From mboxrd@z Thu Jan 1 00:00:00 1970 From: Dan Magenheimer Subject: [PATCH] enable tmem functionality for PV on HVM guests Date: Mon, 21 Jun 2010 10:14:41 -0700 (PDT) Message-ID: Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="__127714054791217764abhmt012" Return-path: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: xen-devel@lists.xensource.com, Keir Fraser List-Id: xen-devel@lists.xenproject.org --__127714054791217764abhmt012 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable (Keir, please also apply for 4.0.1 if it's not too late.) Enable tmem functionality for PV on HVM guests. Guest kernel must still be tmem-enabled to use this functionality (e.g. won't work for Windows), but upstream Linux tmem (aka cleancache and frontswap) patches apply cleanly on top of PV on HVM patches. Also, fix up some ASSERTS and code used only when bad guest mfns are passed to tmem. Previous code could crash Xen if a buggy/malicious guest passes bad gmfns. Signed-off-by: Dan Magenheimer diff -r ba2c0eecaf7f xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c=09Tue Jun 15 11:31:43 2010 +0100 +++ b/xen/arch/x86/hvm/hvm.c=09Mon Jun 21 10:37:05 2010 -0600 @@ -2265,7 +2265,8 @@ static hvm_hypercall_t *hvm_hypercall32_ HYPERCALL(xen_version), HYPERCALL(event_channel_op), HYPERCALL(sched_op), - HYPERCALL(hvm_op) + HYPERCALL(hvm_op), + HYPERCALL(tmem_op) }; =20 #else /* defined(__x86_64__) */ @@ -2313,7 +2314,8 @@ static hvm_hypercall_t *hvm_hypercall64_ HYPERCALL(xen_version), HYPERCALL(event_channel_op), HYPERCALL(sched_op), - HYPERCALL(hvm_op) + HYPERCALL(hvm_op), + HYPERCALL(tmem_op) }; =20 static hvm_hypercall_t *hvm_hypercall32_table[NR_hypercalls] =3D { @@ -2323,7 +2325,8 @@ static hvm_hypercall_t *hvm_hypercall32_ HYPERCALL(xen_version), HYPERCALL(event_channel_op), HYPERCALL(sched_op), - HYPERCALL(hvm_op) + HYPERCALL(hvm_op), + HYPERCALL(tmem_op) }; =20 #endif /* defined(__x86_64__) */ diff -r ba2c0eecaf7f xen/common/tmem.c --- a/xen/common/tmem.c=09Tue Jun 15 11:31:43 2010 +0100 +++ b/xen/common/tmem.c=09Mon Jun 21 10:37:05 2010 -0600 @@ -1483,6 +1483,7 @@ copy_uncompressed: pgp_free_data(pgp, pool); if ( ( pgp->pfp =3D tmem_page_alloc(pool) ) =3D=3D NULL ) goto failed_dup; + pgp->size =3D 0; /* tmh_copy_from_client properly handles len=3D=3D0 and offsets !