On Wed, Nov 04, 2020 at 08:56:50AM +0100, Jan Beulich wrote: > When a page table page gets de-validated, its type reference count drops > to zero (and PGT_validated gets cleared), but its type remains intact. > XEN_DOMCTL_getpageframeinfo3, therefore, so far reported prior usage for > such pages. An intermediate write to such a page via e.g. > MMU_NORMAL_PT_UPDATE, however, would transition the page's type to > PGT_writable_page, thus altering what XEN_DOMCTL_getpageframeinfo3 would > return. In libxc the decision which pages to normalize / localize > depends solely on the type returned from the domctl. As a result without > further precautions the guest won't be able to tell whether such a page > has had its (apparent) PTE entries transitioned to the new MFNs. > > Add a check of PGT_validated, thus consistently avoiding normalization / > localization in the tool stack. > > Also use XEN_DOMCTL_PFINFO_NOTAB in the variable's initializer instead > open coding it. > > Signed-off-by: Jan Beulich <jbeul...@suse.com>
Acked-by: Roger Pau Monné <roger....@citrix.com> Maybe the switch could be avoided if the page is not validated or broken? Not that I care that much. Thanks, Roger.
