Re: [Xen-devel] [PATCH v2 5/6] xen/arm: create_p2m_entries should not call free_domheap_page

[Ian Campbell <Ian.Campbell@xxxxxxxxxx>]

On Fri, 2012-07-20 at 16:05 +0100, Stefano Stabellini wrote:
> The guest is entitled to use valid memory pages as pfns for grant_table
> usage.

I think it would be more accurate to say that the guest is entitled to
leak a page from its p2m (by overwriting it) if it wants to. Sincethe
memory is effectively lost to it (can't even be recovered by XENMEM
increase reservation etc). Is that right?

> In these cases we shouldn't call free_domheap_page to free the existing
> page from create_p2m_entries, because it resets the reference counting
> but the page is still allocated to the guest (even if not in the p2m
> anymore) and common grant_table code is also going to call put_page on
> it.
> 
> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
> ---
>  xen/arch/arm/p2m.c |    5 -----
>  1 files changed, 0 insertions(+), 5 deletions(-)
> 
> diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
> index a4c7e6f..fbfef72 100644
> --- a/xen/arch/arm/p2m.c
> +++ b/xen/arch/arm/p2m.c
> @@ -225,12 +225,7 @@ static int create_p2m_entries(struct domain *d,
>          /* else: third already valid */
>  
>          if ( third[third_table_offset(addr)].p2m.valid )
> -        {
> -            /* p2m entry already present */
> -            free_domheap_page(
> -                    mfn_to_page(third[third_table_offset(addr)].p2m.base));
>              flush_tlb_all_local();
> -        }
>  
>          /* Allocate a new RAM page and attach */
>          switch (op) {



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel