>>> On 25.07.18 at 10:29, <aisa...@bitdefender.com> wrote:
>> >
>> > +static void p2m_set_access(struct p2m_domain *p2m, unsigned long
>> > gfn,
>> > + p2m_access_t a)
>> > +{
>> > + int rc;
>> > +
>> > + if ( !p2m->mem_access_settings )
>> > + return;
>> No error indication?
>
> I would say ASSERT is a better choice if the code got this far and it
> could not allocate memory
For one ASSERT() is a no-op in release builds. And then it is
extremely bad practices to bring down the host when an operation
targeting just a single guest has failed. You either return an error
indicator here (and pass it up the call tree), or if that's really
unfeasible then you crash the affected domain (we do so in quite
a few other situations). But you'd need to make clear (if it's not
obvious) why passing up an error is unacceptable here.
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
