[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v6 02/11] arch, arm: add consistency check to REMOVE p2m changes

To: Arianna Avanzini <avanzini.arianna@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxx
From: Julien Grall <julien.grall@xxxxxxxxxx>
Date: Tue, 22 Apr 2014 20:35:30 +0100
Cc: julien.grall@xxxxxxxxxx, paolo.valente@xxxxxxxxxx, keir@xxxxxxx, stefano.stabellini@xxxxxxxxxxxxx, tim@xxxxxxx, dario.faggioli@xxxxxxxxxx, Ian.Jackson@xxxxxxxxxxxxx, Ian.Campbell@xxxxxxxxxxxxx, etrudeau@xxxxxxxxxxxx, JBeulich@xxxxxxxx, viktor.kleinik@xxxxxxxxxxxxxxx
Delivery-date: Tue, 22 Apr 2014 19:35:56 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

Hi Arianna,

On 21/04/14 14:44, Arianna Avanzini wrote:

---
  xen/arch/arm/p2m.c | 22 +++++++++++++++++++---
  1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
index 403fd89..7f03aa7 100644
--- a/xen/arch/arm/p2m.c
+++ b/xen/arch/arm/p2m.c
@@ -319,6 +319,7 @@ static int apply_p2m_changes(struct domain *d,
              if ( !populate )
              {
                  addr = (addr + FIRST_SIZE) & FIRST_MASK;
+                maddr = (maddr + FIRST_SIZE) & FIRST_MASK;

We differ a bit from x86 on this point. We will silently ignore that theGFN is not mapped when op == REMOVE.

I'm wondering if we should return an error in this case. I don't findany place where it's valid to remove non-present mapping.


[..]

@@ -406,12 +408,26 @@ static int apply_p2m_changes(struct domain *d,
                  {
                      pte = mfn_to_p2m_entry(maddr >> PAGE_SHIFT, mattr, t);
                      write_pte(&third[third_table_offset(addr)], pte);
-                    maddr += PAGE_SIZE;
                  }
                  break;
-            case RELINQUISH:
              case REMOVE:
                  {
+                    unsigned long mfn = pte.p2m.base;
+
+                    /*
+                     * Ensure that the guest address given as argument to
+                     * this function is actually mapped to the specified
+                     * machine address. maddr here is the machine address
+                     * given to the function, while mfn is the machine
+                     * frame number actually mapped to the guest address:
+                     * check if the two correspond.
+                     */
+                    if ( !pte.p2m.valid || maddr != pfn_to_paddr(mfn) )
+                        return -EINVAL;
+                }
+                /* fall through */
+            case RELINQUISH:
+                {
                      if ( !pte.p2m.valid )
                      {
                          count++;
@@ -425,7 +441,6 @@ static int apply_p2m_changes(struct domain *d,
                      count++;
                  }
                  break;
-


Spurious change here.

Regards

--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH v6 00/11] Implement the XEN_DOMCTL_memory_mapping hypercall for ARM
  - From: Arianna Avanzini
- [Xen-devel] [PATCH v6 02/11] arch, arm: add consistency check to REMOVE p2m changes
  - From: Arianna Avanzini

Prev by Date: [Xen-devel] [linux-linus test] 25948: regressions - FAIL
Next by Date: Re: [Xen-devel] [PATCH 1/3] bridge: preserve random init MAC address
Previous by thread: [Xen-devel] [PATCH v6 02/11] arch, arm: add consistency check to REMOVE p2m changes
Next by thread: [Xen-devel] [PATCH v6 03/11] arch, arm: let map_mmio_regions() take pfn as parameters
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.