WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] RE: [PATCH 5/6] Handler m2p table and frametable fault in pa

from [Jiang, Yunhong] [Permanent Link][Original]
To: Jan Beulich <JBeulich@xxxxxxxxxx>
Subject: [Xen-devel] RE: [PATCH 5/6] Handler m2p table and frametable fault in page faulthandler
From: "Jiang, Yunhong" <yunhong.jiang@xxxxxxxxx>
Date: Tue, 30 Jun 2009 09:15:32 +0800
Accept-language: en-US
Acceptlanguage: en-US
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>, Tim Deegan <Tim.Deegan@xxxxxxxxxx>, Keir Fraser <keir.fraser@xxxxxxxxxxxxx>
Delivery-date: Mon, 29 Jun 2009 18:17:24 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4A48A6420200007800007F81@xxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <E2263E4A5B2284449EEBD0AAB751098402CCF824D2@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <4A48A6420200007800007F81@xxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Acn4nIK4SftZ5nd1RJSzmgaIyHq2mwAgH+3g
Thread-topic: [PATCH 5/6] Handler m2p table and frametable fault in page faulthandler 
Jan Beulich wrote:
>>>> "Jiang, Yunhong" <yunhong.jiang@xxxxxxxxx> 28.06.09 11:27 >>>
>> ...
>> +int handle_memadd_fault(unsigned long addr, struct cpu_user_regs
>> *regs) +{ +    l3_pgentry_t  *pl3e;
>> +    l3_pgentry_t l3e;
>> +    l2_pgentry_t *pl2e;
>> +    l2_pgentry_t l2e, idle_l2e;
>> +    unsigned long mfn, cr3;
>> +
>> +    idle_l2e = idle_pg_table_l2[l2_linear_offset(addr)];
>> +    if (!(l2e_get_flags(idle_l2e) & _PAGE_PRESENT)) +        return
>> 0; +
>> +    cr3 = read_cr3();
>> +    mfn = cr3 >> PAGE_SHIFT;
>> +
>> +    /*
>> +     * No need get page type here and validate checking for xen
>> mapping +     */ +    pl3e = map_domain_page(mfn);
>> +    pl3e += (cr3 & 0xFE0UL) >> 3;
>> +    l3e = pl3e[3];
>> +
>> +    if ( !(l3e_get_flags(l3e) & _PAGE_PRESENT) )
>> +        return 0;
>> +
>> +    mfn = l3e_get_pfn(l3e);
>> +    pl2e = map_domain_page(mfn);
>> +
>> +    l2e = pl2e[l2_table_offset(addr)];
>> +
>> +    if (l2e_get_flags(l2e) & _PAGE_PRESENT)
>> +        return 0;
> 
> You'd also need to check that idle_page_table_l2's entry has
> _PAGE_PRESENT set here, otherwise you'd risk live locking the domain
> on an out-of-current- bounds M2P access.

Seems I forgot check it in 32bit, (it is checked in 64 bit version).  will add 
that back.

> 
> Furthermore, I'm unsure forwarding the page fault in case you found
> the domain's L2 entry to already have _PAGE_PRESENT set is a good way
> to handle things: A racing access on another vCPU of the same
> guest may just
> have managed to install that entry.

Good catch. 
Considering these mapping should only be set by Xen HV, if the PAGE_PRESENT is 
set, we can assume it has been handled by other vCPU and return successfully, 
since only non_present fault will come here. (an ASSERT to check the content of 
the guest l2e is same as idel_page_table will be enough).

> Bottom line is, you probably need to exclusively check
> idle_page_table_l2 here.
> 
>> +
>> +    memcpy(&pl2e[l2_table_offset(addr)],
>> +            &idle_pg_table_l2[l2_linear_offset(addr)],
>> +            sizeof(l2_pgentry_t));
> 
> Using memcpy for a single page table entry seems odd - why not
> use a direct
> assignment? However, perhaps using memcpy() here is the right
> thing - to
> avoid future faults, you could update the full M2P related
> part of the L2
> directory in a single step. This ought to be safe, since the
> M2P table can only
> be extended, but never shrunk.
> 
>> +
>> +    return EXCRET_fault_fixed;
>> +}
> 
> You're leaking map_domain_page()-es here (and at the earlier
> return points).

:$ , Will add that back.

> 
> (All the comments likewise apply to the subsequent 64-bit variant.)
> 
> Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] Re: xenoprof on linux pvops, Jeremy Fitzhardinge
Next by Date:  RE: [Xen-devel] Problem: Xen 3.4 fails to boot on Dell e6400, with iommu=1, Cui, Dexuan
Previous by Thread:  [Xen-devel] Re: [PATCH 5/6] Handler m2p table and frametable fault in page faulthandler, Jan Beulich
Next by Thread:  [Xen-devel] [PATCH3/6] Change the frame table initialization to support memory add, Jiang, Yunhong
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy