* [PATCH 0/3] xen: arm: various p2m handling fixups
@ 2014-07-14 16:26 Ian Campbell
2014-07-14 16:27 ` [PATCH 1/3] xen: arm: avoid reusing incorrect mappings when walking the p2m Ian Campbell
` (2 more replies)
0 siblings, 3 replies; 12+ messages in thread
From: Ian Campbell @ 2014-07-14 16:26 UTC (permalink / raw)
To: xen-devel; +Cc: Stefano Stabellini, Julien Grall, Tim Deegan
Three pretty much independent fixes.
Some of these were introduced by my recent superpages series, others may
or may not have been ;-).
Ian.
^ permalink raw reply [flat|nested] 12+ messages in thread
* [PATCH 1/3] xen: arm: avoid reusing incorrect mappings when walking the p2m.
2014-07-14 16:26 [PATCH 0/3] xen: arm: various p2m handling fixups Ian Campbell
@ 2014-07-14 16:27 ` Ian Campbell
2014-07-14 18:17 ` Julien Grall
2014-07-14 16:27 ` [PATCH 2/3] xen: arm: when ALLOCATING p2m entries maddr is meaningless Ian Campbell
2014-07-14 16:27 ` [PATCH 3/3] xen: arm: correctly handle removing a subset of a superpage mapping Ian Campbell
2 siblings, 1 reply; 12+ messages in thread
From: Ian Campbell @ 2014-07-14 16:27 UTC (permalink / raw)
To: xen-devel; +Cc: julien.grall, tim, Ian Campbell, stefano.stabellini
If we handle a change in a superpage then we need to invalidate any cached
mappings further down, otherwise we risk using them because their offset might
match but be based on a different offset further up the table.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
---
xen/arch/arm/p2m.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
index c0c011a..917baa3 100644
--- a/xen/arch/arm/p2m.c
+++ b/xen/arch/arm/p2m.c
@@ -719,6 +719,8 @@ static int apply_p2m_changes(struct domain *d,
goto out;
}
cur_first_page = p2m_first_level_index(addr);
+ /* Any mapping further down is now invalid */
+ cur_second_offset = ~0;
}
/* We only use a 3 level p2m at the moment, so no level 0,
@@ -741,6 +743,8 @@ static int apply_p2m_changes(struct domain *d,
if (second) unmap_domain_page(second);
second = map_domain_page(first[first_table_offset(addr)].p2m.base);
cur_first_offset = first_table_offset(addr);
+ /* Any mapping further down is now invalid */
+ cur_second_offset = ~0;
}
/* else: second already valid */
--
1.7.10.4
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH 2/3] xen: arm: when ALLOCATING p2m entries maddr is meaningless
2014-07-14 16:26 [PATCH 0/3] xen: arm: various p2m handling fixups Ian Campbell
2014-07-14 16:27 ` [PATCH 1/3] xen: arm: avoid reusing incorrect mappings when walking the p2m Ian Campbell
@ 2014-07-14 16:27 ` Ian Campbell
2014-07-14 18:29 ` Julien Grall
2014-07-14 16:27 ` [PATCH 3/3] xen: arm: correctly handle removing a subset of a superpage mapping Ian Campbell
2 siblings, 1 reply; 12+ messages in thread
From: Ian Campbell @ 2014-07-14 16:27 UTC (permalink / raw)
To: xen-devel; +Cc: julien.grall, tim, Ian Campbell, stefano.stabellini
The maddr differs on each loop depending on the pages which happen to get
allocated.
There is already an assertion that maddr == 0.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
---
xen/arch/arm/p2m.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
index 917baa3..a10cbaf 100644
--- a/xen/arch/arm/p2m.c
+++ b/xen/arch/arm/p2m.c
@@ -501,7 +501,6 @@ static int apply_one_level(struct domain *d,
p2m->stats.mappings[level]++;
*addr += level_size;
- *maddr += level_size;
return P2M_ONE_PROGRESS;
}
--
1.7.10.4
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH 3/3] xen: arm: correctly handle removing a subset of a superpage mapping.
2014-07-14 16:26 [PATCH 0/3] xen: arm: various p2m handling fixups Ian Campbell
2014-07-14 16:27 ` [PATCH 1/3] xen: arm: avoid reusing incorrect mappings when walking the p2m Ian Campbell
2014-07-14 16:27 ` [PATCH 2/3] xen: arm: when ALLOCATING p2m entries maddr is meaningless Ian Campbell
@ 2014-07-14 16:27 ` Ian Campbell
2014-07-14 18:34 ` Julien Grall
2 siblings, 1 reply; 12+ messages in thread
From: Ian Campbell @ 2014-07-14 16:27 UTC (permalink / raw)
To: xen-devel; +Cc: julien.grall, tim, Ian Campbell, stefano.stabellini
This can be exercised for example via ballooning which will remove 4K
regions fromanywhere in the address space.
Reported-by: Julien Grall <julien.grall@linaro.org>
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
---
xen/arch/arm/p2m.c | 29 +++++++++++++++++++++++++++--
1 file changed, 27 insertions(+), 2 deletions(-)
diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
index a10cbaf..68a19bd 100644
--- a/xen/arch/arm/p2m.c
+++ b/xen/arch/arm/p2m.c
@@ -604,8 +604,33 @@ static int apply_one_level(struct domain *d,
return P2M_ONE_PROGRESS_NOP;
}
- if ( level < 3 && p2m_table(orig_pte) )
- return P2M_ONE_DESCEND;
+ if ( level < 3 )
+ {
+ if ( p2m_table(orig_pte) )
+ return P2M_ONE_DESCEND;
+
+ if ( op == REMOVE &&
+ !is_mapping_aligned(*addr, end_gpaddr,
+ 0, /* maddr doesn't matter for remove */
+ level_size) )
+ {
+ /*
+ * Removing a mapping from the middle of a superpage. Shatter
+ * and descend.
+ */
+ *flush = true;
+ rc = p2m_create_table(d, entry,
+ level_shift - PAGE_SHIFT, flush_cache);
+ if ( rc < 0 )
+ return rc;
+
+ p2m->stats.shattered[level]++;
+ p2m->stats.mappings[level]--;
+ p2m->stats.mappings[level+1] += LPAE_ENTRIES;
+
+ return P2M_ONE_DESCEND;
+ }
+ }
*flush = true;
--
1.7.10.4
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [PATCH 1/3] xen: arm: avoid reusing incorrect mappings when walking the p2m.
2014-07-14 16:27 ` [PATCH 1/3] xen: arm: avoid reusing incorrect mappings when walking the p2m Ian Campbell
@ 2014-07-14 18:17 ` Julien Grall
2014-07-15 9:36 ` Ian Campbell
0 siblings, 1 reply; 12+ messages in thread
From: Julien Grall @ 2014-07-14 18:17 UTC (permalink / raw)
To: Ian Campbell, xen-devel; +Cc: tim, stefano.stabellini
Hi Ian,
On 07/14/2014 05:27 PM, Ian Campbell wrote:
> If we handle a change in a superpage then we need to invalidate any cached
> mappings further down, otherwise we risk using them because their offset might
> match but be based on a different offset further up the table.
>
> Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
> ---
> xen/arch/arm/p2m.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
> index c0c011a..917baa3 100644
> --- a/xen/arch/arm/p2m.c
> +++ b/xen/arch/arm/p2m.c
> @@ -719,6 +719,8 @@ static int apply_p2m_changes(struct domain *d,
> goto out;
> }
> cur_first_page = p2m_first_level_index(addr);
> + /* Any mapping further down is now invalid */
> + cur_second_offset = ~0;
I think you miss to invalid cur_first_offset.
Also, I think we have the same issue on Xen 4.4.
Regards,
--
Julien Grall
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 2/3] xen: arm: when ALLOCATING p2m entries maddr is meaningless
2014-07-14 16:27 ` [PATCH 2/3] xen: arm: when ALLOCATING p2m entries maddr is meaningless Ian Campbell
@ 2014-07-14 18:29 ` Julien Grall
2014-07-18 13:38 ` Ian Campbell
0 siblings, 1 reply; 12+ messages in thread
From: Julien Grall @ 2014-07-14 18:29 UTC (permalink / raw)
To: Ian Campbell, xen-devel; +Cc: tim, stefano.stabellini
Hi Ian,
On 07/14/2014 05:27 PM, Ian Campbell wrote:
> The maddr differs on each loop depending on the pages which happen to get
> allocated.
>
> There is already an assertion that maddr == 0.
