David Vrabel
2013-Dec-13 14:49 UTC
[PATCH] evtchn/fifo: map correct pages when guest is HVM
From: David Vrabel <david.vrabel@citrix.com>
If a HVM guest attempts to use the FIFO-based ABI it will not receive
any events and destroying the guest may crash Xen or trigger an assert
when attempting to unmap a control block page. This occurs because
Xen maps the wrong page for both the control blocks and the event
arrays.
In map_guest_page(), use the MFN of the guest''s page and not the GFN
when calling map_domain_page_global().
Signed-off-by: David Vrabel <david.vrabel@citrix.com>
---
xen/common/event_fifo.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/xen/common/event_fifo.c b/xen/common/event_fifo.c
index fc43e62..a815b2d 100644
--- a/xen/common/event_fifo.c
+++ b/xen/common/event_fifo.c
@@ -357,7 +357,7 @@ static int map_guest_page(struct domain *d, uint64_t gfn,
void **virt)
return -EINVAL;
}
- *virt = map_domain_page_global(gfn);
+ *virt = map_domain_page_global(page_to_mfn(p));
if ( !*virt )
{
put_page_and_type(p);
--
1.7.2.5
Jan Beulich
2013-Dec-13 14:59 UTC
Re: [PATCH] evtchn/fifo: map correct pages when guest is HVM
>>> On 13.12.13 at 15:49, David Vrabel <david.vrabel@citrix.com> wrote: > --- a/xen/common/event_fifo.c > +++ b/xen/common/event_fifo.c > @@ -357,7 +357,7 @@ static int map_guest_page(struct domain *d, uint64_t gfn, void **virt) > return -EINVAL; > } > > - *virt = map_domain_page_global(gfn); > + *virt = map_domain_page_global(page_to_mfn(p));That''s what we have #define __map_domain_page_global(pg) map_domain_page_global(__page_to_mfn(pg)) for. No need to re-submit, I could adjust this while committing unless you mind. Jan
David Vrabel
2013-Dec-13 15:06 UTC
Re: [PATCH] evtchn/fifo: map correct pages when guest is HVM
On 13/12/13 14:59, Jan Beulich wrote:>>>> On 13.12.13 at 15:49, David Vrabel <david.vrabel@citrix.com> wrote: >> --- a/xen/common/event_fifo.c >> +++ b/xen/common/event_fifo.c >> @@ -357,7 +357,7 @@ static int map_guest_page(struct domain *d, uint64_t gfn, void **virt) >> return -EINVAL; >> } >> >> - *virt = map_domain_page_global(gfn); >> + *virt = map_domain_page_global(page_to_mfn(p)); > > That''s what we have > > #define __map_domain_page_global(pg) map_domain_page_global(__page_to_mfn(pg)) > > for. No need to re-submit, I could adjust this while committing > unless you mind.Please do, thanks. David
Konrad Rzeszutek Wilk
2013-Dec-13 15:10 UTC
Re: [PATCH] evtchn/fifo: map correct pages when guest is HVM
On Fri, Dec 13, 2013 at 02:49:53PM +0000, David Vrabel wrote:> From: David Vrabel <david.vrabel@citrix.com> > > If a HVM guest attempts to use the FIFO-based ABI it will not receive > any events and destroying the guest may crash Xen or trigger an assert > when attempting to unmap a control block page. This occurs because > Xen maps the wrong page for both the control blocks and the event > arrays. > > In map_guest_page(), use the MFN of the guest''s page and not the GFN > when calling map_domain_page_global(). >Should you have the Reported-by: Boris Ostrovsky <boris.ostrovsky@oracle.com> flag?> Signed-off-by: David Vrabel <david.vrabel@citrix.com> > --- > xen/common/event_fifo.c | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/xen/common/event_fifo.c b/xen/common/event_fifo.c > index fc43e62..a815b2d 100644 > --- a/xen/common/event_fifo.c > +++ b/xen/common/event_fifo.c > @@ -357,7 +357,7 @@ static int map_guest_page(struct domain *d, uint64_t gfn, void **virt) > return -EINVAL; > } > > - *virt = map_domain_page_global(gfn); > + *virt = map_domain_page_global(page_to_mfn(p)); > if ( !*virt ) > { > put_page_and_type(p); > -- > 1.7.2.5 > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xen.org > http://lists.xen.org/xen-devel
David Vrabel
2013-Dec-13 15:14 UTC
Re: [PATCH] evtchn/fifo: map correct pages when guest is HVM
On 13/12/13 15:10, Konrad Rzeszutek Wilk wrote:> On Fri, Dec 13, 2013 at 02:49:53PM +0000, David Vrabel wrote: >> From: David Vrabel <david.vrabel@citrix.com> >> >> If a HVM guest attempts to use the FIFO-based ABI it will not receive >> any events and destroying the guest may crash Xen or trigger an assert >> when attempting to unmap a control block page. This occurs because >> Xen maps the wrong page for both the control blocks and the event >> arrays. >> >> In map_guest_page(), use the MFN of the guest''s page and not the GFN >> when calling map_domain_page_global(). >> > > Should you have the Reported-by: Boris Ostrovsky <boris.ostrovsky@oracle.com> > flag?Yes. I''m really bad at remembering these. David