From mboxrd@z Thu Jan 1 00:00:00 1970 From: veerasena reddy Subject: Re: How to share a page between dom0 and Hypervisror Date: Mon, 6 Jun 2011 19:48:34 +0530 Message-ID: References: <1307368389.775.459.camel@zakaz.uk.xensource.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0923468331==" Return-path: In-Reply-To: <1307368389.775.459.camel@zakaz.uk.xensource.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Ian Campbell Cc: "xen-devel@lists.xensource.com" List-Id: xen-devel@lists.xenproject.org --===============0923468331== Content-Type: multipart/alternative; boundary=001485f8974e61d2d304a50bc72b --001485f8974e61d2d304a50bc72b Content-Type: text/plain; charset=ISO-8859-1 Hi Ian, Thanks a lot for the detailed explanation. You were correct, I had to use "my_rd_wr_page" not "&my_rd_wr_page". I also had to change my code to translate the PFN to MFN (pfn_to_mfn()) on dom0 kernel itself before passing it to hypercall. Now it works. Thanks & Regards, VSR. On Mon, Jun 6, 2011 at 7:23 PM, Ian Campbell wrote: > On Mon, 2011-06-06 at 14:28 +0100, veerasena reddy wrote: > > Hi, > > > > In one of experiments, I need to map a page allocated in dom0 to > > hypervisor and access/modify the page contents in hypervisor. > > I tried this by adding a new hypercall, and pass the GPA of the page > > to its handler in hypervisor which does the following: > > > > ==================== Hypercall handler ================ > > DO(my_rd_wr)(int cmd, XEN_GUEST_HANDLE(void) arg) > > { > > unsigned long dom0_gpa; > > unsigned long gmfn; > > unsigned long mfn; > > void *my_rd_wr_page; > > struct domain *d = current->domain; > > > > printk(XENLOG_G_DEBUG "%s:L%u: Entered\n", __FUNCTION__, > __LINE__); > > switch( cmd ) > > { > > case 0x1: > > if ( copy_from_guest(&dom0_gpa, arg, 1) ) > > return -EFAULT; > > printk(XENLOG_G_DEBUG "%s:L%u: GPA read 0x%lx\n", > > __FUNCTION__, __LINE__, > dom0_gpa); > > > > gmfn = dom0_gpa >> 12; > > mfn = gmfn_to_mfn(d, gmfn); > > if ( !mfn_valid(mfn) || > > !get_page_and_type(mfn_to_page(mfn), d, > PGT_writable_page) ) > > { > > printk(XENLOG_G_WARNING > > "Bad GMFN %lx (MFN %lx)\n", gmfn, > mfn); > > return 0; > > } > > > > my_rd_wr_page = map_domain_page(mfn); > > > > /* Do your initialization of the page here; just > write '2' in all bytes */ > > memset(my_rd_wr_page, 2, 1<<12); > > > > unmap_domain_page(my_rd_wr_page); > > put_page_and_type(mfn_to_page(mfn)); > > break; > > > > default: > > printk(XENLOG_G_DEBUG "%s:L%u: unhandled\n", > > __FUNCTION__, __LINE__); > > break; > > } > > > > return 0; > > } > > ============================ > > > > I have allocated a page from a sample dom0 kernel module (using > vmalloc()), and passed the physical address of it to hypercall. > > > > void my_rd_wr_page_setup(void) > > { > > unsigned long my_gpa; > > int err; > > char *my_rd_wr_page = NULL; > > > > my_rd_wr_page = __vmalloc( > > 1 * PAGE_SIZE, > > GFP_KERNEL | __GFP_HIGHMEM, > > __pgprot(__PAGE_KERNEL & ~_PAGE_NX)); > > > > my_gpa = vmalloc_to_pfn((char *)&my_rd_wr_page) << PAGE_SHIFT; > > &my_rd_wr_page is the address of the variable (i.e. probably a pointer > into the current stack) and not the address of the page you are trying > to reference. > > Secondly vmalloc_to_pfn will return you a guest physical address, while > hypercalls from PV guests always take an MFN. > > On the hypercall side your call to gmfn_to_mfn is normally an identity > function for a PV guest which map_domain_page takes a machine address. > > So I think you need to launder the address through the p2m in the kernel > before passing it to the hypercall. > > > printk("%s: Before Hypercall; my_rd_wr_page=%p my_gpa=%lx\n", > __FUNCTION__, my_rd_wr_page, my_gpa); > > memset(my_rd_wr_page, 0, PAGE_SIZE); > > err = _hypercall2(int, my_rd_wr, 0x1, (void *)&my_gpa); > > printk("%s: Hypercall returned; errno-%d\n", __FUNCTION__, err); > > } > > > > > > When I loaded the module, the following error has been observed: > > > > =============== On dom0 =========== > > xen_features[0].writable_page_tables = 0 > > xen_features[0].writable_descriptor_tables = 0 > > xen_features[0].auto_translated_physmap = 0 > > xen_features[0].supervisor_mode_kernel = 0 > > xen_features[0].pae_pgdir_above_4gb = 1 > > my_rd_wr_page_setup: Before Hypercall; my_rd_wr_page=ffffc90010f7e000 > my_gpa=d7cf000 > > my_rd_wr_page_setup: Hypercall returned; errno-0 > > ===================================== > > On hypervisor: > > (XEN) do_my_rd_wr:L178: GPA read 0xd7cf000 > > (XEN) mm.c:2037:d0 Error pfn d7cf: rd=ffff8300773c0000, > od=0000000000000000, caf=180000000000000, taf=0000000000000000 > > (XEN) Bad GMFN d7cf (MFN d7cf) > > ==================================== > > > > From the dom0 messages (where i read the features), it looks like > writable_page_tables is not set. Is it causing the issue in my case. > > Writable page tables is something else, it relates to how a _guest_ can > update it's own page tables, not how Xen creates mappings of things. > > > > > Could you please advice if i did something wrong here. > > You are most welcome if you have completely different approach which > works; > > > > Thanks a lot in advance > > > > Regards, > > VSR. > > > --001485f8974e61d2d304a50bc72b Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hi Ian,

