From mboxrd@z Thu Jan  1 00:00:00 1970
From: Dan Magenheimer <dan.magenheimer@oracle.com>
Subject: RE: [PATCH] enable tmem functionality for PV on HVM
	guests
Date: Mon, 21 Jun 2010 10:54:08 -0700 (PDT)
Message-ID: <b6f7de84-c2c1-4951-9701-ff85d69aa92d@default>
References: <a7f1ebf4-698e-42f0-9d03-70d77efdde2d@default
	C845625D.181DB%keir.fraser@eu.citrix.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="__127714287727518654abhmt012"
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <C845625D.181DB%keir.fraser@eu.citrix.com>
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Keir Fraser <keir.fraser@eu.citrix.com>, xen-devel@lists.xensource.com
List-Id: xen-devel@lists.xenproject.org

--__127714287727518654abhmt012
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable

> This patch doesn't apply to xen-unstable tip.
>=20
>  -- Keir

Oops, sorry, I sent the 4.0-testing patch.  Here's
the one for xen-unstable.  Everything is the same
except for the hunks in hvm.c move slightly.

Dan

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

Enable tmem functionality for PV on HVM guests.  Guest kernel
must still be tmem-enabled to use this functionality (e.g.
won't work for Windows), but upstream Linux tmem (aka
cleancache and frontswap) patches apply cleanly on top
of PV on HVM patches.

Also, fix up some ASSERTS and code used only when bad guest
mfns are passed to tmem.  Previous code could crash Xen
if a buggy/malicious guest passes bad gmfns.

