGE_PRESENT) && (MPUMAP_REGION_NOTFOUND == rc) )

>

> Same question in this patch , why do we need to check for _PAGE_PRESENT.

> Can't we just rely on MPUMAP_REGION_XXX ?

The _PAGE_PRESENTflag indicates intent - whether the caller intends tocreate


or remove a region.

If so, then I misunderstood the code. However, looking atxen_pt_check_entry(), it seems _PAGE_PRESENTindicates if the page tableentry exists. If so, using _PAGE_PRESENTis not making sense to meatleast. May be others can chime in.


The MPUMAP_REGION_XXX values only describe the current state

of the MPU map - whether the region already exists - not the caller'spurpose.

For example, if the function is called to remove a region and it turnsout to be


MPUMAP_REGION_NOTFOUND, we don't want to accidentally create it.

The flag is passed via the `flags` argument in calls to`map_pages_to_xen()`.


In this patch:

https://patchwork.kernel.org/project/xen-devel/patch/deccb1566ced5fa64f6de5c988ab968b76dc945a.1750411205.git.hari.limaye@xxxxxxx/

`flags` is set to PAGE_HYPERVISOR_RO, and as defined in

xen/arch/arm/include/asm/page.h, this includes _PAGE_PRESENT.

It is also used in a similar way in `xen_pt_update_entry()` in

xen/arch/arm/mmu/pt.c.

> > +static void disable_mpu_region_from_index(uint8_t index)

> > +{

> > + ASSERT(spin_is_locked(&xen_mpumap_lock));

> > +    ASSERT(index != INVALID_REGION_IDX);

> > +

> > +    if ( !region_is_valid(&xen_mpumap[index]) )

> > +    {

> > +        printk(XENLOG_WARNING

> > + "mpu: MPU memory region[%u] is already disabled\n",index);


> > +        return;

> > +    }

> > +

> > +    /* Zeroing the region will also zero the region enable */

> > +    memset(&xen_mpumap[index], 0, sizeof(pr_t));

> > +    clear_bit(index, xen_mpumap_mask);

>

> NIT.

>

> These 2 lines we can move before the if { ..}. So that the region is

> zeroed even if the region is disabled. This will add a small overhead,

> but we will be sure that the region is zeroed whenever it is disabled.

Thank you for the suggestion - just to clarify, unless I am missingsomething

I think that moving those lines above the if block would actuallybreak the


logic.

Ah my mistake. I meant these two lines should be moved *inside* the if{...} condition.


This is a minor suggestion so feel free to ignore.

The memset() call zeroes the region in the xen_mpumap data structure,and this
is what region_is_valid() inspects. So if we zero the region beforecalling
region_is_valid(), that check will always fail, and we would exitearly without
updating the hardware.
It’s the subsequent lines that actually write the region to the MPUregister. So
if we exit early, the hardware MPU state remains unchanged.

All good.

- Ayan

Follow-Ups:
- Re: [PATCH 4/6] arm/mpu: Destroy an existing entry in Xen MPU memory mapping table
  - From: Luca Fancellu

References:
- Re: [PATCH 4/6] arm/mpu: Destroy an existing entry in Xen MPU memory mapping table
  - From: Hari Limaye

Prev by Date: [PATCH] Arm: tidy page_get_owner_and_nr_reference()
Next by Date: Re: [PATCH v5 03/10] x86: Replace arch-specific boot_domain with the common one
Previous by thread: Re: [PATCH 4/6] arm/mpu: Destroy an existing entry in Xen MPU memory mapping table
Next by thread: Re: [PATCH 4/6] arm/mpu: Destroy an existing entry in Xen MPU memory mapping table
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.