Re: [Xen-devel] Re: Making pages writable again in paging_log_dirty mode

[Tim Deegan <Tim.Deegan@xxxxxxxxxx>]

Hi,

At 11:50 -0500 on 02 Jan (1230897005), Mike Sun wrote:
>     /* Foreign mappings into guests in shadow external mode don't
>      * contribute to writeable mapping refcounts.  (This allows the
>      * qemu-dm helper process in dom0 to map the domain's memory without
>      * messing up the count of "real" writable mappings.) */
>     okay = (((l1f & _PAGE_RW) &&
>              !(unlikely(paging_mode_external(d) && (d != curr->domain))))
>             ? get_page_and_type(page, d, PGT_writable_page)
>             : get_page(page, d));
> 
> Basically, I'm trying to make an HVM guest's pages writable again via
> a hypercall from dom0, and so this piece of code messes up the type
> count since I'm actually changing "proper" writeable mapping
> refcounts.

Right; manipulating the shadow from dom0 will make a writeable shadow
PTE with no matching typecount and when it's torn down later the
typecount will underflow. :(

> For now, I'm just calling an extra
> "get_page_and_type(page, d, PGT_writable_page)" manually, and I think
> it solves this problem, but I'm getting a different kind of kernel
> panic now where it complains about not being able to
> "rm_write_access()" due to some special mappings.  Any ideas?

That's the opposite problem.  The shadow code needs to remove all the
writeable mappings of a page (because the guest is using it as a
pagetable) and finds that after removing all writeable shadow PTEs that
map the page, the typecount has not reached zero.  So:
 - there is some other special reason for the frame to have a
   typecount.  Or,
 - somehow you've removed a writeable shadow entry without decrementing
   the type count. That shouldn't be a problem because we know that
   actions by dom0 (p2m changes, for example) cause writeable shadow
   PTEs to be torn down (via shadow_put_page_from_l1e) correctly.  Or,
 - you've accidentally called get_page_and_type() once too often, 
   creating two typecounts for only one shadow PTE.

This is all confused further by the fact that the checks for these
un-type-counted mappings in put_page_from_l1e() doesn't quite match the
check in get_page_from_l1e(); ISTR there's a difference in the semantics
of the domain pointer argument to the two functions; maybe Keir can
refresh my memory.

Cheers,

Tim.

-- 
Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Principal Software Engineer, Citrix Systems (R&D) Ltd.
[Company #02300071, SL9 0DZ, UK.]

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel