On 21/01/15 13:25, Julien Grall wrote: > The code to initialize the grant table in libxc uses > xc_domain_maximum_gpfn() + 1 to get a guest pfn for mapping the grant > frame and to initialize it. > > This solution has two major issues: > - The check of the return of xc_domain_maximum_gpfn is buggy because > xen_pfn_t is unsigned and in case of an error -ERRNO is returned. > Which is never catch with ( pfn <= 0 ). > - The guest memory layout maybe filled up to the end, i.e > xc_domain_maximum_gpfn() + 1 gives either 0 or an invalid PFN due to > hardware limitation. > > Futhermore, on ARM, xc_domain_maximum_gpfn() is not implemented and > return -ENOSYS. This will make libxc to use always the same PFN which > may colapse with an already mapped region (see xen/include/public/arch-arm.h > for the layout). > > This patch only address the problem for ARM, the x86 version use the same > behavior (ie xc_domain_maximum_gpfn() + 1), as I'm not familiar with Xen x86. > > A new function xc_core_arch_get_scratch_gpfn is introduced to be able to > choose the gpfn per architecture. > > For the ARM version, we use the GUEST_GNTTAB_GUEST which is the base of > the region by the guest to map the grant table. At the build time, > nothing is mapped there. > > At the same time correctly check the return of xc_domain_maximum_gpfn > for x86. > > Signed-off-by: Julien Grall <julien.gr...@linaro.org> > Cc: Jan Beulich <jbeul...@suse.com> > Cc: Andrew Cooper <andrew.coop...@citrix.com> > Cc: Roger Pau Monné <roger....@citrix.com> > Cc: Ian Jackson <ian.jack...@eu.citrix.com> > Cc: Stefano Stabellini <stefano.stabell...@eu.citrix.com> > Cc: Ian Campbell <ian.campb...@citrix.com> > Cc: Wei Liu <wei.l...@citrix.com>
For the x86 side of things, Reviewed-by: Andrew Cooper <andrew.coop...@citrix.com> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
