From nobody Mon Feb 9 15:09:23 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=quarantine dis=none) header.from=suse.com ARC-Seal: i=1; a=rsa-sha256; t=1610723720; cv=none; d=zohomail.com; s=zohoarc; b=kwLPGuRkj1Y5Vilv05nNACPREuH/LpOdyq3SjvVQh35J05flRkwK8R26YawD38WkaS7hULYkYF0Nxjbktmc5WipGozXXo909yFSAV3bS58JBTdK/2mBMtDRhKuG+swpOMEnC/1JpI2Tg0hUrgIE8WyTPrLYwKWBayqu3dlAn2T8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1610723720; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=/q9UZ0XeH426n57zPhmm8s1WzsdppI7RSSMGBzPjeIU=; b=bAalJroTn0mx+cNtDX9R+jEluH1nK3DHGFiKGjdD6vu3K6BT/cSgBXUHrJ9svztckDZEKTRsq2dMRyLQmIVeFBfxHbv8P935CIdZ5zNhwYLNMG3CIxLMIJi4e2+6acoPKq+4Xw0OgWdUvsYIicdAy89TYNc0HzCjJwiCrJQmL6w= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=quarantine dis=none) header.from= Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1610723720399429.28257438760807; Fri, 15 Jan 2021 07:15:20 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.68268.122205 (Exim 4.92) (envelope-from ) id 1l0Qoa-0008DV-Qy; Fri, 15 Jan 2021 15:15:04 +0000 Received: by outflank-mailman (output) from mailman id 68268.122205; Fri, 15 Jan 2021 15:15:04 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0Qoa-0008DO-Nj; Fri, 15 Jan 2021 15:15:04 +0000 Received: by outflank-mailman (input) for mailman id 68268; Fri, 15 Jan 2021 15:15:03 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1l0QoZ-0008DF-F4 for xen-devel@lists.xenproject.org; Fri, 15 Jan 2021 15:15:03 +0000 Received: from mx2.suse.de (unknown [195.135.220.15]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 4f3005e2-5488-4cd7-8b27-c21a7531f9b0; Fri, 15 Jan 2021 15:15:02 +0000 (UTC) Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id 79F6CAB7F; Fri, 15 Jan 2021 15:15:01 +0000 (UTC) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 4f3005e2-5488-4cd7-8b27-c21a7531f9b0 X-Virus-Scanned: by amavisd-new at test-mx.suse.de DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1610723701; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/q9UZ0XeH426n57zPhmm8s1WzsdppI7RSSMGBzPjeIU=; b=aJV+nGKDRu2X2o9+cSmj3RGYMiLvgQ9POz9fIKdldDQDzcLTRdSLJyUF20bR3cMHkFLnGc 1+fBShvWowGo+jIsZN/gXN9yNL42pHawSTVTR7T126gM6VTEQvPHCNOGTfvaCCCoGHVlq1 Uvuo2VyKJ3ftb4Ai6IqOhYToUIbbhWs= Subject: [PATCH v2 2/2] gnttab: consolidate pin-to-status syncing From: Jan Beulich To: "xen-devel@lists.xenproject.org" Cc: Andrew Cooper , George Dunlap , Ian Jackson , Julien Grall , Stefano Stabellini , Wei Liu References: <43168334-20af-a0ed-95ec-8eef5200877b@suse.com> Message-ID: <54d2a427-e3d6-ec19-055a-2ec7f6fd2a0d@suse.com> Date: Fri, 15 Jan 2021 16:15:01 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 In-Reply-To: <43168334-20af-a0ed-95ec-8eef5200877b@suse.com> Content-Language: en-US Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @suse.com) Content-Type: text/plain; charset="utf-8" Forever since the fix for XSA-230 the 2nd of the comments ahead of fixup_status_for_copy_pin() has been stale - there's nothing specific to transitive grants there anymore. Move the function up, drop the "copy" part from its