[PATCH] libxc: match types of 'subject' and 'foreigndom' between struct xc_mmu and do_mmu

xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] libxc: match types of 'subject' and 'foreigndom' between struct xc_mmu and do_mmu_update
@ 2013-01-23 11:44 Dario Faggioli
  2013-01-24 13:01 ` Ian Campbell
  0 siblings, 1 reply; 2+ messages in thread
From: Dario Faggioli @ 2013-01-23 11:44 UTC (permalink / raw)
  To: xen-devel; +Cc: George Dunlap, Keir Fraser, Jan Beulich

In do_mmu_update() (in the hypervisor) the parameter 'foreigndom' is
'unsigned int' and both its high (bits 31-16) and low (bits 15-0) are
parts utilised, as explained here:
 http://xenbits.xen.org/docs/unstable/hypercall/include,public,xen.h.html#Func_HYPERVISOR_mmu_update

However, the actual parameter, i.e., the 'subject' field in
struct xc_mmu is declared as domid_t, which typedef-s to uint16_t.
This means we are never able to pass anything via the higher 16 bits
of 'foreigndom', which in turns may cause the hypercall to fail when
called on an actual foreign domain.

Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>

diff --git a/tools/libxc/xc_private.c b/tools/libxc/xc_private.c
--- a/tools/libxc/xc_private.c
+++ b/tools/libxc/xc_private.c
@@ -478,13 +478,13 @@ static int flush_mmu_updates(xc_interfac
     return err;
 }
 
-struct xc_mmu *xc_alloc_mmu_updates(xc_interface *xch, domid_t dom)
+struct xc_mmu *xc_alloc_mmu_updates(xc_interface *xch, unsigned int subject)
 {
     struct xc_mmu *mmu = malloc(sizeof(*mmu));
     if ( mmu == NULL )
         return mmu;
     mmu->idx     = 0;
-    mmu->subject = dom;
+    mmu->subject = subject;
     return mmu;
 }
 
diff --git a/tools/libxc/xc_private.h b/tools/libxc/xc_private.h
--- a/tools/libxc/xc_private.h
+++ b/tools/libxc/xc_private.h
@@ -308,10 +308,10 @@ void discard_file_cache(xc_interface *xc
 struct xc_mmu {
     mmu_update_t updates[MAX_MMU_UPDATES];
     int          idx;
-    domid_t      subject;
+    unsigned int subject;
 };
 /* Structure returned by xc_alloc_mmu_updates must be free()'ed by caller. */
-struct xc_mmu *xc_alloc_mmu_updates(xc_interface *xch, domid_t dom);
+struct xc_mmu *xc_alloc_mmu_updates(xc_interface *xch, unsigned int subject);
 int xc_add_mmu_update(xc_interface *xch, struct xc_mmu *mmu,
                    unsigned long long ptr, unsigned long long val);
 int xc_flush_mmu_updates(xc_interface *xch, struct xc_mmu *mmu);

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH] libxc: match types of 'subject' and 'foreigndom' between struct xc_mmu and do_mmu_update
  2013-01-23 11:44 [PATCH] libxc: match types of 'subject' and 'foreigndom' between struct xc_mmu and do_mmu_update Dario Faggioli
@ 2013-01-24 13:01 ` Ian Campbell
  0 siblings, 0 replies; 2+ messages in thread
From: Ian Campbell @ 2013-01-24 13:01 UTC (permalink / raw)
  To: Dario Faggioli
  Cc: George Dunlap, Keir Fraser, Jan Beulich, xen-devel@lists.xen.org

On Wed, 2013-01-23 at 11:44 +0000, Dario Faggioli wrote:
> In do_mmu_update() (in the hypervisor) the parameter 'foreigndom' is
> 'unsigned int' and both its high (bits 31-16) and low (bits 15-0) are
> parts utilised, as explained here:
>  http://xenbits.xen.org/docs/unstable/hypercall/include,public,xen.h.html#Func_HYPERVISOR_mmu_update
> 
> However, the actual parameter, i.e., the 'subject' field in
> struct xc_mmu is declared as domid_t, which typedef-s to uint16_t.
> This means we are never able to pass anything via the higher 16 bits
> of 'foreigndom', which in turns may cause the hypercall to fail when
> called on an actual foreign domain.
> 
> Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>

Seems sane, acked + applied, thanks.

> 
> diff --git a/tools/libxc/xc_private.c b/tools/libxc/xc_private.c
> --- a/tools/libxc/xc_private.c
> +++ b/tools/libxc/xc_private.c
> @@ -478,13 +478,13 @@ static int flush_mmu_updates(xc_interfac
>      return err;
>  }
>  
> -struct xc_mmu *xc_alloc_mmu_updates(xc_interface *xch, domid_t dom)
> +struct xc_mmu *xc_alloc_mmu_updates(xc_interface *xch, unsigned int subject)
>  {
>      struct xc_mmu *mmu = malloc(sizeof(*mmu));
>      if ( mmu == NULL )
>          return mmu;
>      mmu->idx     = 0;
> -    mmu->subject = dom;
> +    mmu->subject = subject;
>      return mmu;
>  }
>  
> diff --git a/tools/libxc/xc_private.h b/tools/libxc/xc_private.h
> --- a/tools/libxc/xc_private.h
> +++ b/tools/libxc/xc_private.h
> @@ -308,10 +308,10 @@ void discard_file_cache(xc_interface *xc
>  struct xc_mmu {
>      mmu_update_t updates[MAX_MMU_UPDATES];
>      int          idx;
> -    domid_t      subject;
> +    unsigned int subject;
>  };
>  /* Structure returned by xc_alloc_mmu_updates must be free()'ed by caller. */
> -struct xc_mmu *xc_alloc_mmu_updates(xc_interface *xch, domid_t dom);
> +struct xc_mmu *xc_alloc_mmu_updates(xc_interface *xch, unsigned int subject);
>  int xc_add_mmu_update(xc_interface *xch, struct xc_mmu *mmu,
>                     unsigned long long ptr, unsigned long long val);
>  int xc_flush_mmu_updates(xc_interface *xch, struct xc_mmu *mmu);
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2013-01-24 13:01 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-01-23 11:44 [PATCH] libxc: match types of 'subject' and 'foreigndom' between struct xc_mmu and do_mmu_update Dario Faggioli
2013-01-24 13:01 ` Ian Campbell

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).