From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Jan Beulich <JBeulich@suse.com>,
George Dunlap <George.Dunlap@eu.citrix.com>
Cc: xen-devel <xen-devel@lists.xenproject.org>,
Paul Durrant <paul.durrant@citrix.com>,
george.dunlap@citrix.com
Subject: Re: [PATCH 0/2] MMIO emulation fixes
Date: Thu, 16 Aug 2018 12:08:29 +0100 [thread overview]
Message-ID: <bd873aad-03f8-f92e-f80e-e98792a26b54@citrix.com> (raw)
In-Reply-To: <5B712A3502000078001DD514@prv1-mh.provo.novell.com>
On 13/08/18 07:50, Jan Beulich wrote:
>>>> On 10.08.18 at 18:37, <andrew.cooper3@citrix.com> wrote:
>> On 10/08/18 17:30, George Dunlap wrote:
>>> Sorry, what exactly is the issue here? Linux has a function called
>>> load_unaligned_zeropad() which is reading into a ballooned region?
> Yes.
>
>>> Fundamentally, a ballooned page is one which has been allocated to a
>>> device driver. I'm having a hard time coming up with a justification
>>> for having code which reads memory owned by B in the process of reading
>>> memory owned by A. Or is there some weird architectural reason that I'm
>>> not aware of?
> Well, they do this no matter who owns the successive page (or
> perhaps at a smaller granularity also the successive allocation).
> I guess their goal is to have just a single MOV in the common
> case (with the caller ignoring the uninteresting to it high bytes),
> while recovering gracefully from #PF should one occur.
>
>> The underlying issue is that the emulator can't cope with a single
>> misaligned access which crosses RAM and MMIO. It gives up and
>> presumably throws #UD back.
> We wouldn't have observed any problem if there was #UD in
> such a case, as Linux'es fault recovery code doesn't care what
> kind of fault has occurred. We're getting back a result of all
> ones, even for the part of the read that has actually hit the
> last few bytes of the present page.
>
>> One longstanding Xen bug is that simply ballooning a page out shouldn't
>> be able to trigger MMIO emulation to begin with. It is a side effect of
>> mixed p2m types, and the fix for this to have Xen understand the guest
>> physmap layout.
> And hence the consideration of mapping in an all zeros page
> instead. This is because of the way __hvmemul_read() /
> __hvm_copy() work: The latter doesn't tell its caller how many
> bytes it was able to read, and hence the former considers the
> entire range MMIO (and forwards the request for emulation).
> Of course all of this is an issue only because
> hvmemul_virtual_to_linear() sees no need to split the request
> at the page boundary, due to the balloon driver having left in
> place the mapping of the ballooned out page.
Actually, the more I think about this, the more of a bad idea emulating
a zero page is.
It gives the illusion of a working piece of zeroed ram, except that
writes definitely can't take effect. Its going to make bugs even more
subtle.
~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
next prev parent reply other threads:[~2018-08-16 11:08 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-10 10:37 [PATCH 0/2] MMIO emulation fixes Paul Durrant
2018-08-10 10:37 ` [PATCH 1/2] x86/hvm/ioreq: MMIO range checking completely ignores direction flag Paul Durrant
2018-08-10 11:11 ` Andrew Cooper
2018-08-10 10:37 ` [PATCH 2/2] x86/hvm/emulate: make sure rep I/O emulation does not cross GFN boundaries Paul Durrant
2018-08-10 11:14 ` Andrew Cooper
2018-08-10 11:50 ` Paul Durrant
2018-08-10 11:50 ` Andrew Cooper
2018-08-10 11:59 ` Jan Beulich
2018-08-10 12:10 ` Paul Durrant
2018-08-10 12:01 ` [PATCH 0/2] MMIO emulation fixes Jan Beulich
2018-08-10 12:08 ` Paul Durrant
2018-08-10 12:13 ` Jan Beulich
2018-08-10 12:22 ` Paul Durrant
2018-08-10 12:37 ` Jan Beulich
2018-08-10 12:43 ` Paul Durrant
2018-08-10 12:55 ` Andrew Cooper
2018-08-10 15:08 ` Paul Durrant
2018-08-10 15:30 ` Jan Beulich
2018-08-10 15:35 ` Paul Durrant
[not found] ` <5B6DB69D02000078001DD06A@prv1*mh.provo.novell.com>