=3D 0= */ ret =3D tmh_copy_from_client(pgp->pfp,cmfn,tmem_offset,pfn_offset,len,= 0); if ( ret =3D=3D -EFAULT ) @@ -1492,7 +1493,6 @@ copy_uncompressed: if ( pcd_associate(pgp,NULL,0) =3D=3D -ENOMEM ) goto failed_dup; } - pgp->size =3D 0; =20 done: /* successfully replaced data, clean up and return success */ @@ -1509,12 +1509,14 @@ bad_copy: bad_copy: /* this should only happen if the client passed a bad mfn */ failed_copies++; -ASSERT(0); - return -EFAULT; + ret =3D -EFAULT; + goto cleanup; =20 failed_dup: /* couldn't change out the data, flush the old data and return * -ENOSPC instead of -ENOMEM to differentiate failed _dup_ put */ + ret =3D -ENOSPC; +cleanup: pgpfound =3D pgp_delete_from_obj(obj, pgp->index); ASSERT(pgpfound =3D=3D pgp); pgp_delete(pgpfound,0); @@ -1528,7 +1530,7 @@ failed_dup: tmem_spin_unlock(&obj->obj_spinlock); } pool->dup_puts_flushed++; - return -ENOSPC; + return ret; } =20 =20 @@ -1579,6 +1581,7 @@ static NOINLINE int do_tmem_put(pool_t * goto free; ASSERT(ret !=3D -EEXIST); pgp->index =3D index; + pgp->size =3D 0; =20 if ( len !=3D 0 && client->compress ) { @@ -1615,7 +1618,6 @@ copy_uncompressed: if ( pcd_associate(pgp,NULL,0) =3D=3D -ENOMEM ) goto delete_and_free; } - pgp->size =3D 0; =20 insert_page: if ( is_ephemeral(pool) ) @@ -1648,6 +1650,11 @@ insert_page: tot_good_eph_puts++; return 1; =20 +bad_copy: + /* this should only happen if the client passed a bad mfn */ + ret =3D -EFAULT; + failed_copies++; + delete_and_free: ASSERT((obj !=3D NULL) && (pgp !=3D NULL) && (pgp->index !=3D -1)); pgpdel =3D pgp_delete_from_obj(obj, pgp->index); @@ -1669,12 +1676,6 @@ free: } pool->no_mem_puts++; return ret; - -bad_copy: - /* this should only happen if the client passed a bad mfn */ - failed_copies++; -ASSERT(0); - goto free; } =20 static NOINLINE int do_tmem_get(pool_t *pool, uint64_t oid, uint32_t index= , @@ -1758,7 +1759,6 @@ bad_copy: bad_copy: /* this should only happen if the client passed a bad mfn */ failed_copies++; -ASSERT(0); return -EFAULT; =20 } diff -r ba2c0eecaf7f xen/common/tmem_xen.c --- a/xen/common/tmem_xen.c=09Tue Jun 15 11:31:43 2010 +0100 +++ b/xen/common/tmem_xen.c=09Mon Jun 21 10:37:05 2010 -0600 @@ -100,7 +100,7 @@ static inline void *cli_mfn_to_va(tmem_c p2m_type_t t; =20 cli_mfn =3D mfn_x(gfn_to_mfn(current->domain, cmfn, &t)); - if (t !=3D p2m_ram_rw) + if (t !=3D p2m_ram_rw || cli_mfn =3D=3D INVALID_MFN) return NULL; if (pcli_mfn !