Thanks a lot for the detailed explanation.
You were corre= ct, I had to use "my_rd_wr_page" not "&my_rd_wr_page&quo= t;. I also had to change my code to translate the PFN to MFN (pfn_to_mfn())= on dom0 kernel itself before passing it to hypercall.
Now it works.

Thanks & Regards,
VSR.

On Mon, Jun 6, 2011 at 7:23 PM, Ian Campbell &l= t;Ian.Campbell@citrix.com>= ; wrote:
<= div class=3D"h5">On Mon, 2011-06-06 at 14:28 +0100, veerasena reddy wrote:<= br> > Hi,
>
> In one of experiments, I need to map a page allocated in dom0 to
> hypervisor and access/modify the page contents in hypervisor.
> I tried this by adding a new hypercall, and pass the GPA of the page > to its handler in hypervisor which does the following:
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Hypercall= handler =A0=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> DO(my_rd_wr)(int cmd, XEN_GUEST_HANDLE(void) arg)
> {
> =A0 =A0 =A0 =A0 unsigned long dom0_gpa;
> =A0 =A0 =A0 =A0 unsigned long gmfn;
> =A0 =A0 =A0 =A0 unsigned long mfn;
> =A0 =A0 =A0 =A0 void *my_rd_wr_page;
> =A0 =A0 =A0 =A0 struct domain *d =3D current->domain;
>
> =A0 =A0 =A0 =A0 printk(XENLOG_G_DEBUG "%s:L%u: Entered\n", _= _FUNCTION__, __LINE__);
> =A0 =A0 =A0 =A0 switch( cmd )
> =A0 =A0 =A0 =A0 {
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 case 0x1:
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 if ( copy_from_guest(&= amp;dom0_gpa, arg, 1) )
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 return= -EFAULT;
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 printk(XENLOG_G_DEBUG = "%s:L%u: GPA read 0x%lx\n",
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0 =A0 =A0 =A0 __FUNCTION__, __LINE__, dom0_gpa);
>
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 gmfn =3D dom0_gpa >= > 12;
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 mfn =3D gmfn_to_mfn(d,= gmfn);
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 if ( !mfn_valid(mfn) |= |
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0!get_page_a= nd_type(mfn_to_page(mfn), d, PGT_writable_page) )
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 {
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 printk= (XENLOG_G_WARNING
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 "Bad GMFN %lx (MFN %lx)\n", gmfn, mfn);
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 return= 0;
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 }
>
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 my_rd_wr_page =3D map_= domain_page(mfn);
>
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 /* Do your initializat= ion of the page here; just write '2' in all bytes */
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 memset(my_rd_wr_page, = 2, 1<<12);
>
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 unmap_domain_page(my_r= d_wr_page);
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 put_page_and_type(mfn_= to_page(mfn));
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 break;
>
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 default:
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 printk(XENLOG_G_DEBUG = "%s:L%u: unhandled\n",
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0 =A0 =A0 =A0 __FUNCTION__, __LINE__);
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 break;
> =A0 =A0 =A0 =A0 }
>
> =A0 =A0 =A0 =A0 return 0;
> }
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D
>
> I have allocated a page from a sample dom0 kernel module (using vmallo= c()), and passed the physical address of it to hypercall.
>
> void my_rd_wr_page_setup(void)
> {
> =A0 =A0 unsigned long my_gpa;
> =A0 =A0 int err;
> =A0 =A0 char *my_rd_wr_page =3D NULL;
>
> =A0 =A0 my_rd_wr_page =A0 =A0 =3D __vmalloc(
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 1 * PAGE_SIZE,
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 GFP_KERNEL | __GFP_HIG= HMEM,
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 __pgprot(__PAGE_KERNEL= & ~_PAGE_NX));
>
> =A0 =A0 my_gpa =3D vmalloc_to_pfn((char *)&my_rd_wr_page) <<= PAGE_SHIFT;