[not found] ` <eaab5a73*2910*7fb6*e1fc*08537e63088c@citrix.com>
[not found] ` <92ca69e5*98b1*61e4*817a*3868f829471a@citrix.com>
2018-08-10 16:00 ` Jan Beulich
2018-08-10 16:30 ` George Dunlap
2018-08-10 16:37 ` Andrew Cooper
2018-08-13 6:50 ` Jan Beulich
2018-08-16 11:08 ` Andrew Cooper [this message]
2018-08-29 10:36 ` Olaf Hering
2018-08-29 10:53 ` Andrew Cooper
2018-08-29 11:00 ` Olaf Hering
2018-08-29 11:09 ` Andrew Cooper
2018-08-29 11:14 ` Andrew Cooper
2018-08-29 11:26 ` Juergen Gross
[not found] ` <5B86773A0200004903F324A0@prv1-mh.provo.novell.com>
[not found] ` <5B867B1A0200006D03F3278E@prv1-mh.provo.novell.com>
[not found] ` <5B867D000200009103F328E2@prv1-mh.provo.novell.com>
[not found] ` <5B867F020200009E04E46402@prv1-mh.provo.novell.com>
2018-08-29 12:06 ` Jan Beulich
[not found] ` <5B87A68A0200001C04E5493A@prv1-mh.provo.novell.com>
2018-08-30 8:23 ` Jan Beulich
2018-08-30 10:42 ` Olaf Hering
2018-08-30 8:10 ` Olaf Hering
2018-08-16 10:29 ` Jan Beulich
2018-08-16 10:56 ` Andrew Cooper
2018-08-16 11:27 ` Jan Beulich
[not found] <20180810103714.5112=3def=3dbf=3dbd1=3def=3dbf=3dbdpau?= =?UTF-8?Q?l.durrant@ci=3f=3d_trix.com>
[not found] ` <fdf19f7d=ef=bf=bd1b92=ef=bf=bda9c0?= =?UTF-8?Q?=ef=bf=bd3602=ef=bf=bdb1c9807bf610@citrix.com>
[not found] ` <a735b4359ccc4b278?= =?UTF-8?Q?330204d9790c6ac@AMSPEX02CL03.citrite.net>
[not found] ` <5B6DAF9F02000078001DD0?= =?UTF-8?Q?40@prv1=ef=bf=bdmh.provo.novell.com>
[not found] ` <e2f77af0b2394b8f859a1f2dc1a?= =?UTF-8?Q?91797@AMSPEX02CL03.citrite.net>
[not found] ` <5B6DB69D02000078001DD06A@prv1?= =?UTF-8?B?77+9bWgucHJvdm8ubm92ZWxsLmNvbT4gPGVhYWI1YTcz77+9MjkxMO+/vTdmYjY=?= =?UTF-8?B?77+9ZTFmY++/vTA4NTM3ZTYzMDg4Y0BjaXRyaXguY29tPiA8OTJjYTY5ZTXvv705?= =?UTF-8?B?OGIx77+9NjFlNO+/vTgxN2Hvv70zODY4ZjgyOTQ3MWFAY2l0>
[not found] ` <11c0c96?= =?UTF-8?Q?5-9af7-2cec-1420-4541e281183a@citrix.com>
[not found] ` <5B755FBC0200007_=3d=3f?= =?UTF-8?Q?UTF-8=3fQ=3f8001DEDBF@suse.com>
[not found] ` <dd3c99c2-67e3-faf1-4219-85651b89?= =?UTF-8?Q?1adc@suse.com>
2018-09-04 16:24 ` Andrew Cooper
[not found] ` <651CBD680200008737554D14@prv1-mh.provo.novell.com>
[not found] ` <21554C83020000C537554D14@prv1-mh.provo.novell.com>
[not found] ` <06D73C83020000C037554D14@prv1-mh.provo.novell.com>
[not found] ` <A283E656020000808E2C01CD@prv1-mh.provo.novell.com>
2018-09-05 7:10 ` Jan Beulich
[not found] <20180810103714.5112=ef=bf=bd1=ef=bf=bdpaul.durrant@ci?= =?UTF-8?Q?trix.com>
[not found] ` <5B6D86F30?= =?UTF-8?Q?2000078001DCF85@prv1=ef=bf=bdmh.provo.novell.com>
[not found] ` <e8cff3ca6c154b?= =?UTF-8?Q?67a2a932af83719354@AMSPEX02CL03.citrite.net>
[not found] ` <fdf19f7d=ef=bf=bd1b?= =?UTF-8?B?OTLvv71hOWMw77+9MzYwMu+/vWIxYzk4MDdiZjYxMEBjaXRyaXguY29tPiA8YTcz?= =?UTF-8?Q?5b4359ccc4b278330204d9790c6ac@AMSPEX02CL03.citrite.net>
[not found] ` <5B6DAF9F?= =?UTF-8?Q?02000078001DD040@prv1=ef=bf=bdmh.provo.novell.com>
[not found] ` <e2f77af0b2394?= =?UTF-8?Q?b8f859a1f2dc1a91797@AMSPEX02CL03.citrite.net>
[not found] ` <5B6DB69D0200007800?= =?UTF-8?Q?1DD06A@prv1=ef=bf=bdmh.provo.novell.com>
[not found] ` <eaab5a73=ef=bf=bd2910?= =?UTF-8?B?77+9N2ZiNu+/vWUxZmPvv70wODUzN2U2MzA4OGNAY2l0cml4LmNvbT4gPDkyY2E2?= =?UTF-8?B?OWU177+9OThiMe+/vTYxZTTvv704MTdh77+9Mzg2OGY4Mjk0NzFhQGNpdHJpeC5j?= =?UTF-8?Q?om>
[not found] ` <5B75521102000078001DED13@prv1=ef=bf=bdmh.provo.novell.com>
[not found] ` <?= =?UTF-8?Q?11c0c965-9af7-2cec-1420-4541e281183a@citrix.com>
[not found] ` <5B755FBC0200007?= =?UTF-8?Q?8001DEDBF@suse.com>
2018-08-16 12:52 ` Juergen Gross
2018-09-04 16:11 ` Juergen Gross
[not found] <20180810103714.5112=3def=3dbf=3dbd1=3def=3dbf=3dbdpau?= l.durrant@ci?= trix.com>
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bd873aad-03f8-f92e-f80e-e98792a26b54@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=George.Dunlap@eu.citrix.com \
--cc=JBeulich@suse.com \
--cc=george.dunlap@citrix.com \
--cc=paul.durrant@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).