[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] x86/shadow: Clarify the safety of guest-linear mapping construction

sh_install_xen_entries_in_l4() looks unsafe, as it creates a guest-linear
mapping with gl4mfn.  However, it is correct because of the way monitor tables
are constructed for translated domains.

Leave a comment and some clarifying assertions.

Also, there is no longer support for translate != external, so drop the clause
as it is dead.

Finally, correct the comment for sh_install_xen_entries_in_l2h().  We need to
add Xen mappings into l2h for 3-on-any PV guests.

Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
---
CC: Tim Deegan <tim@xxxxxxx>
---
 xen/arch/x86/mm/shadow/multi.c | 31 ++++++++++++++++---------------
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/xen/arch/x86/mm/shadow/multi.c b/xen/arch/x86/mm/shadow/multi.c
index c5c0af8..7ab8f29 100644
--- a/xen/arch/x86/mm/shadow/multi.c
+++ b/xen/arch/x86/mm/shadow/multi.c
@@ -1492,28 +1492,29 @@ void sh_install_xen_entries_in_l4(struct domain *d, 
mfn_t gl4mfn, mfn_t sl4mfn)
     sl4e[shadow_l4_table_offset(SH_LINEAR_PT_VIRT_START)] =
         shadow_l4e_from_mfn(sl4mfn, __PAGE_HYPERVISOR_RW);
 
-    /* Self linear mapping.  */
-    if ( shadow_mode_translate(d) && !shadow_mode_external(d) )
-    {
-        // linear tables may not be used with translated PV guests
-        sl4e[shadow_l4_table_offset(LINEAR_PT_VIRT_START)] =
-            shadow_l4e_empty();
-    }
+    /*
+     * It is not safe to create guest linear mappings into a translated
+     * domain.  For translated domains, this function is used once to create a
+     * monitor table, and gl4mfn matches sl4mfn.  For non-translated domains,
+     * gl4mfn points to the real guest tables and will differ from sl4mfn.
+     */
+    if ( shadow_mode_translate(d) )
+        ASSERT(mfn_eq(gl4mfn, sl4mfn));
     else
-    {
-        sl4e[shadow_l4_table_offset(LINEAR_PT_VIRT_START)] =
-            shadow_l4e_from_mfn(gl4mfn, __PAGE_HYPERVISOR_RW);
-    }
+        ASSERT(!mfn_eq(gl4mfn, sl4mfn));
+
+    sl4e[shadow_l4_table_offset(LINEAR_PT_VIRT_START)] =
+        shadow_l4e_from_mfn(gl4mfn, __PAGE_HYPERVISOR_RW);
 
     unmap_domain_page(sl4e);
 }
 #endif
 
 #if GUEST_PAGING_LEVELS >= 3
-// For 3-on-3 PV guests, we need to make sure the xen mappings are in
-// place, which means that we need to populate the l2h entry in the l3
-// table.
-
+/*
+ * For 3-level PV guests, we need to make sure the xen mappings are in place,
+ * which means that we need to populate the l2h entry in the l3 table.
+ */
 static void sh_install_xen_entries_in_l2h(struct domain *d, mfn_t sl2hmfn)
 {
     shadow_l2e_t *sl2e;
-- 
2.1.4


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.