Signed-off-by: Dan Magenheimer <dan.magenheimer@oracle.com>

diff -r 4892d31a78b1 xen/arch/x86/hvm/hvm.c
--- a/xen/arch/x86/hvm/hvm.c=09Mon Jun 21 18:37:34 2010 +0100
+++ b/xen/arch/x86/hvm/hvm.c=09Mon Jun 21 11:48:10 2010 -0600
@@ -2302,7 +2302,8 @@ static hvm_hypercall_t *hvm_hypercall32_
     HYPERCALL(event_channel_op),
     HYPERCALL(sched_op),
     HYPERCALL(set_timer_op),
-    HYPERCALL(hvm_op)
+    HYPERCALL(hvm_op),
+    HYPERCALL(tmem_op)
 };
=20
 #else /* defined(__x86_64__) */
@@ -2355,7 +2356,8 @@ static hvm_hypercall_t *hvm_hypercall64_
     HYPERCALL(event_channel_op),
     HYPERCALL(sched_op),
     HYPERCALL(set_timer_op),
-    HYPERCALL(hvm_op)
+    HYPERCALL(hvm_op),
+    HYPERCALL(tmem_op)
 };
=20
 static hvm_hypercall_t *hvm_hypercall32_table[NR_hypercalls] =3D {
@@ -2366,7 +2368,8 @@ static hvm_hypercall_t *hvm_hypercall32_
     HYPERCALL(event_channel_op),
     HYPERCALL(sched_op),
     HYPERCALL(set_timer_op),
-    HYPERCALL(hvm_op)
+    HYPERCALL(hvm_op),
+    HYPERCALL(tmem_op)
 };
=20
 #endif /* defined(__x86_64__) */
diff -r 4892d31a78b1 xen/common/tmem.c
--- a/xen/common/tmem.c=09Mon Jun 21 18:37:34 2010 +0100
+++ b/xen/common/tmem.c=09Mon Jun 21 11:48:10 2010 -0600
@@ -1483,6 +1483,7 @@ copy_uncompressed:
         pgp_free_data(pgp, pool);
     if ( ( pgp->pfp =3D tmem_page_alloc(pool) ) =3D=3D NULL )
         goto failed_dup;
+    pgp->size =3D 0;
     /* tmh_copy_from_client properly handles len=3D=3D0 and offsets !=3D 0=
 */
     ret =3D tmh_copy_from_client(pgp->pfp,cmfn,tmem_offset,pfn_offset,len,=
0);
     if ( ret =3D=3D -EFAULT )
@@ -1492,7 +1493,6 @@ copy_uncompressed:
         if ( pcd_associate(pgp,NULL,0) =3D=3D -ENOMEM )
             goto failed_dup;
     }
-    pgp->size =3D 0;
=20
 done:
     /* successfully replaced data, clean up and return success */
@@ -1509,12 +1509,14 @@ bad_copy:
 bad_copy:
     /* this should only happen if the client passed a bad mfn */
     failed_copies++;
-ASSERT(0);
-    return -EFAULT;
+    ret =3D -EFAULT;
+    goto cleanup;
=20
 failed_dup:
    /* couldn't change out the data, flush the old data and return
     * -ENOSPC instead of -ENOMEM to differentiate failed _dup_ put */
+    ret =3D -ENOSPC;
+cleanup:
     pgpfound =3D pgp_delete_from_obj(obj, pgp->index);
     ASSERT(pgpfound =3D=3D pgp);
     pgp_delete(pgpfound,0);
@@ -1528,7 +1530,7 @@ failed_dup:
         tmem_spin_unlock(&obj->obj_spinlock);
     }
     pool->dup_puts_flushed++;
-    return -ENOSPC;
+    return ret;
 }
=20
=20
@@ -1579,6 +1581,7 @@ static NOINLINE int do_tmem_put(pool_t *
         goto free;
     ASSERT(ret !=3D -EEXIST);
     pgp->index =3D index;
+    pgp->size =3D 0;
=20
     if ( len !=3D 0 && client->compress )
     {
@@ -1615,7 +1618,6 @@ copy_uncompressed:
         if ( pcd_associate(pgp,NULL,0) =3D=3D -ENOMEM )
             goto delete_and_free;
     }
-    pgp->size =3D 0;
=20
 insert_page:
     if ( is_ephemeral(pool) )
@@ -1648,6 +1650,11 @@ insert_page:
         tot_good_eph_puts++;
     return 1;
=20
+bad_copy:
+    /* this should only happen if the client passed a bad mfn */
+    ret =3D -EFAULT;
+    failed_copies++;
+
 delete_and_free:
     ASSERT((obj !=3D NULL) && (pgp !=3D NULL) && (pgp->index !=3D -1));
     pgpdel =3D pgp_delete_from_obj(obj, pgp->index);
@@ -1669,12 +1676,6 @@ free:
     }
     pool->no_mem_puts++;
     return ret;
-
-bad_copy:
-    /* this should only happen if the client passed a bad mfn */
-    failed_copies++;
-ASSERT(0);
-    goto free;
 }
=20
 static NOINLINE int do_tmem_get(pool_t *pool, uint64_t oid, uint32_t index=
,
@@ -1758,7 +1759,6 @@ bad_copy:
 bad_copy:
     /* this should only happen if the client passed a bad mfn */
     failed_copies++;
-ASSERT(0);
     return -EFAULT;
=20
 }
diff -r 4892d31a78b1 xen/common/tmem_xen.c
--- a/xen/common/tmem_xen.c=09Mon Jun 21 18:37:34 2010 +0100
+++ b/xen/common/tmem_xen.c=09Mon Jun 21 11:48:10 2010 -0600
@@ -101,7 +101,7 @@ static inline void *cli_mfn_to_va(tmem_c
     p2m_type_t t;
=20
     cli_mfn =3D mfn_x(gfn_to_mfn(current->domain, cmfn, &t));
-    if (t !=3D p2m_ram_rw)
+    if (t !=3D p2m_ram_rw || cli_mfn =3D=3D INVALID_MFN)
         return NULL;
     if (pcli_mfn !=3D NULL)
         *pcli_mfn =3D cli_mfn;
diff -r 4892d31a78b1 xen/include/xen/tmem_xen.h
--- a/xen/include/xen/tmem_xen.h=09Mon Jun 21 18:37:34 2010 +0100
+++ b/xen/include/xen/tmem_xen.h=09Mon Jun 21 11:48:10 2010 -0600
@@ -456,7 +456,9 @@ static inline int tmh_get_tmemop_from_cl
 static inline int tmh_get_tmemop_from_client(tmem_op_t *op, tmem_cli_op_t =
uops)
 {
 #ifdef CONFIG_COMPAT
-    if ( is_pv_32on64_vcpu(current) )
+    if ( is_hvm_vcpu(current) ?
+         hvm_guest_x86_mode(current) !=3D 8 :
+         is_pv_32on64_vcpu(current) )
     {
         int rc;
         enum XLAT_tmem_op_u u;

