From: Julien Grall <julien.grall@linaro.org>
To: Arianna Avanzini <avanzini.arianna@gmail.com>, xen-devel@lists.xen.org
Cc: julien.grall@citrix.com, paolo.valente@unimore.it, keir@xen.org,
stefano.stabellini@eu.citrix.com, tim@xen.org,
dario.faggioli@citrix.com, Ian.Jackson@eu.citrix.com,
Ian.Campbell@eu.citrix.com, etrudeau@broadcom.com,
JBeulich@suse.com, viktor.kleinik@globallogic.com
Subject: Re: [PATCH v3 2/5] arch, arm: add consistency checks to REMOVE p2m changes
Date: Sat, 15 Mar 2014 22:19:36 +0000 [thread overview]
Message-ID: <5324D1F8.1080302@linaro.org> (raw)
In-Reply-To: <1394914286-29713-3-git-send-email-avanzini.arianna@gmail.com>
Hello Arianna,
Thanks for the patch.
On 15/03/14 20:11, Arianna Avanzini wrote:
> ---
> xen/arch/arm/p2m.c | 33 +++++++++++++++++++++++++++++++--
> 1 file changed, 31 insertions(+), 2 deletions(-)
>
> diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
> index d00c882..47bf154 100644
> --- a/xen/arcah/arm/p2m.c
> +++ b/xen/arch/arm/p2m.c
> @@ -243,7 +243,8 @@ static int apply_p2m_changes(struct domain *d,
> int rc;
> struct p2m_domain *p2m = &d->arch.p2m;
> lpae_t *first = NULL, *second = NULL, *third = NULL;
> - paddr_t addr;
> + p2m_type_t _t;
> + paddr_t addr, _maddr = INVALID_PADDR;
> unsigned long cur_first_page = ~0,
> cur_first_offset = ~0,
> cur_second_offset = ~0;
> @@ -252,6 +253,20 @@ static int apply_p2m_changes(struct domain *d,
> bool_t populate = (op == INSERT || op == ALLOCATE);
> lpae_t pte;
>
> + /*
> + * As of now, the lookup is needed only in in case
> + * of REMOVE operation, as a consistency check on
> + * the existence of a mapping between the machine
> + * address and the start guest address given as
> + * parameters.
> + */
> + if (op == REMOVE)
> + /*
> + * Be sure to lookup before grabbing the p2m_lock,
> + * as the p2m_lookup() function holds it too.
> + */
> + _maddr = p2m_lookup(d, start_gpaddr, &_t);
> +
Did you try remove path? apply_p2m_changes is taking p2m->lock which is
also taken by p2m_lookup. With this solution it will end up to a deadlock.
Anyway, you don't need to use p2m_lookup because you already have all
the data in pte (if pte.p2m.valid == 1):
- pte.p2m.type = p2m type
- pte.p2m.base = MFN
> spin_lock(&p2m->lock);
>
> if ( d != current->domain )
> @@ -367,9 +382,23 @@ static int apply_p2m_changes(struct domain *d,
> maddr += PAGE_SIZE;
> }
> break;
> - case RELINQUISH:
> case REMOVE:
> {
> + /*
> + * Ensure that, if we are trying to unmap I/O memory
> + * ranges, the given gfn is p2m_mmio_direct.
> + */
> + if ( t == p2m_mmio_direct ? _t != p2m_mmio_direct : 0 ||
> + paddr_to_pfn(_maddr) == INVALID_MFN ||
Testing pte.p2m.valid instead of paddr_to(_maddr)... is right answer.
Moreover, why do you need to check t? Every call to
guest_physmap_remove_page is done with a valid mfn (I guess it can be
enhanced by a BUG_ON(mfn != INVALID_MFN) in this function).
> + maddr != _maddr )
maddr is not incremented during where the page is removed. The next
iteration will likely fail. You need to increment it in various place.
> + {
> + count++;
> + break;
IHMO, skipping the page is totally wrong. You should return an error here.
Regards,
--
Julien Grall
next prev parent reply other threads:[~2014-03-15 22:19 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-15 20:11 [PATCH v3 0/5] Implement the XEN_DOMCTL_memory_mapping hypercall for ARM Arianna Avanzini
2014-03-15 20:11 ` [PATCH v3 1/5] arch, arm: domain build: allow access to I/O memory of mapped devices Arianna Avanzini
2014-03-15 21:30 ` Julien Grall
2014-03-15 20:11 ` [PATCH v3 2/5] arch, arm: add consistency checks to REMOVE p2m changes Arianna Avanzini
2014-03-15 22:19 ` Julien Grall [this message]
2014-03-15 22:36 ` Arianna Avanzini
2014-03-15 22:42 ` Julien Grall
2014-03-21 10:44 ` Ian Campbell
2014-03-21 11:51 ` Julien Grall
2014-03-21 11:54 ` Ian Campbell
2014-03-21 12:08 ` Julien Grall
2014-03-21 12:32 ` Ian Campbell
2014-03-21 12:45 ` Julien Grall
2014-03-21 14:09 ` Ian Campbell
2014-03-21 14:11 ` Julien Grall
2014-03-15 20:11 ` [PATCH v3 3/5] xen, common: add the XEN_DOMCTL_memory_mapping hypercall Arianna Avanzini
2014-03-15 22:32 ` Julien Grall
2014-03-17 8:01 ` Jan Beulich
2014-03-15 20:11 ` [PATCH v3 4/5] tools, libxl: parse optional start gfn from the iomem config option Arianna Avanzini
2014-03-15 22:35 ` Julien Grall
2014-03-17 10:01 ` Dario Faggioli
2014-03-21 10:47 ` Ian Campbell
2014-03-17 12:24 ` Julien Grall
2014-03-21 10:54 ` Ian Campbell
2014-03-15 20:11 ` [PATCH v3 5/5] tools, libxl: handle the iomem parameter with the memory_mapping hcall Arianna Avanzini
2014-03-17 12:35 ` Julien Grall
2014-03-18 16:15 ` Arianna Avanzini
2014-03-18 21:01 ` Julien Grall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5324D1F8.1080302@linaro.org \
--to=julien.grall@linaro.org \
--cc=Ian.Campbell@eu.citrix.com \
--cc=Ian.Jackson@eu.citrix.com \
--cc=JBeulich@suse.com \
--cc=avanzini.arianna@gmail.com \
--cc=dario.faggioli@citrix.com \
--cc=etrudeau@broadcom.com \
--cc=julien.grall@citrix.com \
--cc=keir@xen.org \
--cc=paolo.valente@unimore.it \
--cc=stefano.stabellini@eu.citrix.com \
--cc=tim@xen.org \
--cc=viktor.kleinik@globallogic.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).