I think we hit the assert we don't use 1:1 mapping for DOM0.
> Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Julien Grall <julien.grall@linaro.org>
> ---
> xen/arch/arm/p2m.c | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
> index 917baa3..a10cbaf 100644
> --- a/xen/arch/arm/p2m.c
> +++ b/xen/arch/arm/p2m.c
> @@ -501,7 +501,6 @@ static int apply_one_level(struct domain *d,
> p2m->stats.mappings[level]++;
>
> *addr += level_size;
> - *maddr += level_size;
>
> return P2M_ONE_PROGRESS;
> }
>
Regards,
--
Julien Grall
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 3/3] xen: arm: correctly handle removing a subset of a superpage mapping.
2014-07-14 16:27 ` [PATCH 3/3] xen: arm: correctly handle removing a subset of a superpage mapping Ian Campbell
@ 2014-07-14 18:34 ` Julien Grall
2014-07-15 9:38 ` Ian Campbell
0 siblings, 1 reply; 12+ messages in thread
From: Julien Grall @ 2014-07-14 18:34 UTC (permalink / raw)
To: Ian Campbell, xen-devel; +Cc: tim, stefano.stabellini
Hi Ian,
On 07/14/2014 05:27 PM, Ian Campbell wrote:
> This can be exercised for example via ballooning which will remove 4K
> regions fromanywhere in the address space.
Missing space between "from" and "anywhere"
>
> Reported-by: Julien Grall <julien.grall@linaro.org>
> Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
> ---
> xen/arch/arm/p2m.c | 29 +++++++++++++++++++++++++++--
> 1 file changed, 27 insertions(+), 2 deletions(-)
>
> diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
> index a10cbaf..68a19bd 100644
> --- a/xen/arch/arm/p2m.c
> +++ b/xen/arch/arm/p2m.c
> @@ -604,8 +604,33 @@ static int apply_one_level(struct domain *d,
> return P2M_ONE_PROGRESS_NOP;
> }
>
> - if ( level < 3 && p2m_table(orig_pte) )
> - return P2M_ONE_DESCEND;
> + if ( level < 3 )
> + {
> + if ( p2m_table(orig_pte) )
> + return P2M_ONE_DESCEND;
> +
> + if ( op == REMOVE &&
> + !is_mapping_aligned(*addr, end_gpaddr,
> + 0, /* maddr doesn't matter for remove */
> + level_size) )
> + {
> + /*
> + * Removing a mapping from the middle of a superpage. Shatter
> + * and descend.
> + */
> + *flush = true;
> + rc = p2m_create_table(d, entry,
> + level_shift - PAGE_SHIFT, flush_cache);
> + if ( rc < 0 )
> + return rc;
> +
> + p2m->stats.shattered[level]++;
> + p2m->stats.mappings[level]--;
> + p2m->stats.mappings[level+1] += LPAE_ENTRIES;
> +
> + return P2M_ONE_DESCEND;
> + }
> + }
I would put the code below (which is only for level3) in the else part.
This will also remove now useless "if ( level == 3 )".
> *flush = true;
>
>
Regards,
--
Julien Grall
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 1/3] xen: arm: avoid reusing incorrect mappings when walking the p2m.
2014-07-14 18:17 ` Julien Grall
@ 2014-07-15 9:36 ` Ian Campbell
0 siblings, 0 replies; 12+ messages in thread
From: Ian Campbell @ 2014-07-15 9:36 UTC (permalink / raw)
To: Julien Grall; +Cc: stefano.stabellini, tim, xen-devel
On Mon, 2014-07-14 at 19:17 +0100, Julien Grall wrote:
> Hi Ian,
>
> On 07/14/2014 05:27 PM, Ian Campbell wrote:
> > If we handle a change in a superpage then we need to invalidate any cached
> > mappings further down, otherwise we risk using them because their offset might
> > match but be based on a different offset further up the table.
> >
> > Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
> > ---
> > xen/arch/arm/p2m.c | 4 ++++
> > 1 file changed, 4 insertions(+)
> >
> > diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
> > index c0c011a..917baa3 100644
> > --- a/xen/arch/arm/p2m.c
> > +++ b/xen/arch/arm/p2m.c
> > @@ -719,6 +719,8 @@ static int apply_p2m_changes(struct domain *d,
> > goto out;
> > }
> > cur_first_page = p2m_first_level_index(addr);
> > + /* Any mapping further down is now invalid */
> > + cur_second_offset = ~0;
>
> I think you miss to invalid cur_first_offset.