--__127714287727518654abhmt012
Content-Type: application/octet-stream; name="tmem-hvm-unstable.patch"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="tmem-hvm-unstable.patch"

ZGlmZiAtciA0ODkyZDMxYTc4YjEgeGVuL2FyY2gveDg2L2h2bS9odm0uYwotLS0gYS94ZW4vYXJj
aC94ODYvaHZtL2h2bS5jCU1vbiBKdW4gMjEgMTg6Mzc6MzQgMjAxMCArMDEwMAorKysgYi94ZW4v
YXJjaC94ODYvaHZtL2h2bS5jCU1vbiBKdW4gMjEgMTE6NDg6MTAgMjAxMCAtMDYwMApAQCAtMjMw
Miw3ICsyMzAyLDggQEAgc3RhdGljIGh2bV9oeXBlcmNhbGxfdCAqaHZtX2h5cGVyY2FsbDMyXwog
ICAgIEhZUEVSQ0FMTChldmVudF9jaGFubmVsX29wKSwKICAgICBIWVBFUkNBTEwoc2NoZWRfb3Ap
LAogICAgIEhZUEVSQ0FMTChzZXRfdGltZXJfb3ApLAotICAgIEhZUEVSQ0FMTChodm1fb3ApCisg
ICAgSFlQRVJDQUxMKGh2bV9vcCksCisgICAgSFlQRVJDQUxMKHRtZW1fb3ApCiB9OwogCiAjZWxz
ZSAvKiBkZWZpbmVkKF9feDg2XzY0X18pICovCkBAIC0yMzU1LDcgKzIzNTYsOCBAQCBzdGF0aWMg
aHZtX2h5cGVyY2FsbF90ICpodm1faHlwZXJjYWxsNjRfCiAgICAgSFlQRVJDQUxMKGV2ZW50X2No
YW5uZWxfb3ApLAogICAgIEhZUEVSQ0FMTChzY2hlZF9vcCksCiAgICAgSFlQRVJDQUxMKHNldF90
aW1lcl9vcCksCi0gICAgSFlQRVJDQUxMKGh2bV9vcCkKKyAgICBIWVBFUkNBTEwoaHZtX29wKSwK
KyAgICBIWVBFUkNBTEwodG1lbV9vcCkKIH07CiAKIHN0YXRpYyBodm1faHlwZXJjYWxsX3QgKmh2
bV9oeXBlcmNhbGwzMl90YWJsZVtOUl9oeXBlcmNhbGxzXSA9IHsKQEAgLTIzNjYsNyArMjM2OCw4
IEBAIHN0YXRpYyBodm1faHlwZXJjYWxsX3QgKmh2bV9oeXBlcmNhbGwzMl8KICAgICBIWVBFUkNB
TEwoZXZlbnRfY2hhbm5lbF9vcCksCiAgICAgSFlQRVJDQUxMKHNjaGVkX29wKSwKICAgICBIWVBF
UkNBTEwoc2V0X3RpbWVyX29wKSwKLSAgICBIWVBFUkNBTEwoaHZtX29wKQorICAgIEhZUEVSQ0FM
TChodm1fb3ApLAorICAgIEhZUEVSQ0FMTCh0bWVtX29wKQogfTsKIAogI2VuZGlmIC8qIGRlZmlu
ZWQoX194ODZfNjRfXykgKi8KZGlmZiAtciA0ODkyZDMxYTc4YjEgeGVuL2NvbW1vbi90bWVtLmMK
LS0tIGEveGVuL2NvbW1vbi90bWVtLmMJTW9uIEp1biAyMSAxODozNzozNCAyMDEwICswMTAwCisr
