From: Julien Grall <julien.grall@arm.com>
To: Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>
Cc: "tee-dev@lists.linaro.org" <tee-dev@lists.linaro.org>,
"xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>,
Stefano Stabellini <sstabellini@kernel.org>,
Volodymyr Babchuk <vlad.babchuk@gmail.com>
Subject: Re: [PATCH v4 08/10] xen/arm: optee: add support for RPC commands
Date: Wed, 20 Mar 2019 16:27:42 +0000 [thread overview]
Message-ID: <75554d22-9cfd-a5ef-38d7-09fc689f03bf@arm.com> (raw)
In-Reply-To: <87sgvh8snx.fsf@epam.com>
On 20/03/2019 15:36, Volodymyr Babchuk wrote:
>
> Hi Julien,
Hi Volodymyr,
>
> Julien Grall writes:
>
>>> if ( shm_rpc->guest_page )
>>> put_page(shm_rpc->guest_page);
>>> +
>>
>> Spurious change.
>
> Good catch. Thank you.
>
>>
>>> + /*
>>> + * TODO: With current implementation, OP-TEE will not issue
>>> + * RPC to free this buffer. Guest and OP-TEE will be out of
>>> + * sync: guest believes that it provided buffer to OP-TEE,
>>> + * while OP-TEE thinks of opposite. Ideally, we need to
>>> + * emulate RPC with OPTEE_MSG_RPC_CMD_SHM_FREE command.
>>> + */
>> Can this condition happen if Xen runs out of memory?
>
> Yes, this is one of reasons why translate_noncontig() might fail. It
> uses both xenheap to allocate data structure and domheap to allocate
> pagelists buffers. Any of those can fail, resulting in inconsistency.
That's not very ideal. This mean a well-behaving guest can get out of sync
because of memory pressure (could be cause by a misbehaving guest on the
platform). What will be the consequence for the guest? Can it continue safely?
This feature is under EXPERT mode so I would be ok to get as this in Xen.
Although, I would like to hear Stefano's opinion here.
In any case, this should be fixed because we consider removing EXPERT mode and
security support it.
>
> You gave me idea to put gdprintk() with big fat warning there.
You clearly want to gprintk here because if this happen in non-debug build you
want to know that something has gone really wrong as soon as possible.
Cheers,
--
Julien Grall
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
next prev parent reply other threads:[~2019-03-20 16:27 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-07 21:04 [PATCH v4 00/10] TEE mediator (and OP-TEE) support in XEN Volodymyr Babchuk
2019-03-07 21:04 ` [PATCH v4 01/10] xen/arm: add generic TEE mediator framework Volodymyr Babchuk
2019-03-15 15:03 ` Julien Grall
2019-03-07 21:04 ` [PATCH v4 02/10] xen/arm: optee: add OP-TEE header files Volodymyr Babchuk
2019-03-07 21:04 ` [PATCH v4 04/10] xen/arm: optee: add fast calls handling Volodymyr Babchuk
2019-03-15 15:46 ` Julien Grall
2019-03-07 21:04 ` [PATCH v4 03/10] xen/arm: optee: add OP-TEE mediator skeleton Volodymyr Babchuk
2019-03-15 15:24 ` Julien Grall
2019-03-15 19:00 ` Volodymyr Babchuk
2019-03-15 20:18 ` Julien Grall
2019-03-15 15:47 ` Julien Grall
2019-03-07 21:04 ` [PATCH v4 05/10] xen/arm: optee: add std call handling Volodymyr Babchuk
2019-03-18 13:50 ` Julien Grall
2019-03-20 16:14 ` Volodymyr Babchuk
2019-03-20 16:48 ` Julien Grall
2019-03-20 17:42 ` Volodymyr Babchuk
2019-03-20 18:08 ` Julien Grall
2019-03-07 21:04 ` [PATCH v4 07/10] xen/arm: optee: add support for arbitrary shared memory Volodymyr Babchuk
2019-03-18 15:27 ` Julien Grall
2019-03-20 16:39 ` Volodymyr Babchuk
2019-03-20 17:47 ` Julien Grall
2019-03-20 19:37 ` Volodymyr Babchuk
2019-03-21 10:39 ` Julien Grall
2019-03-07 21:04 ` [PATCH v4 06/10] xen/arm: optee: add support for RPC SHM buffers Volodymyr Babchuk
2019-03-18 14:21 ` Julien Grall
2019-03-20 16:21 ` Volodymyr Babchuk
2019-03-20 16:52 ` Julien Grall
2019-03-20 17:09 ` Volodymyr Babchuk
2019-03-07 21:04 ` [PATCH v4 09/10] tools/arm: tee: add "tee" option for xl.cfg Volodymyr Babchuk
2019-03-18 15:49 ` Julien Grall
2019-03-18 21:04 ` Achin Gupta
2019-03-20 16:18 ` Julien Grall
2019-03-20 15:27 ` Volodymyr Babchuk
2019-03-20 16:06 ` Julien Grall
2019-03-20 17:01 ` Volodymyr Babchuk
2019-03-20 18:35 ` Julien Grall
2019-04-05 10:25 ` Volodymyr Babchuk
2019-04-05 10:25 ` [Xen-devel] " Volodymyr Babchuk
2019-04-08 10:47 ` Julien Grall
2019-04-08 10:47 ` [Xen-devel] " Julien Grall
2019-03-07 21:04 ` [PATCH v4 08/10] xen/arm: optee: add support for RPC commands Volodymyr Babchuk
2019-03-18 15:38 ` Julien Grall
2019-03-20 15:36 ` Volodymyr Babchuk
2019-03-20 16:27 ` Julien Grall [this message]
2019-03-20 16:47 ` Volodymyr Babchuk
2019-03-07 21:04 ` [PATCH v4 10/10] tools/arm: optee: create optee firmware node in DT if tee=native Volodymyr Babchuk
2019-03-18 15:50 ` Julien Grall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=75554d22-9cfd-a5ef-38d7-09fc689f03bf@arm.com \
--to=julien.grall@arm.com \
--cc=Volodymyr_Babchuk@epam.com \
--cc=sstabellini@kernel.org \
--cc=tee-dev@lists.linaro.org \
--cc=vlad.babchuk@gmail.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.