name again, add a "readonly" parameter, and use it also on other paths having decremented one (or not having got to increment any) of the pin counts. Signed-off-by: Jan Beulich Reviewed-by: Andrew Cooper --- v2: Rename helper to reduce_status_for_pin() and adjust its comment accordingly. --- a/xen/common/grant_table.c +++ b/xen/common/grant_table.c @@ -920,6 +920,25 @@ static int _set_status(const grant_entry return _set_status_v2(shah, status, rd, act, readonly, mapflag, ld= omid); } =20 +/* + * The status for a grant may indicate that we're taking more access than + * the pin requires. Reduce the status to match the pin. Called with the + * domain's grant table lock held at least in read mode and with the active + * entry lock held (iow act->pin can't change behind our backs). + */ +static void reduce_status_for_pin(struct domain *rd, + const struct active_grant_entry *act, + uint16_t *status, bool readonly) +{ + unsigned int clear_flags =3D act->pin ? 0 : GTF_reading; + + if ( !readonly && !(act->pin & (GNTPIN_hstw_mask | GNTPIN_devw_mask)) ) + clear_flags |=3D GTF_writing; + + if ( clear_flags ) + gnttab_clear_flags(rd, clear_flags, status); +} + static struct active_grant_entry *grant_map_exists(const struct domain *ld, struct grant_table *rgt, mfn_t mfn, @@ -1003,8 +1022,7 @@ map_grant_ref( mfn_t mfn; struct page_info *pg =3D NULL; int rc =3D GNTST_okay; - unsigned int cache_flags, clear_flags =3D 0, refcnt =3D 0, typecnt = =3D 0, - pin_incr =3D 0; + unsigned int cache_flags, refcnt =3D 0, typecnt =3D 0, pin_incr =3D = 0; bool host_map_created =3D false; struct active_grant_entry *act =3D NULL; struct grant_mapping *mt; @@ -1296,15 +1314,7 @@ map_grant_ref( act->pin -=3D pin_incr; =20 unlock_out_clear: - if ( !(op->flags & GNTMAP_readonly) && - !(act->pin & (GNTPIN_hstw_mask|GNTPIN_devw_mask)) ) - clear_flags |=3D GTF_writing; - - if ( !act->pin ) - clear_flags |=3D GTF_reading; - - if ( clear_flags ) - gnttab_clear_flags(rd, clear_flags, status); + reduce_status_for_pin(rd, act, status, op->flags & GNTMAP_readonly); =20 act_release_out: active_entry_release(act); @@ -1519,7 +1529,6 @@ unmap_common_complete(struct gnttab_unma grant_entry_header_t *sha; struct page_info *pg; uint16_t *status; - unsigned int clear_flags =3D 0; =20 if ( evaluate_nospec(!op->done) ) { @@ -1578,15 +1587,7 @@ unmap_common_complete(struct gnttab_unma act->pin -=3D GNTPIN_hstw_inc; } =20 - if ( ((act->pin & (GNTPIN_devw_mask|GNTPIN_hstw_mask)) =3D=3D 0) && - !(op->done & GNTMAP_readonly) ) - clear_flags |=3D GTF_writing; - - if ( act->pin =3D=3D 0 ) - clear_flags |=3D GTF_reading; - - if ( clear_flags ) - gnttab_clear_flags(rd, clear_flags, status); + reduce_status_for_pin(rd, act, status, op->done & GNTMAP_readonly); =20 active_entry_release(act); grant_read_unlock(rgt); @@ -2426,7 +2427,6 @@ release_grant_for_copy( uint16_t *status; grant_ref_t trans_gref; struct domain *td; - unsigned int clear_flags =3D 0; =20 grant_read_lock(rgt); =20 @@ -2456,15 +2456,9 @@ release_grant_for_copy( gnttab_mark_dirty(rd, mfn); =20 act->pin -=3D GNTPIN_hstw_inc; - if ( !