KyBiL3hlbi9jb21tb24vdG1lbS5jCU1vbiBKdW4gMjEgMTE6NDg6MTAgMjAxMCAtMDYwMApAQCAt
MTQ4Myw2ICsxNDgzLDcgQEAgY29weV91bmNvbXByZXNzZWQ6CiAgICAgICAgIHBncF9mcmVlX2Rh
dGEocGdwLCBwb29sKTsKICAgICBpZiAoICggcGdwLT5wZnAgPSB0bWVtX3BhZ2VfYWxsb2MocG9v
bCkgKSA9PSBOVUxMICkKICAgICAgICAgZ290byBmYWlsZWRfZHVwOworICAgIHBncC0+c2l6ZSA9
IDA7CiAgICAgLyogdG1oX2NvcHlfZnJvbV9jbGllbnQgcHJvcGVybHkgaGFuZGxlcyBsZW49PTAg
YW5kIG9mZnNldHMgIT0gMCAqLwogICAgIHJldCA9IHRtaF9jb3B5X2Zyb21fY2xpZW50KHBncC0+
cGZwLGNtZm4sdG1lbV9vZmZzZXQscGZuX29mZnNldCxsZW4sMCk7CiAgICAgaWYgKCByZXQgPT0g
LUVGQVVMVCApCkBAIC0xNDkyLDcgKzE0OTMsNiBAQCBjb3B5X3VuY29tcHJlc3NlZDoKICAgICAg
ICAgaWYgKCBwY2RfYXNzb2NpYXRlKHBncCxOVUxMLDApID09IC1FTk9NRU0gKQogICAgICAgICAg
ICAgZ290byBmYWlsZWRfZHVwOwogICAgIH0KLSAgICBwZ3AtPnNpemUgPSAwOwogCiBkb25lOgog
ICAgIC8qIHN1Y2Nlc3NmdWxseSByZXBsYWNlZCBkYXRhLCBjbGVhbiB1cCBhbmQgcmV0dXJuIHN1
Y2Nlc3MgKi8KQEAgLTE1MDksMTIgKzE1MDksMTQgQEAgYmFkX2NvcHk6CiBiYWRfY29weToKICAg
ICAvKiB0aGlzIHNob3VsZCBvbmx5IGhhcHBlbiBpZiB0aGUgY2xpZW50IHBhc3NlZCBhIGJhZCBt
Zm4gKi8KICAgICBmYWlsZWRfY29waWVzKys7Ci1BU1NFUlQoMCk7Ci0gICAgcmV0dXJuIC1FRkFV
TFQ7CisgICAgcmV0ID0gLUVGQVVMVDsKKyAgICBnb3RvIGNsZWFudXA7CiAKIGZhaWxlZF9kdXA6
CiAgICAvKiBjb3VsZG4ndCBjaGFuZ2Ugb3V0IHRoZSBkYXRhLCBmbHVzaCB0aGUgb2xkIGRhdGEg
YW5kIHJldHVybgogICAgICogLUVOT1NQQyBpbnN0ZWFkIG9mIC1FTk9NRU0gdG8gZGlmZmVyZW50
aWF0ZSBmYWlsZWQgX2R1cF8gcHV0ICovCisgICAgcmV0ID0gLUVOT1NQQzsKK2NsZWFudXA6CiAg
ICAgcGdwZm91bmQgPSBwZ3BfZGVsZXRlX2Zyb21fb2JqKG9iaiwgcGdwLT5pbmRleCk7CiAgICAg
QVNTRVJUKHBncGZvdW5kID09IHBncCk7CiAgICAgcGdwX2RlbGV0ZShwZ3Bmb3VuZCwwKTsKQEAg
LTE1MjgsNyArMTUzMCw3IEBAIGZhaWxlZF9kdXA6CiAgICAgICAgIHRtZW1fc3Bpbl91bmxvY2so
Jm9iai0+b2JqX3NwaW5sb2NrKTsKICAgICB9CiAgICAgcG9vbC0+ZHVwX3B1dHNfZmx1c2hlZCsr
OwotICAgIHJldHVybiAtRU5PU1BDOworICAgIHJldHVybiByZXQ7CiB9CiAKIApAQCAtMTU3OSw2
ICsxNTgxLDcgQEAgc3RhdGljIE5PSU5MSU5FIGludCBkb190bWVtX3B1dChwb29sX3QgKgogICAg
ICAgICBnb3RvIGZyZWU7CiAgICAgQVNTRVJUKHJldCAhPSAtRUVYSVNUKTsKICAgICBwZ3AtPmlu
ZGV4ID0gaW5kZXg7CisgICAgcGdwLT5zaXplID0gMDsKIAogICAgIGlmICggbGVuICE9IDAgJiYg
Y2xpZW50LT5jb21wcmVzcyApCiAgICAgewpAQCAtMTYxNSw3ICsxNjE4LDYgQEAgY29weV91bmNv
bXByZXNzZWQ6CiAgICAgICAgIGlmICggcGNkX2Fzc29jaWF0ZShwZ3AsTlVMTCwwKSA9PSAtRU5P
TUVNICkKICAgICAgICAgICAgIGdvdG8gZGVsZXRlX2FuZF9mcmVlOwogICAgIH0KLSAgICBwZ3At
PnNpemUgPSAwOwogCiBpbnNlcnRfcGFnZToKICAgICBpZiAoIGlzX2VwaGVtZXJhbChwb29sKSAp
CkBAIC0xNjQ4LDYgKzE2NTAsMTEgQEAgaW5zZXJ0X3BhZ2U6CiAgICAgICAgIHRvdF9nb29kX2Vw
aF9wdXRzKys7CiAgICAgcmV0dXJuIDE7CiAKK2JhZF9jb3B5OgorICAgIC8qIHRoaXMgc2hvdWxk
IG9ubHkgaGFwcGVuIGlmIHRoZSBjbGllbnQgcGFzc2VkIGEgYmFkIG1mbiAqLworICAgIHJldCA9
IC1FRkFVTFQ7CisgICAgZmFpbGVkX2NvcGllcysrOworCiBkZWxldGVfYW5kX2ZyZWU6CiAgICAg
QVNTRVJUKChvYmogIT0gTlVMTCkgJiYgKHBncCAhPSBOVUxMKSAmJiAocGdwLT5pbmRleCAhPSAt
MSkpOwogICAgIHBncGRlbCA9IHBncF9kZWxldGVfZnJvbV9vYmoob2JqLCBwZ3AtPmluZGV4KTsK
QEAgLTE2NjksMTIgKzE2NzYsNiBAQCBmcmVlOgogICAgIH0KICAgICBwb29sLT5ub19tZW1fcHV0
cysrOwogICAgIHJldHVybiByZXQ7Ci0KLWJhZF9jb3B5OgotICAgIC8qIHRoaXMgc2hvdWxkIG9u
bHkgaGFwcGVuIGlmIHRoZSBjbGllbnQgcGFzc2VkIGEgYmFkIG1mbiAqLwotICAgIGZhaWxlZF9j
b3BpZXMrKzsKLUFTU0VSVCgwKTsKLSAgICBnb3RvIGZyZWU7CiB9CiAKIHN0YXRpYyBOT0lOTElO
RSBpbnQgZG9fdG1lbV9nZXQocG9vbF90ICpwb29sLCB1aW50NjRfdCBvaWQsIHVpbnQzMl90IGlu
ZGV4LApAQCAtMTc1OCw3ICsxNzU5LDYgQEAgYmFkX2NvcHk6CiBiYWRfY29weToKICAgICAvKiB0
