[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 7/7] xen/memory: Fix mapping grant tables with XENMEM_acquire_resource

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Thu, 28 Jan 2021 23:44:27 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nXrPne8cK9h/XKnni9YEgUSC/llPoUQIw06Jr8zNK4E=; b=Gm9WPvPZKmJwZcAomEKh9isWZI47uqhtSLlCoUS7kLFD9/Jtc2Ih30Xnl87GYPjp+BSW52btPcR/5Ge0ZPLhTDPJA0J3kuD2EdmGB+FFnklF4euIoAhArpShJFlG2Co5xLMuUtjk9Q1jqrWB6us14njTXN6dN8kuonpygRcqv92HerLfz0f5k25vglXHQbENrpXJhwVz46FbSn67q5/o1xS49ToJwnbhoNZ6v0snKg1N1PJZbK6l+2FihmVmEnHUnpGDyKiK9AkUrf8K91jDlD6dL2VOc+LQtseFRUDCRs6reUrAqllroOCXhSBBMoMRWHlEUanwP4Sz0qIpNk0KCQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XQQCSfD6POTpqZwBqxK6cyePbvn857zqk+OAcL7qytFA0rkjtIj2P81kRyfg0JyyLXsCUkFYgHNc9Npqwy2IR//pxV0Eiya6jdlrWoVIf+mlNa5cgL40jQU4T5EGMdlRvOuS290BNOUoOUpPxc+LKIDNdOI4fZI8Gmn03NmvAqaHuTB9Lfi8QeoerszZXdAzDoLJ34o/LwH5BjX5kc3JzfIMVpGApenAVv5otkMCbFGcFBVTl7Neyvts+Er6371CNO40VSfmNlV8SXltAtg7Wuhk9HvaoT/X25MZbYYjxtHkpxuSolS952chg5oRMjIzuYFmZ2pLE+NrLFE1tPrL5A==
  • Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Paul Durrant <paul@xxxxxxx>, Michał Leszczyński <michal.leszczynski@xxxxxxx>, "Hubert Jasudowicz" <hubert.jasudowicz@xxxxxxx>, Tamas K Lengyel <tamas@xxxxxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Thu, 28 Jan 2021 23:44:46 +0000
  • Ironport-sdr: Fxd8QU/oIC+vJPrKSUWoBTYL147tS93ET+m/u9kv41IIrtTUa85s6NoKmJYYSBSciTBBn4ylcO t0gJB7AsaFj/dDxuaaGD2UOkgwl3NrPpgyyqAXyInXjSvBT+4FtoyAtFzIxQMMtNpozc8OwpKH 4IZOmHDxYOrPpvbbzSOijN1N310rR19QfaqgURmMpwkpV7O3puNuneWL++hZrY08CnUh8XxLDl ZqfynzunP97T9Kc0m1UVuE5AlTvVJ421Nr4JnnNxnZMJ0Q1K14sFKYL8Q1sUiZecwlXI0H/UQ4 dDo=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 15/01/2021 16:12, Jan Beulich wrote:
> On 12.01.2021 20:48, Andrew Cooper wrote:
>> --- a/xen/arch/x86/mm.c
>> +++ b/xen/arch/x86/mm.c
>> @@ -4628,7 +4628,6 @@ int arch_acquire_resource(struct domain *d, unsigned 
>> int type,
>>          if ( id != (unsigned int)ioservid )
>>              break;
>>  
>> -        rc = 0;
>>          for ( i = 0; i < nr_frames; i++ )
>>          {
>>              mfn_t mfn;
> How "good" are our chances that older gcc won't recognize that
> without this initialization ...
>
>> @@ -4639,6 +4638,9 @@ int arch_acquire_resource(struct domain *d, unsigned 
>> int type,
>>  
>>              mfn_list[i] = mfn_x(mfn);
>>          }
>> +        if ( i == nr_frames )
>> +            /* Success.  Passed nr_frames back to the caller. */
>> +            rc = nr_frames;
> ... rc will nevertheless not remain uninitialized when nr_frames
> is zero?

I don't anticipate this function getting complicated enough for us to
need to rely on tricks like that to spot bugs.

AFAICT, it would take a rather larger diffstat to make it "uninitialised
clean" again.

>> @@ -432,6 +419,28 @@ int compat_memory_op(unsigned int cmd, 
>> XEN_GUEST_HANDLE_PARAM(void) compat)
>>  
>>              if ( xen_frame_list && cmp.mar.nr_frames )
>>              {
>> +                unsigned int xlat_max_frames =
>> +                    (COMPAT_ARG_XLAT_SIZE - sizeof(*nat.mar)) /
>> +                    sizeof(*xen_frame_list);
>> +
>> +                if ( start_extent >= nat.mar->nr_frames )
> Comparing with the enclosing if() I find it slightly confusing
> that different instances of nr_frames get used. Perhaps best to
> adjust the earlier patch to also use nat.mar->nr_frames? Or is
> this perhaps on purpose?

Good point - this is before the shuffle to avoid double accounting, and
the code gen will be better by using cmp consistently.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.