From: "Roger Pau Monné" <roger.pau@citrix.com>
To: Jan Beulich <jbeulich@suse.com>
Cc: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>,
Andrew Cooper <andrew.cooper3@citrix.com>
Subject: Re: [PATCH 2/3] x86/P2M: correct old entry checking in p2m_remove_entry()
Date: Mon, 10 Mar 2025 16:16:36 +0100 [thread overview]
Message-ID: <Z88CVK0wjer8sXJm@macbook.local> (raw)
In-Reply-To: <b9f829c3-dc7d-4023-b58a-49527742a5f0@suse.com>
On Wed, Feb 26, 2025 at 12:52:45PM +0100, Jan Beulich wrote:
> Using p2m_is_valid() isn't quite right here. It expanding to RAM+MMIO,
> the subsequent p2m_mmio_direct check effectively reduces its use to
> RAM+MMIO_DM. Yet MMIO_DM entries, which are never marked present in the
> page tables, won't pass the mfn_valid() check. It is, however, quite
> plausible (and supported by the rest of the function) to permit
> "removing" hole entries, i.e. in particular to convert MMIO_DM to
> INVALID. Which leaves the original check to be against RAM (plus MFN
> validity), while HOLE then instead wants INVALID_MFN to be passed in.
>
> Further more grant and foreign entries (together with RAM becoming
> ANY_RAM) as well as BROKEN want the MFN checking, too.
>
> All other types (i.e. MMIO_DIRECT and POD) want rejecting here rather
> than skipping, for needing handling / accounting elsewhere.
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> ---
> Paging/sharing types likely need further customization here. Paths
> leading here differ in their handling (e.g. guest_remove_page() special-
> casing paging types vs XENMEM_remove_from_physmap not doing so), so it's
> not even clear what the intentions are for those types.
>
> --- a/xen/arch/x86/mm/p2m.c
> +++ b/xen/arch/x86/mm/p2m.c
> @@ -531,9 +531,9 @@ p2m_remove_entry(struct p2m_domain *p2m,
> mfn_t mfn_return = p2m->get_entry(p2m, gfn_add(gfn, i), &t, &a, 0,
> &cur_order, NULL);
>
> - if ( p2m_is_valid(t) &&
> - (!mfn_valid(mfn) || t == p2m_mmio_direct ||
> - !mfn_eq(mfn_add(mfn, i), mfn_return)) )
> + if ( p2m_is_any_ram(t) || p2m_is_broken(t)
> + ? !mfn_valid(mfn) || !mfn_eq(mfn_add(mfn, i), mfn_return)
In the commit message you mention that MMIO_DIRECT wants rejecting
here, yet I think some MMIO_DIRECT mfns can be valid IIRC, and hence
would satisfy the check here?
Thanks, Roger.
next prev parent reply other threads:[~2025-03-10 15:16 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-26 11:51 [PATCH 0/3] x86/P2M: assorted corrections Jan Beulich
2025-02-26 11:52 ` [PATCH 1/3] x86/P2M: synchronize fast and slow paths of p2m_get_page_from_gfn() Jan Beulich
2025-03-10 14:53 ` Roger Pau Monné
2025-03-11 8:44 ` Jan Beulich
2025-03-11 9:01 ` Roger Pau Monné
2025-02-26 11:52 ` [PATCH 2/3] x86/P2M: correct old entry checking in p2m_remove_entry() Jan Beulich
2025-03-10 15:16 ` Roger Pau Monné [this message]
2025-03-10 15:21 ` Roger Pau Monné
2025-02-26 11:53 ` [PATCH 3/3] x86/P2M: don't include MMIO_DM in p2m_is_valid() Jan Beulich
2025-03-10 15:25 ` Roger Pau Monné
2025-03-11 22:16 ` [REGRESSION] Re: [PATCH 0/3] x86/P2M: assorted corrections Andrew Cooper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z88CVK0wjer8sXJm@macbook.local \
--to=roger.pau@citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=jbeulich@suse.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.