I think you are right.
> Also, I think we have the same issue on Xen 4.4.
I'll add it to my list to check. I suspect the fix will need
reimplementing there rather than backporting.
Ian.
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 3/3] xen: arm: correctly handle removing a subset of a superpage mapping.
2014-07-14 18:34 ` Julien Grall
@ 2014-07-15 9:38 ` Ian Campbell
2014-07-15 12:13 ` Julien Grall
0 siblings, 1 reply; 12+ messages in thread
From: Ian Campbell @ 2014-07-15 9:38 UTC (permalink / raw)
To: Julien Grall; +Cc: stefano.stabellini, tim, xen-devel
On Mon, 2014-07-14 at 19:34 +0100, Julien Grall wrote:
> Hi Ian,
>
> On 07/14/2014 05:27 PM, Ian Campbell wrote:
> > This can be exercised for example via ballooning which will remove 4K
> > regions fromanywhere in the address space.
>
> Missing space between "from" and "anywhere"
>
> >
> > Reported-by: Julien Grall <julien.grall@linaro.org>
> > Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
> > ---
> > xen/arch/arm/p2m.c | 29 +++++++++++++++++++++++++++--
> > 1 file changed, 27 insertions(+), 2 deletions(-)
> >
> > diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
> > index a10cbaf..68a19bd 100644
> > --- a/xen/arch/arm/p2m.c
> > +++ b/xen/arch/arm/p2m.c
> > @@ -604,8 +604,33 @@ static int apply_one_level(struct domain *d,
> > return P2M_ONE_PROGRESS_NOP;
> > }
> >
> > - if ( level < 3 && p2m_table(orig_pte) )
> > - return P2M_ONE_DESCEND;
> > + if ( level < 3 )
> > + {
> > + if ( p2m_table(orig_pte) )
> > + return P2M_ONE_DESCEND;
> > +
> > + if ( op == REMOVE &&
> > + !is_mapping_aligned(*addr, end_gpaddr,
> > + 0, /* maddr doesn't matter for remove */
> > + level_size) )
> > + {
> > + /*
> > + * Removing a mapping from the middle of a superpage. Shatter
> > + * and descend.
> > + */
> > + *flush = true;
> > + rc = p2m_create_table(d, entry,
> > + level_shift - PAGE_SHIFT, flush_cache);
> > + if ( rc < 0 )
> > + return rc;
> > +
> > + p2m->stats.shattered[level]++;
> > + p2m->stats.mappings[level]--;
> > + p2m->stats.mappings[level+1] += LPAE_ENTRIES;
> > +
> > + return P2M_ONE_DESCEND;
> > + }
> > + }
>
> I would put the code below (which is only for level3) in the else part.
> This will also remove now useless "if ( level == 3 )".
This would break the relinquish case, I think.
Although thinking about it perhaps relinquish should behave like remove
and shatter. My original thinking was that we only ever relinquish the
entire address space so we shouldn't really be hitting that case.
Ian.
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 3/3] xen: arm: correctly handle removing a subset of a superpage mapping.
2014-07-15 9:38 ` Ian Campbell
@ 2014-07-15 12:13 ` Julien Grall
2014-07-18 12:51 ` Ian Campbell
0 siblings, 1 reply; 12+ messages in thread
From: Julien Grall @ 2014-07-15 12:13 UTC (permalink / raw)
To: Ian Campbell; +Cc: stefano.stabellini, tim, xen-devel
On 15/07/14 10:38, Ian Campbell wrote:
> On Mon, 2014-07-14 at 19:34 +0100, Julien Grall wrote:
>> Hi Ian,
>>
>> On 07/14/2014 05:27 PM, Ian Campbell wrote:
>>> This can be exercised for example via ballooning which will remove 4K
>>> regions fromanywhere in the address space.