(act->pin & (GNTPIN_devw_mask|GNTPIN_hstw_mask)) ) - clear_flags |=3D GTF_writing; } =20 - if ( !act->pin ) - clear_flags |=3D GTF_reading; - - if ( clear_flags ) - gnttab_clear_flags(rd, clear_flags, status); + reduce_status_for_pin(rd, act, status, readonly); =20 active_entry_release(act); grant_read_unlock(rgt); @@ -2481,27 +2475,6 @@ release_grant_for_copy( } } =20 -/* The status for a grant indicates that we're taking more access than - the pin requires. Fix up the status to match the pin. Called - under the domain's grant table lock. */ -/* Only safe on transitive grants. Even then, note that we don't - attempt to drop any pin on the referent grant. */ -static void fixup_status_for_copy_pin(struct domain *rd, - const struct active_grant_entry *act, - uint16_t *status) -{ - unsigned int clear_flags =3D 0; - - if ( !(act->pin & (GNTPIN_hstw_mask | GNTPIN_devw_mask)) ) - clear_flags |=3D GTF_writing; - - if ( !act->pin ) - clear_flags |=3D GTF_reading; - - if ( clear_flags ) - gnttab_clear_flags(rd, clear_flags, status); -} - /* * Grab a machine frame number from a grant entry and update the flags * and pin count as appropriate. If rc =3D=3D GNTST_okay, note that this *= does* @@ -2529,7 +2502,6 @@ acquire_grant_for_copy( bool is_sub_page; s16 rc =3D GNTST_okay; unsigned int pin_incr =3D readonly ? GNTPIN_hstr_inc : GNTPIN_hstw_inc; - unsigned int clear_flags =3D 0; =20 *page =3D NULL; =20 @@ -2616,8 +2588,8 @@ acquire_grant_for_copy( =20 if ( rc !=3D GNTST_okay ) { - fixup_status_for_copy_pin(rd, act, status); rcu_unlock_domain(td); + reduce_status_for_pin(rd, act, status, readonly); active_entry_release(act); grant_read_unlock(rgt); return rc; @@ -2639,8 +2611,8 @@ acquire_grant_for_copy( !act->is_sub_page)) ) { release_grant_for_copy(td, trans_gref, readonly); - fixup_status_for_copy_pin(rd, act, status); rcu_unlock_domain(td); + reduce_status_for_pin(rd, act, status, readonly); active_entry_release(act); grant_read_unlock(rgt); put_page(*page); @@ -2754,15 +2726,7 @@ acquire_grant_for_copy( return rc; =20 unlock_out_clear: - if ( !(readonly) && - !(act->pin & (GNTPIN_hstw_mask | GNTPIN_devw_mask)) ) - clear_flags |=3D GTF_writing; - - if ( !act->pin ) - clear_flags |=3D GTF_reading; - - if ( clear_flags ) - gnttab_clear_flags(rd, clear_flags, status); + reduce_status_for_pin(rd, act, status, readonly); =20 unlock_out: active_entry_release(act); @@ -3732,8 +3696,6 @@ gnttab_release_mappings( =20 for ( handle =3D 0; handle < gt->maptrack_limit; handle++ ) { - unsigned int clear_flags =3D 0; - map =3D &maptrack_entry(gt, handle); if ( !(map->flags & (GNTMAP_device_map|GNTMAP_host_map)) ) continue; @@ -3806,16 +3768,9 @@ gnttab_release_mappings( put_page(pg); } } - - if ( (act->pin & (GNTPIN_devw_mask|GNTPIN_hstw_mask)) =3D=3D 0= ) - clear_flags |=3D GTF_writing; } =20 - if ( act->pin =3D=3D 0 ) - clear_flags |=3D GTF_reading; - - if ( clear_flags ) - gnttab_clear_flags(rd, clear_flags, status); + reduce_status_for_pin(rd, act, status, map->flags & GNTMAP_readonl= y); =20 active_entry_release(act); grant_read_unlock(rgt);