&my_rd_wr_page is the address of the variable (i.e. probabl= y a pointer
into the current stack) and not the address of the page you are trying
to reference.

Secondly vmalloc_to_pfn will return you a guest physical address, while
hypercalls from PV guests always take an MFN.

On the hypercall side your call to gmfn_to_mfn is normally an identity
function for a PV guest which map_domain_page takes a machine address.

So I think you need to launder the address through the p2m in the kernel before passing it to the hypercall.

> =A0 =A0 printk("%s: Before Hypercall; my_rd_wr_page=3D%p my_gpa= =3D%lx\n", __FUNCTION__, my_rd_wr_page, my_gpa);
> =A0 =A0 memset(my_rd_wr_page, 0, PAGE_SIZE);
> =A0 =A0 err =3D _hypercall2(int, my_rd_wr, 0x1, (void *)&my_gpa);<= br> > =A0 =A0 printk("%s: Hypercall returned; errno-%d\n", __FUNCT= ION__, err);
> }
>
>
> When I loaded the module, the following error has been observed:
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D On dom0 =3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D
> xen_features[0].writable_page_tables =3D 0
> xen_features[0].writable_descriptor_tables =3D 0
> xen_features[0].auto_translated_physmap =3D 0
> xen_features[0].supervisor_mode_kernel =3D 0
> xen_features[0].pae_pgdir_above_4gb =3D 1
> my_rd_wr_page_setup: Before Hypercall; my_rd_wr_page=3Dffffc90010f7e00= 0 my_gpa=3Dd7cf000
> my_rd_wr_page_setup: Hypercall returned; errno-0
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> On hypervisor:
> (XEN) do_my_rd_wr:L178: GPA read 0xd7cf000
> (XEN) mm.c:2037:d0 Error pfn d7cf: rd=3Dffff8300773c0000, od=3D0000000= 000000000, caf=3D180000000000000, taf=3D0000000000000000
> (XEN) Bad GMFN d7cf (MFN d7cf)
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> From the dom0 messages (where i read the features), it looks like writ= able_page_tables is not set. Is it causing the issue in my case.

Writable page tables is something else, it relates to how a _guest_ c= an
update it's own page tables, not how Xen creates mappings of things.

>
> Could you please advice if i did something wrong here.
> You are most welcome if you have completely different approach which w= orks;
>
> Thanks a lot in advance
>
> Regards,
> VSR.



--001485f8974e61d2d304a50bc72b-- --===============0923468331== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel --===============0923468331==--