aboutsummaryrefslogtreecommitdiffstats
path: root/arch/x86/xen/p2m.c
diff options
context:
space:
mode:
authorStefano Stabellini <stefano.stabellini@eu.citrix.com>2012-09-12 07:44:30 -0400
committerKonrad Rzeszutek Wilk <konrad.wilk@oracle.com>2012-09-12 11:21:40 -0400
commit2fc136eecd0c647a6b13fcd00d0c41a1a28f35a5 (patch)
tree2a43ce841b2bedf8206609b6c43321e540540c35 /arch/x86/xen/p2m.c
parent80ba77dfbce85f2d1be54847de3c866de1b18a9a (diff)
xen/m2p: do not reuse kmap_op->dev_bus_addr
If the caller passes a valid kmap_op to m2p_add_override, we use kmap_op->dev_bus_addr to store the original mfn, but dev_bus_addr is part of the interface with Xen and if we are batching the hypercalls it might not have been written by the hypervisor yet. That means that later on Xen will write to it and we'll think that the original mfn is actually what Xen has written to it. Rather than "stealing" struct members from kmap_op, keep using page->index to store the original mfn and add another parameter to m2p_remove_override to get the corresponding kmap_op instead. It is now responsibility of the caller to keep track of which kmap_op corresponds to a particular page in the m2p_override (gntdev, the only user of this interface that passes a valid kmap_op, is already doing that). CC: stable@kernel.org Reported-and-Tested-By: Sander Eikelenboom <linux@eikelenboom.it> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Diffstat (limited to 'arch/x86/xen/p2m.c')
-rw-r--r--arch/x86/xen/p2m.c27
1 files changed, 11 insertions, 16 deletions
diff --git a/arch/x86/xen/p2m.c b/arch/x86/xen/p2m.c
index 76ba0e97e530..72213da605f5 100644
--- a/arch/x86/xen/p2m.c
+++ b/arch/x86/xen/p2m.c
@@ -828,9 +828,6 @@ int m2p_add_override(unsigned long mfn, struct page *page,
828 828
829 xen_mc_issue(PARAVIRT_LAZY_MMU); 829 xen_mc_issue(PARAVIRT_LAZY_MMU);
830 } 830 }
831 /* let's use dev_bus_addr to record the old mfn instead */
832 kmap_op->dev_bus_addr = page->index;
833 page->index = (unsigned long) kmap_op;
834 } 831 }
835 spin_lock_irqsave(&m2p_override_lock, flags); 832 spin_lock_irqsave(&m2p_override_lock, flags);
836 list_add(&page->lru, &m2p_overrides[mfn_hash(mfn)]); 833 list_add(&page->lru, &m2p_overrides[mfn_hash(mfn)]);
@@ -857,7 +854,8 @@ int m2p_add_override(unsigned long mfn, struct page *page,
857 return 0; 854 return 0;
858} 855}
859EXPORT_SYMBOL_GPL(m2p_add_override); 856EXPORT_SYMBOL_GPL(m2p_add_override);
860int m2p_remove_override(struct page *page, bool clear_pte) 857int m2p_remove_override(struct page *page,
858 struct gnttab_map_grant_ref *kmap_op)
861{ 859{
862 unsigned long flags; 860 unsigned long flags;
863 unsigned long mfn; 861 unsigned long mfn;
@@ -887,10 +885,8 @@ int m2p_remove_override(struct page *page, bool clear_pte)
887 WARN_ON(!PagePrivate(page)); 885 WARN_ON(!PagePrivate(page));
888 ClearPagePrivate(page); 886 ClearPagePrivate(page);
889 887
890 if (clear_pte) { 888 set_phys_to_machine(pfn, page->index);
891 struct gnttab_map_grant_ref *map_op = 889 if (kmap_op != NULL) {
892 (struct gnttab_map_grant_ref *) page->index;
893 set_phys_to_machine(pfn, map_op->dev_bus_addr);
894 if (!PageHighMem(page)) { 890 if (!PageHighMem(page)) {
895 struct multicall_space mcs; 891 struct multicall_space mcs;
896 struct gnttab_unmap_grant_ref *unmap_op; 892 struct gnttab_unmap_grant_ref *unmap_op;
@@ -902,13 +898,13 @@ int m2p_remove_override(struct page *page, bool clear_pte)
902 * issued. In this case handle is going to -1 because 898 * issued. In this case handle is going to -1 because
903 * it hasn't been modified yet. 899 * it hasn't been modified yet.
904 */ 900 */
905 if (map_op->handle == -1) 901 if (kmap_op->handle == -1)
906 xen_mc_flush(); 902 xen_mc_flush();
907 /* 903 /*
908 * Now if map_op->handle is negative it means that the 904 * Now if kmap_op->handle is negative it means that the
909 * hypercall actually returned an error. 905 * hypercall actually returned an error.
910 */ 906 */
911 if (map_op->handle == GNTST_general_error) { 907 if (kmap_op->handle == GNTST_general_error) {
912 printk(KERN_WARNING "m2p_remove_override: " 908 printk(KERN_WARNING "m2p_remove_override: "
913 "pfn %lx mfn %lx, failed to modify kernel mappings", 909 "pfn %lx mfn %lx, failed to modify kernel mappings",
914 pfn, mfn); 910 pfn, mfn);
@@ -918,8 +914,8 @@ int m2p_remove_override(struct page *page, bool clear_pte)
918 mcs = xen_mc_entry( 914 mcs = xen_mc_entry(
919 sizeof(struct gnttab_unmap_grant_ref)); 915 sizeof(struct gnttab_unmap_grant_ref));
920 unmap_op = mcs.args; 916 unmap_op = mcs.args;
921 unmap_op->host_addr = map_op->host_addr; 917 unmap_op->host_addr = kmap_op->host_addr;
922 unmap_op->handle = map_op->handle; 918 unmap_op->handle = kmap_op->handle;
923 unmap_op->dev_bus_addr = 0; 919 unmap_op->dev_bus_addr = 0;
924 920
925 MULTI_grant_table_op(mcs.mc, 921 MULTI_grant_table_op(mcs.mc,
@@ -930,10 +926,9 @@ int m2p_remove_override(struct page *page, bool clear_pte)
930 set_pte_at(&init_mm, address, ptep, 926 set_pte_at(&init_mm, address, ptep,
931 pfn_pte(pfn, PAGE_KERNEL)); 927 pfn_pte(pfn, PAGE_KERNEL));
932 __flush_tlb_single(address); 928 __flush_tlb_single(address);
933 map_op->host_addr = 0; 929 kmap_op->host_addr = 0;
934 } 930 }
935 } else 931 }
936 set_phys_to_machine(pfn, page->index);
937 932
938 /* p2m(m2p(mfn)) == FOREIGN_FRAME(mfn): the mfn is already present 933 /* p2m(m2p(mfn)) == FOREIGN_FRAME(mfn): the mfn is already present
939 * somewhere in this domain, even before being added to the 934 * somewhere in this domain, even before being added to the