=3D NULL) *pcli_mfn =3D cli_mfn; diff -r ba2c0eecaf7f xen/include/xen/tmem_xen.h --- a/xen/include/xen/tmem_xen.h=09Tue Jun 15 11:31:43 2010 +0100 +++ b/xen/include/xen/tmem_xen.h=09Mon Jun 21 10:37:05 2010 -0600 @@ -456,7 +456,9 @@ static inline int tmh_get_tmemop_from_cl static inline int tmh_get_tmemop_from_client(tmem_op_t *op, tmem_cli_op_t = uops) { #ifdef CONFIG_COMPAT - if ( is_pv_32on64_vcpu(current) ) + if ( is_hvm_vcpu(current) ? + hvm_guest_x86_mode(current) !=3D 8 : + is_pv_32on64_vcpu(current) ) { int rc; enum XLAT_tmem_op_u u; --__127714054791217764abhmt012 Content-Type: application/octet-stream; name="tmem-hvm.patch" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="tmem-hvm.patch" ZGlmZiAtciBiYTJjMGVlY2FmN2YgeGVuL2FyY2gveDg2L2h2bS9odm0uYwotLS0gYS94ZW4vYXJj aC94ODYvaHZtL2h2bS5jCVR1ZSBKdW4gMTUgMTE6MzE6NDMgMjAxMCArMDEwMAorKysgYi94ZW4v YXJjaC94ODYvaHZtL2h2bS5jCU1vbiBKdW4gMjEgMTA6Mzc6MDUgMjAxMCAtMDYwMApAQCAtMjI2 NSw3ICsyMjY1LDggQEAgc3RhdGljIGh2bV9oeXBlcmNhbGxfdCAqaHZtX2h5cGVyY2FsbDMyXwog ICAgIEhZUEVSQ0FMTCh4ZW5fdmVyc2lvbiksCiAgICAgSFlQRVJDQUxMKGV2ZW50X2NoYW5uZWxf b3ApLAogICAgIEhZUEVSQ0FMTChzY2hlZF9vcCksCi0gICAgSFlQRVJDQUxMKGh2bV9vcCkKKyAg ICBIWVBFUkNBTEwoaHZtX29wKSwKKyAgICBIWVBFUkNBTEwodG1lbV9vcCkKIH07CiAKICNlbHNl IC8qIGRlZmluZWQoX194ODZfNjRfXykgKi8KQEAgLTIzMTMsNyArMjMxNCw4IEBAIHN0YXRpYyBo dm1faHlwZXJjYWxsX3QgKmh2bV9oeXBlcmNhbGw2NF8KICAgICBIWVBFUkNBTEwoeGVuX3ZlcnNp b24pLAogICAgIEhZUEVSQ0FMTChldmVudF9jaGFubmVsX29wKSwKICAgICBIWVBFUkNBTEwoc2No ZWRfb3ApLAotICAgIEhZUEVSQ0FMTChodm1fb3ApCisgICAgSFlQRVJDQUxMKGh2bV9vcCksCisg ICAgSFlQRVJDQUxMKHRtZW1fb3ApCiB9OwogCiBzdGF0aWMgaHZtX2h5cGVyY2FsbF90ICpodm1f aHlwZXJjYWxsMzJfdGFibGVbTlJfaHlwZXJjYWxsc10gPSB7CkBAIC0yMzIzLDcgKzIzMjUsOCBA QCBzdGF0aWMgaHZtX2h5cGVyY2FsbF90ICpodm1faHlwZXJjYWxsMzJfCiAgICAgSFlQRVJDQUxM KHhlbl92ZXJzaW9uKSwKICAgICBIWVBFUkNBTEwoZXZlbnRfY2hhbm5lbF9vcCksCiAgICAgSFlQ RVJDQUxMKHNjaGVkX29wKSwKLSAgICBIWVBFUkNBTEwoaHZtX29wKQorICAgIEhZUEVSQ0FMTCho dm1fb3ApLAorICAgIEhZUEVSQ0FMTCh0bWVtX29wKQogfTsKIAogI2VuZGlmIC8qIGRlZmluZWQo X194ODZfNjRfXykgKi8KZGlmZiAtciBiYTJjMGVlY2FmN2YgeGVuL2NvbW1vbi90bWVtLmMKLS0t IGEveGVuL2NvbW1vbi90bWVtLmMJVHVlIEp1biAxNSAxMTozMTo0MyAyMDEwICswMTAwCisrKyBi L3hlbi9jb21tb24vdG1lbS5jCU1vbiBKdW4gMjEgMTA6Mzc6MDUgMjAxMCAtMDYwMApAQCAtMTQ4 Myw2ICsxNDgzLDcgQEAgY29weV91bmNvbXByZXNzZWQ6CiAgICAgICAgIHBncF9mcmVlX2RhdGEo