[xen staging] x86/pv: Inject #GP for implicit grant unmaps

[patchbot@xxxxxxx]

commit f61c54967f4a5ea7e0c9fc3a4e966efa26481cb9
Author:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Tue Jul 19 21:37:43 2022 +0100
Commit:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Tue Jul 26 15:09:48 2022 +0100

    x86/pv: Inject #GP for implicit grant unmaps
    
    This is a debug behaviour to identify buggy kernels.  Crashing the domain is
    the most unhelpful thing to do, because it discards the relevant context.
    
    Instead, inject #GP[0] like other permission errors in x86.  In particular,
    this lets the kernel provide a backtrace which is more likely to be helpful 
to
    a developer.
    
    As a bugfix, this always injects #GP[0] to current, not l1e_owner.  It is 
not
    l1e_owner's fault if dom0 using superpowers triggers an implicit unmap.
    
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Acked-by: Jan Beulich <jbeulich@xxxxxxxx>
---
 xen/arch/x86/mm.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c
index 2c1c35151a..22a4dfa838 100644
--- a/xen/arch/x86/mm.c
+++ b/xen/arch/x86/mm.c
@@ -1229,10 +1229,10 @@ void put_page_from_l1e(l1_pgentry_t l1e, struct domain 
*l1e_owner)
     if ( (l1e_get_flags(l1e) & _PAGE_GNTTAB) &&
          !l1e_owner->is_shutting_down && !l1e_owner->is_dying )
     {
-        gdprintk(XENLOG_WARNING,
-                 "Attempt to implicitly unmap a granted PTE %" PRIpte "\n",
-                 l1e_get_intpte(l1e));
-        domain_crash(l1e_owner);
+        gprintk(XENLOG_WARNING,
+                "Attempt to implicitly unmap %pd's grant PTE %" PRIpte "\n",
+                l1e_owner, l1e_get_intpte(l1e));
+        pv_inject_hw_exception(TRAP_gp_fault, 0);
     }
 #endif
 
--
generated by git-patchbot for /home/xen/git/xen.git#staging