From nobody Fri Apr 19 06:48:29 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=suse.com); dmarc=pass(p=quarantine dis=none) header.from=suse.com ARC-Seal: i=2; a=rsa-sha256; t=1641289310; cv=pass; d=zohomail.com; s=zohoarc; b=iSesxWx+H1FyGH5YvBH0Xo9QcfHm5oiAL8MPaelNFIGuJLKrziTdLVkiVF1Xeu7U3y0BkppcsoaVTu1GwvaNRU3lnq9z3o0+yr2Pbk0MHw2cE2s7349iLxbiydqP523P+xRbwB2t1fb7qlRUQqlqPyZfiaYD3S2YPxPsg+jhvdg= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1641289310; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=H5dgdFi5lZ4igKvqS/wOHJKgdrw1TKxZCXD4+d9UN1E=; b=kffxKNJFtGN/+jhl9zaj4ayYiiSLLKu7rVJbJz3EOsdMmJMViN12z7dX3pH1Tut+YHq5VgdhzOmgK7OK+haqDrkbDOgD/dzGgj8cEFY45zOwyN1eOH0T0MoPiemLdPcyKwT+fbXCp6W4lMwCO7dIwk5VAydCBVoSuczpKJvKbcU= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=suse.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1641289310782374.62405407548556; Tue, 4 Jan 2022 01:41:50 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.253095.434120 (Exim 4.92) (envelope-from ) id 1n4gJt-0001SZ-VJ; Tue, 04 Jan 2022 09:41:29 +0000 Received: by outflank-mailman (output) from mailman id 253095.434120; Tue, 04 Jan 2022 09:41:29 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1n4gJt-0001SS-Ry; Tue, 04 Jan 2022 09:41:29 +0000 Received: by outflank-mailman (input) for mailman id 253095; Tue, 04 Jan 2022 09:41:27 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1n4gJr-0001SI-Ot for xen-devel@lists.xenproject.org; Tue, 04 Jan 2022 09:41:27 +0000 Received: from de-smtp-delivery-102.mimecast.com (de-smtp-delivery-102.mimecast.com [194.104.109.102]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 7c49bdb8-6d42-11ec-81c0-a30af7de8005; Tue, 04 Jan 2022 10:41:26 +0100 (CET) Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-ve1eur02lp2057.outbound.protection.outlook.com [104.47.6.57]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id de-mta-35-t8tH_XaUN4mWVjzq58toQQ-1; Tue, 04 Jan 2022 10:41:25 +0100 Received: from VI1PR04MB5600.eurprd04.prod.outlook.com (2603:10a6:803:e7::16) by VI1PR0402MB3390.eurprd04.prod.outlook.com (2603:10a6:803:9::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4844.16; Tue, 4 Jan 2022 09:41:24 +0000 Received: from VI1PR04MB5600.eurprd04.prod.outlook.com ([fe80::5951:a489:1cf0:19fe]) by VI1PR04MB5600.eurprd04.prod.outlook.com ([fe80::5951:a489:1cf0:19fe%6]) with mapi id 15.20.4844.016; Tue, 4 Jan 2022 09:41:24 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 7c49bdb8-6d42-11ec-81c0-a30af7de8005 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=mimecast20200619; t=1641289286; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=H5dgdFi5lZ4igKvqS/wOHJKgdrw1TKxZCXD4+d9UN1E=; b=QfN7ZhfCICs+EMEzc0xPdlNr76PSKADuoxJTqcH9LuoYTg5L2LG9vLRRuadWr+wqN6J0cw omVU03y6L++lqJA9QenKOdZ8sKNqUoijljIAyxYHPs2jKwPC1T1hKzIW92+1K3PuS3AVuL c5nFK/CBPjBq4AFKmNg0cz8B2IDDB5c= X-MC-Unique: t8tH_XaUN4mWVjzq58toQQ-1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GjpfgNZAFwClw8owTnLgK7jgRgMP/esKCbXMei3E0MVBP5zVSMPvtK8ws/7i/HtwoNJOgikkn9gZ5dGhMPtsbJWlTZFxzkgnEFSpz4HhQvof1tWv1VrzjFbscEvsjILWYwN05EDhwIWKxvFyQhepeL0ditApYmiQJGqSIhMUz8K9vR4OkM4XWx+dv51FcGj5KL9el5gq7QZg7h904sXP6kkU0VDeJZ6Fp2vq8+8YIuQO3+xqP1Un7YxRrc3D51UfDJWmND8tVbCBhmSChM9qX9ErnLzekxsvXzGhIv6bcopK+JoEjcfzobReirC7C10WQmUtgSHdDwFMdNmJC2cDiA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=H5dgdFi5lZ4igKvqS/wOHJKgdrw1TKxZCXD4+d9UN1E=; b=Jg7ap+jwMH5uEFrnN18oBPGfnUrvZC3dMdednX4zDo4nvzXkMHX1BMaxC7Fy9eztmIR0T7WY9sajmduBuL6+KVmUy8tDCtle21u594JoMTZLV1bkG+DlrRpm8bK/GBoAwPKQYnlskrVOheP0rErl9A08dFq6ruOH5ejUQUZ13ZUBwC/zddzYcV4anh6rED/bo+ADycgOG5WmJSIRlOOYcLDygCX42OK44OnphLXpSopyUGR4IBNzplJeGiCDMjpuHUGLLIwYesUSVYkXqUG6J64xPx9TxM7DtNGFCf9o0ffs3RONMQVaVPUJkYlTeiF3trr3/eUnKYSrbpGEa6JopA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com; Message-ID: Date: Tue, 4 Jan 2022 10:41:32 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.4.1 Subject: [PATCH v3 1/2] IOMMU/x86: disallow device assignment to PoD guests Content-Language: en-US From: Jan Beulich To: "xen-devel@lists.xenproject.org" Cc: Andrew Cooper , Wei Liu , =?UTF-8?Q?Roger_Pau_Monn=c3=a9?= , George Dunlap , Paul Durrant , Tamas K Lengyel , Petre Pircalabu , Alexandru Isaila References: <6fe7b036-2bdb-b391-4e6c-1b5d7e05a119@suse.com> In-Reply-To: <6fe7b036-2bdb-b391-4e6c-1b5d7e05a119@suse.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: AM6PR04CA0039.eurprd04.prod.outlook.com (2603:10a6:20b:f0::16) To VI1PR04MB5600.eurprd04.prod.outlook.com (2603:10a6:803:e7::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 142dd462-b5af-4479-ec31-08d9cf665f10 X-MS-TrafficTypeDiagnostic: VI1PR0402MB3390:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 0QoZVl2disA7kuMUEAPf9u1fyzUzPrwF4cB8NaiD84pwXQAAMeuTI34uP3roK82RGj2dcUcx6lAKRZBCPbOOfiyeuNpvbNMC5Hk32+2aFYPMWHuT0G06tUuFfkG8r94EQeB7JnZ1iPihghbmvL9RHiJxEOLN+9N5Dbdpu8awSFli5ealj+EmDiWi8iLU6BWduEdyPch5bXNuDn0bOllWvbdsEmorRExNVbQEKG6cI9ozo8Ailb5V8dhFyaOViVXIaCzDlmhh8aED0zsFih6aVgkaEB1RmY4w9/AQdSWmtUmQATmaXyyoj8Fh4BFTRNgHrcIqoeGYpMS1nok6vd8KrCjHPMLawB1bXfhdHt2V5jSOz26qJw8dLTL81xjTbZb87Dt2WZLkqS31bTmATOQA63DaBaC1ZyOffucq7/XaIlI6rkW+x4nQLX8dDMPnNWs0gp5AUVf3EVqx9UMxT6KektywsBrkvUIWNDAoUBy4vPKiclg7kmiil+OiTtjflsPGtW/vLRABwt/w3FfcVNZ3wv+7Ur+mvfTWJ+vBFLwCHG/RAw+FUGk6dx6vjZZ9c+Q+4jKdaAGdd7uB/yqjuzyHZj6mTASlXfhUsS9I7HynVY02L7g28q6H7QtWn1w9RJEcy6OBsGvID8f1ZN9xDEOY1ebbuxPJkfAYCD97qWKSF5NSJQLJzY8N3+OHmNbqxa4CdfuHz5BfV47JR4ODXTsMvW9GvyXN9F6t79SXtnuYgP1WrEoootVBLbiotXZ5h+pD X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VI1PR04MB5600.