[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3 7/7] xen/memory: Fix mapping grant tables with XENMEM_acquire_resource
- To: Jan Beulich <jbeulich@xxxxxxxx>
- From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Date: Thu, 28 Jan 2021 23:44:27 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nXrPne8cK9h/XKnni9YEgUSC/llPoUQIw06Jr8zNK4E=; b=Gm9WPvPZKmJwZcAomEKh9isWZI47uqhtSLlCoUS7kLFD9/Jtc2Ih30Xnl87GYPjp+BSW52btPcR/5Ge0ZPLhTDPJA0J3kuD2EdmGB+FFnklF4euIoAhArpShJFlG2Co5xLMuUtjk9Q1jqrWB6us14njTXN6dN8kuonpygRcqv92HerLfz0f5k25vglXHQbENrpXJhwVz46FbSn67q5/o1xS49ToJwnbhoNZ6v0snKg1N1PJZbK6l+2FihmVmEnHUnpGDyKiK9AkUrf8K91jDlD6dL2VOc+LQtseFRUDCRs6reUrAqllroOCXhSBBMoMRWHlEUanwP4Sz0qIpNk0KCQ==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XQQCSfD6POTpqZwBqxK6cyePbvn857zqk+OAcL7qytFA0rkjtIj2P81kRyfg0JyyLXsCUkFYgHNc9Npqwy2IR//pxV0Eiya6jdlrWoVIf+mlNa5cgL40jQU4T5EGMdlRvOuS290BNOUoOUpPxc+LKIDNdOI4fZI8Gmn03NmvAqaHuTB9Lfi8QeoerszZXdAzDoLJ34o/LwH5BjX5kc3JzfIMVpGApenAVv5otkMCbFGcFBVTl7Neyvts+Er6371CNO40VSfmNlV8SXltAtg7Wuhk9HvaoT/X25MZbYYjxtHkpxuSolS952chg5oRMjIzuYFmZ2pLE+NrLFE1tPrL5A==
- Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
- Cc: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Paul Durrant <paul@xxxxxxx>, Michał Leszczyński <michal.leszczynski@xxxxxxx>, "Hubert Jasudowicz" <hubert.jasudowicz@xxxxxxx>, Tamas K Lengyel <tamas@xxxxxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- Delivery-date: Thu, 28 Jan 2021 23:44:46 +0000
- Ironport-sdr: Fxd8QU/oIC+vJPrKSUWoBTYL147tS93ET+m/u9kv41IIrtTUa85s6NoKmJYYSBSciTBBn4ylcO t0gJB7AsaFj/dDxuaaGD2UOkgwl3NrPpgyyqAXyInXjSvBT+4FtoyAtFzIxQMMtNpozc8OwpKH 4IZOmHDxYOrPpvbbzSOijN1N310rR19QfaqgURmMpwkpV7O3puNuneWL++hZrY08CnUh8XxLDl ZqfynzunP97T9Kc0m1UVuE5AlTvVJ421Nr4JnnNxnZMJ0Q1K14sFKYL8Q1sUiZecwlXI0H/UQ4 dDo=
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 15/01/2021 16:12, Jan Beulich wrote:
> On 12.01.2021 20:48, Andrew Cooper wrote:
>> --- a/xen/arch/x86/mm.c
>> +++ b/xen/arch/x86/mm.c
>> @@ -4628,7 +4628,6 @@ int arch_acquire_resource(struct domain *d, unsigned
>> int type,
>> if ( id != (unsigned int)ioservid )
>> break;
>>
>> - rc = 0;
>> for ( i = 0; i < nr_frames; i++ )
>> {
>> mfn_t mfn;
> How "good" are our chances that older gcc won't recognize that
> without this initialization ...
>
>> @@ -4639,6 +4638,9 @@ int arch_acquire_resource(struct domain *d, unsigned
>> int type,
>>
>> mfn_list[i] = mfn_x(mfn);
>> }
>> + if ( i == nr_frames )
>> + /* Success. Passed nr_frames back to the caller. */
>> + rc = nr_frames;
> ... rc will nevertheless not remain uninitialized when nr_frames
> is zero?
I don't anticipate this function getting complicated enough for us to
need to rely on tricks like that to spot bugs.
AFAICT, it would take a rather larger diffstat to make it "uninitialised
clean" again.
>> @@ -432,6 +419,28 @@ int compat_memory_op(unsigned int cmd,
>> XEN_GUEST_HANDLE_PARAM(void) compat)
>>
>> if ( xen_frame_list && cmp.mar.nr_frames )
>> {
>> + unsigned int xlat_max_frames =
>> + (COMPAT_ARG_XLAT_SIZE - sizeof(*nat.mar)) /
>> + sizeof(*xen_frame_list);
>> +
>> + if ( start_extent >= nat.mar->nr_frames )
> Comparing with the enclosing if() I find it slightly confusing
> that different instances of nr_frames get used. Perhaps best to
> adjust the earlier patch to also use nat.mar->nr_frames? Or is
> this perhaps on purpose?
Good point - this is before the shuffle to avoid double accounting, and
the code gen will be better by using cmp consistently.
~Andrew
|