From: Julien Grall <julien.grall@arm.com>
To: xen-devel@lists.xen.org
Cc: bhupinder.thakur@linaro.org, Julien Grall <julien.grall@arm.com>,
sstabellini@kernel.org
Subject: [PATCH] xen/arm: p2m: Read *_mapped_gfn with the p2m lock taken
Date: Thu, 14 Sep 2017 16:39:01 +0100 [thread overview]
Message-ID: <20170914153901.6750-1-julien.grall@arm.com> (raw)
*_mapped_gfn are currently read before acquiring the lock. However, they
may be modified by the p2m code before the lock was acquired. This means
we will use the wrong values.
Fix it by moving the read inside the section protected by the p2m lock.
Signed-off-by: Julien Grall <julien.grall@arm.com>
---
This patch should be backported to Xen 4.9 and Xen 4.8
---
xen/arch/arm/p2m.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
index c484469e6c..d1260d3b4e 100644
--- a/xen/arch/arm/p2m.c
+++ b/xen/arch/arm/p2m.c
@@ -1292,13 +1292,13 @@ int relinquish_p2m_mapping(struct domain *d)
p2m_type_t t;
int rc = 0;
unsigned int order;
-
- /* Convenience alias */
- gfn_t start = p2m->lowest_mapped_gfn;
- gfn_t end = p2m->max_mapped_gfn;
+ gfn_t start, end;
p2m_write_lock(p2m);
+ start = p2m->lowest_mapped_gfn;
+ end = p2m->max_mapped_gfn;
+
for ( ; gfn_x(start) < gfn_x(end);
start = gfn_next_boundary(start, order) )
{
@@ -1353,9 +1353,6 @@ int p2m_cache_flush(struct domain *d, gfn_t start, unsigned long nr)
p2m_type_t t;
unsigned int order;
- start = gfn_max(start, p2m->lowest_mapped_gfn);
- end = gfn_min(end, p2m->max_mapped_gfn);
-
/*
* The operation cache flush will invalidate the RAM assigned to the
* guest in a given range. It will not modify the page table and
@@ -1364,6 +1361,9 @@ int p2m_cache_flush(struct domain *d, gfn_t start, unsigned long nr)
*/
p2m_read_lock(p2m);
+ start = gfn_max(start, p2m->lowest_mapped_gfn);
+ end = gfn_min(end, p2m->max_mapped_gfn);
+
for ( ; gfn_x(start) < gfn_x(end); start = next_gfn )
{
mfn_t mfn = p2m_get_entry(p2m, start, &t, NULL, &order);
--
2.11.0
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next reply other threads:[~2017-09-14 15:39 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-14 15:39 Julien Grall [this message]
2017-09-28 0:45 ` [PATCH] xen/arm: p2m: Read *_mapped_gfn with the p2m lock taken Julien Grall
2017-10-07 0:40 ` Stefano Stabellini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170914153901.6750-1-julien.grall@arm.com \
--to=julien.grall@arm.com \
--cc=bhupinder.thakur@linaro.org \
--cc=sstabellini@kernel.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).