cGdwLCBwb29sKTsKICAgICBpZiAoICggcGdwLT5wZnAgPSB0bWVtX3BhZ2VfYWxsb2MocG9vbCkg KSA9PSBOVUxMICkKICAgICAgICAgZ290byBmYWlsZWRfZHVwOworICAgIHBncC0+c2l6ZSA9IDA7 CiAgICAgLyogdG1oX2NvcHlfZnJvbV9jbGllbnQgcHJvcGVybHkgaGFuZGxlcyBsZW49PTAgYW5k IG9mZnNldHMgIT0gMCAqLwogICAgIHJldCA9IHRtaF9jb3B5X2Zyb21fY2xpZW50KHBncC0+cGZw LGNtZm4sdG1lbV9vZmZzZXQscGZuX29mZnNldCxsZW4sMCk7CiAgICAgaWYgKCByZXQgPT0gLUVG QVVMVCApCkBAIC0xNDkyLDcgKzE0OTMsNiBAQCBjb3B5X3VuY29tcHJlc3NlZDoKICAgICAgICAg aWYgKCBwY2RfYXNzb2NpYXRlKHBncCxOVUxMLDApID09IC1FTk9NRU0gKQogICAgICAgICAgICAg Z290byBmYWlsZWRfZHVwOwogICAgIH0KLSAgICBwZ3AtPnNpemUgPSAwOwogCiBkb25lOgogICAg IC8qIHN1Y2Nlc3NmdWxseSByZXBsYWNlZCBkYXRhLCBjbGVhbiB1cCBhbmQgcmV0dXJuIHN1Y2Nl c3MgKi8KQEAgLTE1MDksMTIgKzE1MDksMTQgQEAgYmFkX2NvcHk6CiBiYWRfY29weToKICAgICAv KiB0aGlzIHNob3VsZCBvbmx5IGhhcHBlbiBpZiB0aGUgY2xpZW50IHBhc3NlZCBhIGJhZCBtZm4g Ki8KICAgICBmYWlsZWRfY29waWVzKys7Ci1BU1NFUlQoMCk7Ci0gICAgcmV0dXJuIC1FRkFVTFQ7 CisgICAgcmV0ID0gLUVGQVVMVDsKKyAgICBnb3RvIGNsZWFudXA7CiAKIGZhaWxlZF9kdXA6CiAg ICAvKiBjb3VsZG4ndCBjaGFuZ2Ugb3V0IHRoZSBkYXRhLCBmbHVzaCB0aGUgb2xkIGRhdGEgYW5k IHJldHVybgogICAgICogLUVOT1NQQyBpbnN0ZWFkIG9mIC1FTk9NRU0gdG8gZGlmZmVyZW50aWF0 ZSBmYWlsZWQgX2R1cF8gcHV0ICovCisgICAgcmV0ID0gLUVOT1NQQzsKK2NsZWFudXA6CiAgICAg cGdwZm91bmQgPSBwZ3BfZGVsZXRlX2Zyb21fb2JqKG9iaiwgcGdwLT5pbmRleCk7CiAgICAgQVNT RVJUKHBncGZvdW5kID09IHBncCk7CiAgICAgcGdwX2RlbGV0ZShwZ3Bmb3VuZCwwKTsKQEAgLTE1 MjgsNyArMTUzMCw3IEBAIGZhaWxlZF9kdXA6CiAgICAgICAgIHRtZW1fc3Bpbl91bmxvY2soJm9i ai0+b2JqX3NwaW5sb2NrKTsKICAgICB9CiAgICAgcG9vbC0+ZHVwX3B1dHNfZmx1c2hlZCsrOwot ICAgIHJldHVybiAtRU5PU1BDOworICAgIHJldHVybiByZXQ7CiB9CiAKIApAQCAtMTU3OSw2ICsx NTgxLDcgQEAgc3RhdGljIE5PSU5MSU5FIGludCBkb190bWVtX3B1dChwb29sX3QgKgogICAgICAg ICBnb3RvIGZyZWU7CiAgICAgQVNTRVJUKHJldCAhPSAtRUVYSVNUKTsKICAgICBwZ3AtPmluZGV4 ID0gaW5kZXg7CisgICAgcGdwLT5zaXplID0gMDsKIAogICAgIGlmICggbGVuICE9IDAgJiYgY2xp ZW50LT5jb21wcmVzcyApCiAgICAgewpAQCAtMTYxNSw3ICsxNjE4LDYgQEAgY29weV91bmNvbXBy ZXNzZWQ6CiAgICAgICAgIGlmICggcGNkX2Fzc29jaWF0ZShwZ3AsTlVMTCwwKSA9PSAtRU5PTUVN ICkKICAgICAgICAgICAgIGdvdG8gZGVsZXRlX2FuZF9mcmVlOwogICAgIH0KLSAgICBwZ3AtPnNp emUgPSAwOwogCiBpbnNlcnRfcGFnZToKICAgICBpZiAoIGlzX2VwaGVtZXJhbChwb29sKSApCkBA IC0xNjQ4LDYgKzE2NTAsMTEgQEAgaW5zZXJ0X3BhZ2U6CiAgICAgICAgIHRvdF9nb29kX2VwaF9w dXRzKys7CiAgICAgcmV0dXJuIDE7CiAKK2JhZF9jb3B5OgorICAgIC8qIHRoaXMgc2hvdWxkIG9u bHkgaGFwcGVuIGlmIHRoZSBjbGllbnQgcGFzc2VkIGEgYmFkIG1mbiAqLworICAgIHJldCA9IC1F