From mboxrd@z Thu Jan  1 00:00:00 1970
From: Julien Grall <julien.grall@linaro.org>
Subject: Re: [PATCH v03 01/10] xen: implement
	guest_physmap_pin_range
Date: Wed, 10 Sep 2014 18:12:46 -0700
Message-ID: <5410F70E.9040806@linaro.org>
References: <1409672770-23164-1-git-send-email-andrii.tseglytskyi@globallogic.com>
	<1409672770-23164-2-git-send-email-andrii.tseglytskyi@globallogic.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <1409672770-23164-2-git-send-email-andrii.tseglytskyi@globallogic.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Andrii Tseglytskyi <andrii.tseglytskyi@globallogic.com>, Ian Campbell <ian.campbell@citrix.com>, Stefano Stabellini <stefano.stabellini@citrix.com>, xen-devel@lists.xen.org
List-Id: xen-devel@lists.xenproject.org

Hi Andrii,

On 02/09/14 08:46, Andrii Tseglytskyi wrote:
>   int guest_physmap_mark_populate_on_demand(struct domain *d,
>                                             unsigned long gfn,
>                                             unsigned int order)
> @@ -478,10 +551,18 @@ static int apply_one_level(struct domain *d,
>       struct p2m_domain *p2m = &d->arch.p2m;
>       lpae_t pte;
>       const lpae_t orig_pte = *entry;
> +    struct page_info *page = NULL;
>       int rc;
>
>       BUG_ON(level > 3);
>
> +    if ( guest_physmap_pinned_range(d, orig_pte.p2m.base, 0) )

This change is wrong, orig_pte.p2m.base may not be valid. I think you 
have to do this check only on REMOVE and INSERT op.

Also few general questions about this patch:
   - What about the destruction of the domain? Shouldn't you remove the 
flag?
   - In case of REMOVE, if the page is pinned, the error value will be 
ignored (this is because guest_physmap_remove_page is returning void). 
So the upper code (see guest_remove_page in common/memory.c) will think 
the mapping has effectively been removed and will put back the page to 
the memory allocator... This is because we don't take a reference when 
is mapped.

Overall, AFIU your usage in this patch, I don't think we care if the 
guest decides to remove the page from the P2M. The most important things 
is to avoid Xen using the page for another guest. I suspect this could 
be done by taking a reference on the page.

Regards,

-- 
Julien Grall