>>
>> Missing space between "from" and "anywhere"
>>
>>>
>>> Reported-by: Julien Grall <julien.grall@linaro.org>
>>> Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
>>> ---
>>> xen/arch/arm/p2m.c | 29 +++++++++++++++++++++++++++--
>>> 1 file changed, 27 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
>>> index a10cbaf..68a19bd 100644
>>> --- a/xen/arch/arm/p2m.c
>>> +++ b/xen/arch/arm/p2m.c
>>> @@ -604,8 +604,33 @@ static int apply_one_level(struct domain *d,
>>> return P2M_ONE_PROGRESS_NOP;
>>> }
>>>
>>> - if ( level < 3 && p2m_table(orig_pte) )
>>> - return P2M_ONE_DESCEND;
>>> + if ( level < 3 )
>>> + {
>>> + if ( p2m_table(orig_pte) )
>>> + return P2M_ONE_DESCEND;
>>> +
>>> + if ( op == REMOVE &&
>>> + !is_mapping_aligned(*addr, end_gpaddr,
>>> + 0, /* maddr doesn't matter for remove */
>>> + level_size) )
>>> + {
>>> + /*
>>> + * Removing a mapping from the middle of a superpage. Shatter
>>> + * and descend.
>>> + */
>>> + *flush = true;
>>> + rc = p2m_create_table(d, entry,
>>> + level_shift - PAGE_SHIFT, flush_cache);
>>> + if ( rc < 0 )
>>> + return rc;
>>> +
>>> + p2m->stats.shattered[level]++;
>>> + p2m->stats.mappings[level]--;
>>> + p2m->stats.mappings[level+1] += LPAE_ENTRIES;
>>> +
>>> + return P2M_ONE_DESCEND;
>>> + }
>>> + }
>>
>> I would put the code below (which is only for level3) in the else part.
>> This will also remove now useless "if ( level == 3 )".
>
> This would break the relinquish case, I think.
>
> Although thinking about it perhaps relinquish should behave like remove
> and shatter. My original thinking was that we only ever relinquish the
> entire address space so we shouldn't really be hitting that case.
Oh right, I though there was a return on every part of this if. Sorry
for the noise.
With the minor change in the commit message:
Acked-by: Julien Grall <julien.grall@linaro.org>
Regards,
--
Julien Grall
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 3/3] xen: arm: correctly handle removing a subset of a superpage mapping.
2014-07-15 12:13 ` Julien Grall
@ 2014-07-18 12:51 ` Ian Campbell
0 siblings, 0 replies; 12+ messages in thread
From: Ian Campbell @ 2014-07-18 12:51 UTC (permalink / raw)
To: Julien Grall; +Cc: stefano.stabellini, tim, xen-devel
On Tue, 2014-07-15 at 13:13 +0100, Julien Grall wrote:
>
> On 15/07/14 10:38, Ian Campbell wrote:
> With the minor change in the commit message:
>
> Acked-by: Julien Grall <julien.grall@linaro.org>
Thanks, applied.
Ian.
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 2/3] xen: arm: when ALLOCATING p2m entries maddr is meaningless
2014-07-14 18:29 ` Julien Grall
@ 2014-07-18 13:38 ` Ian Campbell
0 siblings, 0 replies; 12+ messages in thread
From: Ian Campbell @ 2014-07-18 13:38 UTC (permalink / raw)
To: Julien Grall; +Cc: stefano.stabellini, tim, xen-devel
On Mon, 2014-07-14 at 19:29 +0100, Julien Grall wrote:
> Acked-by: Julien Grall <julien.grall@linaro.org>
Applied, thanks.
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2014-07-18 13:38 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-07-14 16:26 [PATCH 0/3] xen: arm: various p2m handling fixups Ian Campbell
2014-07-14 16:27 ` [PATCH 1/3] xen: arm: avoid reusing incorrect mappings when walking the p2m Ian Campbell
2014-07-14 18:17 ` Julien Grall
2014-07-15 9:36 ` Ian Campbell
2014-07-14 16:27 ` [PATCH 2/3] xen: arm: when ALLOCATING p2m entries maddr is meaningless Ian Campbell
2014-07-14 18:29 ` Julien Grall
2014-07-18 13:38 ` Ian Campbell
2014-07-14 16:27 ` [PATCH 3/3] xen: arm: correctly handle removing a subset of a superpage mapping Ian Campbell
2014-07-14 18:34 ` Julien Grall
2014-07-15 9:38 ` Ian Campbell
2014-07-15 12:13 ` Julien Grall
2014-07-18 12:51 ` Ian Campbell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).