RkFVTFQ7CisgICAgZmFpbGVkX2NvcGllcysrOworCiBkZWxldGVfYW5kX2ZyZWU6CiAgICAgQVNT RVJUKChvYmogIT0gTlVMTCkgJiYgKHBncCAhPSBOVUxMKSAmJiAocGdwLT5pbmRleCAhPSAtMSkp OwogICAgIHBncGRlbCA9IHBncF9kZWxldGVfZnJvbV9vYmoob2JqLCBwZ3AtPmluZGV4KTsKQEAg LTE2NjksMTIgKzE2NzYsNiBAQCBmcmVlOgogICAgIH0KICAgICBwb29sLT5ub19tZW1fcHV0cysr OwogICAgIHJldHVybiByZXQ7Ci0KLWJhZF9jb3B5OgotICAgIC8qIHRoaXMgc2hvdWxkIG9ubHkg aGFwcGVuIGlmIHRoZSBjbGllbnQgcGFzc2VkIGEgYmFkIG1mbiAqLwotICAgIGZhaWxlZF9jb3Bp ZXMrKzsKLUFTU0VSVCgwKTsKLSAgICBnb3RvIGZyZWU7CiB9CiAKIHN0YXRpYyBOT0lOTElORSBp bnQgZG9fdG1lbV9nZXQocG9vbF90ICpwb29sLCB1aW50NjRfdCBvaWQsIHVpbnQzMl90IGluZGV4 LApAQCAtMTc1OCw3ICsxNzU5LDYgQEAgYmFkX2NvcHk6CiBiYWRfY29weToKICAgICAvKiB0aGlz IHNob3VsZCBvbmx5IGhhcHBlbiBpZiB0aGUgY2xpZW50IHBhc3NlZCBhIGJhZCBtZm4gKi8KICAg ICBmYWlsZWRfY29waWVzKys7Ci1BU1NFUlQoMCk7CiAgICAgcmV0dXJuIC1FRkFVTFQ7CiAKIH0K ZGlmZiAtciBiYTJjMGVlY2FmN2YgeGVuL2NvbW1vbi90bWVtX3hlbi5jCi0tLSBhL3hlbi9jb21t b24vdG1lbV94ZW4uYwlUdWUgSnVuIDE1IDExOjMxOjQzIDIwMTAgKzAxMDAKKysrIGIveGVuL2Nv bW1vbi90bWVtX3hlbi5jCU1vbiBKdW4gMjEgMTA6Mzc6MDUgMjAxMCAtMDYwMApAQCAtMTAwLDcg KzEwMCw3IEBAIHN0YXRpYyBpbmxpbmUgdm9pZCAqY2xpX21mbl90b192YSh0bWVtX2MKICAgICBw Mm1fdHlwZV90IHQ7CiAKICAgICBjbGlfbWZuID0gbWZuX3goZ2ZuX3RvX21mbihjdXJyZW50LT5k b21haW4sIGNtZm4sICZ0KSk7Ci0gICAgaWYgKHQgIT0gcDJtX3JhbV9ydykKKyAgICBpZiAodCAh PSBwMm1fcmFtX3J3IHx8IGNsaV9tZm4gPT0gSU5WQUxJRF9NRk4pCiAgICAgICAgIHJldHVybiBO VUxMOwogICAgIGlmIChwY2xpX21mbiAhPSBOVUxMKQogICAgICAgICAqcGNsaV9tZm4gPSBjbGlf bWZuOwpkaWZmIC1yIGJhMmMwZWVjYWY3ZiB4ZW4vaW5jbHVkZS94ZW4vdG1lbV94ZW4uaAotLS0g YS94ZW4vaW5jbHVkZS94ZW4vdG1lbV94ZW4uaAlUdWUgSnVuIDE1IDExOjMxOjQzIDIwMTAgKzAx MDAKKysrIGIveGVuL2luY2x1ZGUveGVuL3RtZW1feGVuLmgJTW9uIEp1biAyMSAxMDozNzowNSAy MDEwIC0wNjAwCkBAIC00NTYsNyArNDU2LDkgQEAgc3RhdGljIGlubGluZSBpbnQgdG1oX2dldF90 bWVtb3BfZnJvbV9jbAogc3RhdGljIGlubGluZSBpbnQgdG1oX2dldF90bWVtb3BfZnJvbV9jbGll bnQodG1lbV9vcF90ICpvcCwgdG1lbV9jbGlfb3BfdCB1b3BzKQogewogI2lmZGVmIENPTkZJR19D T01QQVQKLSAgICBpZiAoIGlzX3B2XzMyb242NF92Y3B1KGN1cnJlbnQpICkKKyAgICBpZiAoIGlz X2h2bV92Y3B1KGN1cnJlbnQpID8KKyAgICAgICAgIGh2bV9ndWVzdF94ODZfbW9kZShjdXJyZW50 KSAhPSA4IDoKKyAgICAgICAgIGlzX3B2XzMyb242NF92Y3B1KGN1cnJlbnQpICkKICAgICB7CiAg ICAgICAgIGludCByYzsKICAgICAgICAgZW51bSBYTEFUX3RtZW1fb3BfdSB1Owo= --__127714054791217764abhmt012 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel --__127714054791217764abhmt012--