aGlzIHNob3VsZCBvbmx5IGhhcHBlbiBpZiB0aGUgY2xpZW50IHBhc3NlZCBhIGJhZCBtZm4gKi8K
ICAgICBmYWlsZWRfY29waWVzKys7Ci1BU1NFUlQoMCk7CiAgICAgcmV0dXJuIC1FRkFVTFQ7CiAK
IH0KZGlmZiAtciA0ODkyZDMxYTc4YjEgeGVuL2NvbW1vbi90bWVtX3hlbi5jCi0tLSBhL3hlbi9j
b21tb24vdG1lbV94ZW4uYwlNb24gSnVuIDIxIDE4OjM3OjM0IDIwMTAgKzAxMDAKKysrIGIveGVu
L2NvbW1vbi90bWVtX3hlbi5jCU1vbiBKdW4gMjEgMTE6NDg6MTAgMjAxMCAtMDYwMApAQCAtMTAx
LDcgKzEwMSw3IEBAIHN0YXRpYyBpbmxpbmUgdm9pZCAqY2xpX21mbl90b192YSh0bWVtX2MKICAg
ICBwMm1fdHlwZV90IHQ7CiAKICAgICBjbGlfbWZuID0gbWZuX3goZ2ZuX3RvX21mbihjdXJyZW50
LT5kb21haW4sIGNtZm4sICZ0KSk7Ci0gICAgaWYgKHQgIT0gcDJtX3JhbV9ydykKKyAgICBpZiAo
dCAhPSBwMm1fcmFtX3J3IHx8IGNsaV9tZm4gPT0gSU5WQUxJRF9NRk4pCiAgICAgICAgIHJldHVy
biBOVUxMOwogICAgIGlmIChwY2xpX21mbiAhPSBOVUxMKQogICAgICAgICAqcGNsaV9tZm4gPSBj
bGlfbWZuOwpkaWZmIC1yIDQ4OTJkMzFhNzhiMSB4ZW4vaW5jbHVkZS94ZW4vdG1lbV94ZW4uaAot
LS0gYS94ZW4vaW5jbHVkZS94ZW4vdG1lbV94ZW4uaAlNb24gSnVuIDIxIDE4OjM3OjM0IDIwMTAg
KzAxMDAKKysrIGIveGVuL2luY2x1ZGUveGVuL3RtZW1feGVuLmgJTW9uIEp1biAyMSAxMTo0ODox
MCAyMDEwIC0wNjAwCkBAIC00NTYsNyArNDU2LDkgQEAgc3RhdGljIGlubGluZSBpbnQgdG1oX2dl
dF90bWVtb3BfZnJvbV9jbAogc3RhdGljIGlubGluZSBpbnQgdG1oX2dldF90bWVtb3BfZnJvbV9j
bGllbnQodG1lbV9vcF90ICpvcCwgdG1lbV9jbGlfb3BfdCB1b3BzKQogewogI2lmZGVmIENPTkZJ
R19DT01QQVQKLSAgICBpZiAoIGlzX3B2XzMyb242NF92Y3B1KGN1cnJlbnQpICkKKyAgICBpZiAo
IGlzX2h2bV92Y3B1KGN1cnJlbnQpID8KKyAgICAgICAgIGh2bV9ndWVzdF94ODZfbW9kZShjdXJy
ZW50KSAhPSA4IDoKKyAgICAgICAgIGlzX3B2XzMyb242NF92Y3B1KGN1cnJlbnQpICkKICAgICB7
CiAgICAgICAgIGludCByYzsKICAgICAgICAgZW51bSBYTEFUX3RtZW1fb3BfdSB1Owo=
--__127714287727518654abhmt012
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

--__127714287727518654abhmt012--