> -----Original Message----- > From: Wei Liu [mailto:wei.l...@citrix.com] > Sent: 28 August 2017 15:38 > To: Paul Durrant <paul.durr...@citrix.com> > Cc: Wei Liu <wei.l...@citrix.com>; xen-de...@lists.xenproject.org; Andrew > Cooper <andrew.coop...@citrix.com>; Jan Beulich <jbeul...@suse.com> > Subject: Re: [Xen-devel] [PATCH v2 REPOST 02/12] x86/mm: allow a > privileged PV domain to map guest mfns > > On Fri, Aug 25, 2017 at 11:05:54AM +0100, Paul Durrant wrote: > > > -----Original Message----- > > > From: Wei Liu [mailto:wei.l...@citrix.com] > > > Sent: 24 August 2017 17:33 > > > To: Paul Durrant <paul.durr...@citrix.com> > > > Cc: xen-de...@lists.xenproject.org; Andrew Cooper > > > <andrew.coop...@citrix.com>; Jan Beulich <jbeul...@suse.com>; Wei > Liu > > > <wei.l...@citrix.com> > > > Subject: Re: [Xen-devel] [PATCH v2 REPOST 02/12] x86/mm: allow a > > > privileged PV domain to map guest mfns > > > > > > On Tue, Aug 22, 2017 at 03:50:56PM +0100, Paul Durrant wrote: > > > > In the case where a PV domain is mapping guest resources then it > needs > > > make > > > > the HYPERVISOR_mmu_update call using DOMID_SELF, rather than the > > > guest > > > > domid, so that the passed in gmfn values are correctly treated as mfns > > > > rather than gfns present in the guest p2m. > > > > > > > > > > What would be the callchain like in this case? > > > > > It's exactly like foreign mapping but passing DOMID_SELF. I.e. in > > privcmd (in a PV domain) you have an mfn in your hand that already > > belongs to you rather than the gmfn of a foreign domain. > > > > > > > > I don't quite understand how this fits with the resource mapping > > > code in this series. > > > > > > > Because (for a PV caller) mapping a resource gives you back mfns that > > are assigned to the calling domain, and the most convenient way of > > using them is to use the existing code that normally deals with priv > > mapping from a foreign domain, but just allow it to use DOMID_SELF. > > This patch is all that's required to make that work. > > > > So the use case is as followed for PV guests: > > 1. A guest calls acquire_resource to obtain a list of mfns > 2. The guest calls the foreign map API to map those mfns into its own > address space via HYPERVISOR_mmu_update > > The mfns belong to the guest itself. > > In get_page_from_l1e, l1e contains a valid mfn, real_pg_owner is the > real owner of the page, pg_owner is the nominally owner of the page. > Shouldn't they be the same domain? I'm still quite baffled how you > manage to hit that place.
The issue I hit was l1e_owner and pg_owner being dom0, but real_pg_owner was the guest. Obviously dom0 has privilege to map anything, but it was being denied because pg_owner == l1e_owner. Paul _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