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(186003)(36756003)(6666004)(31696002)(86362001)(66556008)(54906003)(38100700002)(8676002)(31686004)(26005)(6486002)(6916009)(66946007)(6512007)(4326008)(2906002)(316002)(508600001)(66476007)(6506007)(5660300002)(8936002)(83380400001)(2616005)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?SGphMlJnT201bXZXak4vQmZuMGRnbWdXamFQL1MyZ0tNNjFObmZ5M0NrVG9I?= =?utf-8?B?blY2cXlrMGRpM2pGOHVSSnhkWTBJVnhSdEt6Q3dsMDNQUk1lTHJVQWJsYUhk?= =?utf-8?B?VmJPNTNLbml0OHUxSzcrbUgxQkRQL093aXJpWCs2VjZrMmlBa0NTRGJORXMr?= =?utf-8?B?TjBTQWk5N2VsMHdsNlhKdUw2K2IycjFDbi82ZHNNTmdob1cyaEx5ZUFuNm91?= =?utf-8?B?QXVkK0pVWEJEU3h3enJVeU93cXl3MmMxSHhsNUx3RHlRL0JHVjVYOXJkNlRi?= =?utf-8?B?SW5vaFhmSDFqSVh1OEh1M0FqdE0xcktKM29FWm9SWWhCNDM0Z2R6VkxiMndv?= =?utf-8?B?RW5TQUlwYllhZmJ2VHpSMmJPVGlmcVNlaE1OYnkyQTEvaC9IS282aCtqUVRq?= =?utf-8?B?Kzk2M09QZG1EQjBKUGdQZmRVWFlrL2doMll2TSswME1oY3lLZHN2SGEySlBC?= =?utf-8?B?Q0c0RGp6YlNwMHMvVi9zT0lQOUtnRDY1SXhJNTJRaHJoUXpwOEFwWEQ2bTFC?= =?utf-8?B?a0JqVHduOFdnQkZ2V2h2emowZDJxVzJmVW1VVTFCOGdzYiszNE8xb1lCWVFB?= =?utf-8?B?UU90UnYzOThEL3B3NS83bHhHMlNiUEplT2RwdExBZDhqKy9RaTNqamhkWTNE?= =?utf-8?B?NmZ6c21TMWhrRDVXRDNNNW9GVDdkQWh5K0l2aGNyRTFzWWorTjNvTUJCelFs?= =?utf-8?B?Q2d6Qmpya1ZReFJZYldUR1NyZjAybFM1cHZnNDRYeTFyVkN2MmI5OWxzUlNS?= =?utf-8?B?b0ZQSVh1dXRmYy9aa0lzemtaMTNUSllzb0lnWmNhNEt2N1MrdzJId1hlNzJQ?= =?utf-8?B?Ny9wWml5RU5FaXlKUEkwd2tFRkRBWnNIMlpROEExRjgwdkZ6VSs3MUwwaHhG?= =?utf-8?B?TTlWSTQ3RnVzdEUvYUVvY2RwdHVhSW1JSUE4UUdpbjRuQzJwSlBoeVdRSVZI?= =?utf-8?B?WjU0ZmRUbDY1MktiMThibE9QK3pua0hnRE8rS3NTd2pYeFltZGpQalRmcE9o?= =?utf-8?B?UnBDdGR3ZitJSDlYTW1XWm9nbkZtaENJK2srKzdiZko0ZFVnZUZJd3QyeVh4?= =?utf-8?B?NkJOaTR5TjY4ekg0OXlrdnpTV0YxcVpxdTdyb3ZaZC9mM3NtRDlLcmJiZURW?= =?utf-8?B?OVVXYWRPUzMvVHNsZkN5V1kvcHh4cm11eHN3U3ovTndacUY5NzR2emVmaTlC?= =?utf-8?B?bVVOenNERWw0RWpjK01kMWVEeHF0VTBXMDVGQmkwbXI0dEZSbWV5V3cwRnoy?= =?utf-8?B?RXh5TVRERUtNUC82ZTJtb3RVbTNtb2hnQ3FueHppNVVKbFliUVVQR0xoRW1B?= =?utf-8?B?R1FwekVIalIzSExxZzF2SER6T0JoME5pVGptS1hLeDRsTEtpRjBZL2d2YnFP?= =?utf-8?B?ZCtJZlNMNUY2YVZCZ1lMd3UvWGIrK2kzb0hkZkhPc3dERUJuVyt2MjQ3dEtp?= =?utf-8?B?U1hoVkhEckFWVDJuRE0yTGMzN0M3TGRFaEhrT3U4TWo3bWRiTG1KSVlvVktY?= =?utf-8?B?a1lXcVRmU2EyK2NHeDd0KytkQnE1eWZWblhKaVpjTVdiZmxmcUc1aWh4WmN6?= =?utf-8?B?T0R4SEQ5bE9jMHRET2lzN3ZQTks3RGJKM2FYa1V1YUJ1QjV4OHBKczl2eWFQ?= =?utf-8?B?SUxrNGhXd05sTHp6OTFESXhkem9SaVR6eUY4ZDdyZ3ZHN1lmWkVvT0dXUVZ2?= =?utf-8?B?azdKRmxwUktMdGVhT0M3YzFZNk1UeDA2SU1tWWN5TXFJOUNmZFhiUUo4UFpp?= =?utf-8?B?K0pLOGkzRTZxM2ZvRUFGMC8vbzRVTHJMUEFVN2hYMjRYdnlqNThucEdyck5y?= =?utf-8?B?S3J1eVZWVWRuclNNSXlqbnV3R0xuWlFrdTBOek9JbEljNGFHcWhKSjRtSkdE?= =?utf-8?B?Nnl2VkgyNFNXbWVodmdmVFFYc2ZqVzRqWTFmaFRGaTFGVkZTY0h3cllQWm96?= =?utf-8?B?UTlBc09oWjRJbmJYOGhFMmUwU3dPQkpWVTZjeWR1WVVPVFhtY0k1ZXd6bisr?= =?utf-8?B?TUpOdzJ5b0EwUnVNbzZraUFILzRIRFdqNENUTnNyVXNvbzVhcWZMbmYwY3FC?= =?utf-8?B?TUhiWmNyZmxlYkROeW40Qm5Wampway9pZDlRR05qNlF1SmNPSW1UL2czT20x?= =?utf-8?B?ZnpvMGxsa2M5Z3JXKzN3WXB3Wkh0VERXZHVkODVmU2pTTWtUcDhSeTdzakcx?= =?utf-8?Q?hkZ00uZyLWVcwBIKxr+yyhc=3D?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: 142dd462-b5af-4479-ec31-08d9cf665f10 X-MS-Exchange-CrossTenant-AuthSource: VI1PR04MB5600.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Jan 2022 09:41:23.9533 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: H4oTw1pe8E2YvKoD54CbEpx2XEAQJvtbuKyfobAtMhAdHzJBW/lnb91bm3v6AKthGvX3OSzeFN1Os5qxLyL+JA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0402MB3390 X-ZohoMail-DKIM: pass (identity @suse.com) X-ZM-MESSAGEID: 1641289312504100001 Content-Type: text/plain; charset="utf-8" While it is okay for IOMMU page tables to get set up for guests starting in PoD mode, actual device assignment may only occur once all PoD entries have been removed from the P2M. So far this was enforced only for boot-time assignment, and only in the tool stack. Also use the new function to replace p2m_pod_entry_count(): Its unlocked access to p2m->pod.entry_count wasn't really okay (irrespective of the result being stale by the time the caller gets to see it). To allow the tool stack to see a consistent snapshot of PoD state, move the tail of XENMEM_{get,set}_pod_target handling into a function, adding proper locking there. In libxl take the liberty to use the new local variable r also for a pre-existing call into libxc. Signed-off-by: Jan Beulich Acked-by: Anthony PERARD --- If p2m->pod.entry_count =3D=3D p2m->pod.count it is in principle possible to permit device assignment by actively resolving all remaining PoD entries. Initially I thought this was introduced by f89f555827a6 ("remove late (on-demand) construction of IOMMU page tables"), but without arch_iommu_use_permitted() checking for PoD I think the issue has been there before that. --- v3: In p2m_pod_set_mem_target() move check down. v2: New. --- a/tools/libs/light/libxl_pci.c +++ b/tools/libs/light/libxl_pci.c @@ -1619,8 +1619,13 @@ void libxl__device_pci_add(libxl__egc *e pas->callback =3D device_pci_add_stubdom_done; =20 if (libxl__domain_type(gc, domid) =3D=3D LIBXL_DOMAIN_TYPE_HVM) { - rc =3D xc_test_assign_device(ctx->xch, domid, pci_encode_bdf(pci)); - if (rc) { + int r; + uint64_t cache, ents; + + rc =3D ERROR_FAIL; + + r =3D xc_test_assign_device(ctx->xch, domid, pci_encode_bdf(pci)); + if (r) { LOGD(ERROR, domid, "PCI device %04x:%02x:%02x.%u %s?", pci->domain, pci->bus, pci->dev, pci->func, @@ -1628,6 +1633,22 @@ void libxl__device_pci_add(libxl__egc *e : "already assigned to a different guest"); goto out; } + + r =3D xc_domain_get_pod_target(ctx->xch, domid, NULL, &cache, &ent= s); + if (r) { + LOGED(ERROR, domid, "Cannot determine PoD status"); + goto out; + } + /* + * In principle it is sufficient for the domain to have ballooned = down + * enough such that ents <=3D cache. But any remaining entries wo= uld + * need resolving first. Until such time when this gets effected, + * refuse assignment as long as any entries are left. + */ + if (ents /* > cache */) { + LOGD(ERROR, domid, "Cannot assign device with PoD still active= "); + goto out; + } } =20 rc =3D libxl__device_pci_setdefault(gc, domid, pci, !starting); --- a/xen/arch/x86/mm/p2m-pod.c +++ b/xen/arch/x86/mm/p2m-pod.c @@ -20,6 +20,7 @@ */ =20 #include +#include #include #include #include @@ -359,7 +360,10 @@ p2m_pod_set_mem_target(struct domain *d, =20 ASSERT( pod_target >=3D p2m->pod.count ); =20 - ret =3D p2m_pod_set_cache_target(p2m, pod_target, 1/*preemptible*/); + if ( has_arch_pdevs(d) || cache_flush_permitted(d) ) + ret =3D -ENOTEMPTY; + else + ret =3D p2m_pod_set_cache_target(p2m, pod_target, 1/*preemptible*/= ); =20 out: pod_unlock(p2m); @@ -367,6 +371,23 @@ out: return ret; } =20 +void p2m_pod_get_mem_target(const struct domain *d, xen_pod_target_t *targ= et) +{ + struct p2m_domain *p2m =3D p2m_get_hostp2m(d); + + ASSERT(is_hvm_domain(d)); + + pod_lock(p2m); + lock_page_alloc(p2m); + + target->tot_pages =3D domain_tot_pages(d); + target->pod_cache_pages =3D p2m->pod.count; + target->pod_entries =3D p2m->pod.entry_count; + + unlock_page_alloc(p2m); + pod_unlock(p2m); +} + int p2m_pod_empty_cache(struct domain *d) { struct p2m_domain *p2m =3D p2m_get_hostp2m(d); @@ -1384,6 +1405,9 @@ guest_physmap_mark_populate_on_demand(st if ( !paging_mode_translate(d) ) return -EINVAL; =20 + if ( has_arch_pdevs(d) || cache_flush_permitted(d) ) + return -ENOTEMPTY; + do { rc =3D mark_populate_on_demand(d, gfn, chunk_order); =20 @@ -1405,3 +1429,20 @@ void p2m_pod_init(struct p2m_domain *p2m for ( i =3D 0; i < ARRAY_SIZE(p2m->pod.mrp.list); ++i ) p2m->pod.mrp.list[i] =3D gfn_x(INVALID_GFN); } + +bool p2m_pod_active(const struct domain *d) +{ + struct p2m_domain *p2m; + bool res; + + if ( !is_hvm_domain(d) ) + return false; + + p2m =3D p2m_get_hostp2m(d); + + pod_lock(p2m); + res =3D p2m->pod.entry_count | p2m->pod.count; + pod_unlock(p2m); + + return res; +} --- a/xen/arch/x86/mm.c +++ b/xen/arch/x86/mm.c @@ -4778,7 +4778,6 @@ long arch_memory_op(unsigned long cmd, X { xen_pod_target_t target; struct domain *d; - struct p2m_domain *p2m; =20 if ( copy_from_guest(&target, arg, 1) ) return -EFAULT; @@ -4787,7 +4786,9 @@ long arch_memory_op(unsigned long cmd, X if ( d =3D=3D NULL ) return -ESRCH; =20 - if ( cmd =3D=3D XENMEM_set_pod_target ) + if ( !is_hvm_domain(d) ) + rc =3D -EINVAL; + else if ( cmd =3D=3D XENMEM_set_pod_target ) rc =3D xsm_set_pod_target(XSM_PRIV, d); else rc =3D xsm_get_pod_target(XSM_PRIV, d); @@ -4813,10 +4814,7 @@ long arch_memory_op(unsigned long cmd, X } else if ( rc >=3D 0 ) { - p2m =3D p2m_get_hostp2m(d); - target.tot_pages =3D domain_tot_pages(d); - target.pod_cache_pages =3D p2m->pod.count; - target.pod_entries =3D p2m->pod.entry_count; + p2m_pod_get_mem_target(d, &target); =20 if ( __copy_to_guest(arg, &target, 1) ) { --- a/xen/common/vm_event.c +++ b/xen/common/vm_event.c @@ -639,7 +639,7 @@ int vm_event_domctl(struct domain *d, st =20 rc =3D -EXDEV; /* Disallow paging in a PoD guest */ - if ( p2m_pod_entry_count(p2m_get_hostp2m(d)) ) + if ( p2m_pod_active(d) ) break; =20 /* domain_pause() not required here, see XSA-99 */ --- a/xen/drivers/passthrough/x86/iommu.c +++ b/xen/drivers/passthrough/x86/iommu.c @@ -454,11 +454,12 @@ bool arch_iommu_use_permitted(const stru { /* * Prevent device assign if mem paging, mem sharing or log-dirty - * have been enabled for this domain. + * have been enabled for this domain, or if PoD is still in active use. */ return d =3D=3D dom_io || (likely(!mem_sharing_enabled(d)) && likely(!mem_paging_enabled(d)) && + likely(!p2m_pod_active(d)) && likely(!p2m_get_hostp2m(d)->global_logdirty)); } =20 --- a/xen/arch/x86/include/asm/p2m.h +++ b/xen/arch/x86/include/asm/p2m.h @@ -661,6 +661,12 @@ int p2m_pod_empty_cache(struct domain *d * domain matches target */ int p2m_pod_set_mem_target(struct domain *d, unsigned long target); =20 +/* Obtain a consistent snapshot of PoD related domain state. */ +void p2m_pod_get_mem_target(const struct domain *d, xen_pod_target_t *targ= et); + +/* Check whether PoD is (still) active in a domain. */ +bool p2m_pod_active(const struct domain *d); + /* Scan pod cache when offline/broken page triggered */ int p2m_pod_offline_or_broken_hit(struct page_info *p); @@ -669,11 +675,6 @@ p2m_pod_offline_or_broken_hit(struct pag void p2m_pod_offline_or_broken_replace(struct page_info *p); =20 -static inline long p2m_pod_entry_count(const struct p2m_domain *p2m) -{ - return p2m->pod.entry_count; -} - void p2m_pod_init(struct p2m_domain *p2m); =20 #else @@ -689,6 +690,11 @@ static inline int p2m_pod_empty_cache(st return 0; } =20 +static inline bool p2m_pod_active(const struct domain *d) +{ + return false; +} + static inline int p2m_pod_offline_or_broken_hit(struct page_info *p) { return 0; @@ -699,11 +705,6 @@ static inline void p2m_pod_offline_or_br ASSERT_UNREACHABLE(); } =20 -static inline long p2m_pod_entry_count(const struct p2m_domain *p2m) -{ - return 0; -} - static inline void p2m_pod_init(struct p2m_domain *p2m) {} =20 #endif From nobody Fri Apr 19 06:48:29 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=suse.com); dmarc=pass(p=quarantine dis=none) header.from=suse.com ARC-Seal: i=2; a=rsa-sha256; t=1641289324; cv=pass; d=zohomail.com; s=zohoarc; b=nCHLBEj6kWW9H8UEomHatMA8Xzf4avoCYDl7esPDsO7Noeg+bKJnFTYwn+zlSRua0YweSdMOy3fm1flCXDO0Kw1bTMT4ZDvKJ+8wxTvJL/sSfGDa6FYA4Tl9z4Hvxf/1sYo5p6NwFtgAan8kpRLtKPa45DSn6pGD9RBUIwb9bgo= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1641289324; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=aeDXmUgr7Jm5ejsZq/eCve7xIAm3hniBKsi3UcJSYpA=; b=G35OLVgOF0/DVTTf2HOnlitkHxApPaE9ERyyNXg94fdHd4rGzUqWbPPEc/d3djxTEl4A+/Td0XEAXZxLibclkkw8+1A5dvVFrFBekkXmdmM+zqGfMwJ+wHQ0HvvDb9xowWvOYCYmFq22Zt60MKrzjoMIe/jn/wjavm5aDNdN75M= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=suse.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1641289324163106.1179576113376; Tue, 4 Jan 2022 01:42:04 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.253097.434131 (Exim 4.92) (envelope-from ) id 1n4gKD-0001uc-85; Tue, 04 Jan 2022 09:41:49 +0000 Received: by outflank-mailman (output) from mailman id 253097.434131; Tue, 04 Jan 2022 09:41:49 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1n4gKD-0001uV-48; Tue, 04 Jan 2022 09:41:49 +0000 Received: by outflank-mailman (input) for mailman id 253097; Tue, 04 Jan 2022 09:41:48 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1n4gKC-0001SI-57 for xen-devel@lists.xenproject.org; Tue, 04 Jan 2022 09:41:48 +0000 Received: from de-smtp-delivery-102.mimecast.com (de-smtp-delivery-102.mimecast.com [194.104.109.102]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id 88dbecb3-6d42-11ec-81c0-a30af7de8005; Tue, 04 Jan 2022 10:41:47 +0100 (CET) Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-ve1eur02lp2055.outbound.protection.outlook.com [104.47.6.55]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id de-mta-41-_8vXeKlTNFOA1ysRh5MaKw-1; Tue, 04 Jan 2022 10:41:46 +0100 Received: from VI1PR04MB5600.eurprd04.prod.outlook.com (2603:10a6:803:e7::16) by VI1PR0402MB3390.eurprd04.prod.outlook.com (2603:10a6:803:9::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4844.16; Tue, 4 Jan 2022 09:41:45 +0000 Received: from VI1PR04MB5600.eurprd04.prod.outlook.com ([fe80::5951:a489:1cf0:19fe]) by VI1PR04MB5600.eurprd04.prod.outlook.com ([fe80::5951:a489:1cf0:19fe%6]) with mapi id 15.20.4844.016; Tue, 4 Jan 2022 09:41:45 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 88dbecb3-6d42-11ec-81c0-a30af7de8005 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=mimecast20200619; t=1641289307; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=aeDXmUgr7Jm5ejsZq/eCve7xIAm3hniBKsi3UcJSYpA=; b=PeOqVZaPWmZlHylDn+mlLmqr/U+iKJxNnCktl1M0khP44xPUM9DEVPvQvgo9aadwJmsNZc oxCkbO9U2JeZERttguBt4MVEFp1PE9GXcBgMa+u8SdMyacjhPzAduSEE0xYF5b0qN73Lic IeS/RfGdHqNKgJpCYCN8GT9QjMK3ppw= X-MC-Unique: _8vXeKlTNFOA1ysRh5MaKw-1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DSpDjzDLCjEf94FDKhPgW7btVfwOp9yYGf3yvNu/GvjtSC4C/9CF4ZKMexPUnWBqwsrrBmjG+rWY1qgp/K62i4bmIL5BeKyzGe10WWUxLZwrmDvFN01wYB+In3dhUISoBaTJclssXGRHlqNzjJz7Px18LukWLQhv50Uld/V7Q/lAlQZFBKogVxt8N9AafZdBHvE2eE97ilySOmZx0gQgSxT4iLEfNDjPkrscl/kMao4pilGpISejL0YHrJAfh3nFCq2B5z6pmAg1tDGfEI8wWS3cPvGaaqwy6X9mwz36gKEJTdw/3xHoyZKqOuzkve894CGBdxURJbmSABqDzOXGYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=aeDXmUgr7Jm5ejsZq/eCve7xIAm3hniBKsi3UcJSYpA=; b=aX57rMtB6Q7tD9IZ+y1OcLzjroveQlY6gdAzcWgl05HAK72CM742ZzKGWGUeflfnXSFEDC0N3DoIlLxaSvLxLirYAnVSt0qJrHHUoVXgNsKAq2aafmgy3oomwtwgQAqRpcue/jFQ4Is5/edj/pfBS1JbuyqX8FGxEqHSroE28Poep3WSGoBDshtPaNmu2W34QARsK0B3JV/4TnTarh0ckAxk+lFC1L2KoKnbq1VkVixRbXGWpaA5P/SfgoWs+VdR5WhkD6NAn7CN4EnSOHGbS2XFh8TvS30gLmqN4nCOWLiDtPI+JQtLeM3gK7fCRnmnrVRwyuvc8noQNcWtHxlQ8Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com; Message-ID: <8cba4cd0-d218-da1b-dcea-4cc3047c0946@suse.com> Date: Tue, 4 Jan 2022 10:41:53 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.4.1 Subject: [PATCH v3 2/2] x86/mm: tidy XENMEM_{get,set}_pod_target handling Content-Language: en-US From: Jan Beulich To: "xen-devel@lists.xenproject.org" Cc: Andrew Cooper , Wei Liu , =?UTF-8?Q?Roger_Pau_Monn=c3=a9?= , George Dunlap References: <6fe7b036-2bdb-b391-4e6c-1b5d7e05a119@suse.com> In-Reply-To: <6fe7b036-2bdb-b391-4e6c-1b5d7e05a119@suse.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: AM6PR04CA0041.eurprd04.prod.outlook.com (2603:10a6:20b:f0::18) To VI1PR04MB5600.eurprd04.prod.outlook.com (2603:10a6:803:e7::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 389d091f-2e5f-45d2-a2da-08d9cf666bf0 X-MS-TrafficTypeDiagnostic: VI1PR0402MB3390:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:419; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: nnvN0VuRCwtsIzMQdPJJXsdLfkJcQmWxsspB/VTu4n+rhQf5uTiSA0wh6lDAiWKvwGZGMT6jBBixGTJRlYuvuuSa5Gb10UAU0JQvgx4g1f492LvtApDnYZ9e59uAMlw59/WUzd9nLPNHvWgbPCIJmnzO3u6pBQEP0UufmZAOzan2igzpVPpNp4lYHYCDkBj1FNCOWfRm7L47macf8mwg2ojHOI4AB+qoj0SIea0vdMZ0Jjr6RQ+3mcTOUZSvNi7Q0/AXsVo7gpKMk8lwbFXYdNH2p7fUiFVBD9+DRJ6UTgKx6/MG/uR4F34uW7Z3N/gN3nM2o8kRJWhEhgguoBZEZAg55Q8TCB304NJUvILjDJ8UQsgqrK32btSLtbW7ffMuelokzSAYIVJjklaBoSMn7aN2QZBAOS3VtC2dLSgwjS+Y2HqRlWLQzvLKAXhnlcKt71yEX4WCCfPomsy+32yGjb0yhS8PbipgysHm/ansVYxuD8KRUR/Tfz8esmNGGN3VdgzsrVWUGBPVQkYDxr0FLmWbVMuiwyWhENXf4W+/kjawfIRio1CT5R66E+ob1uj9RTF1K61JAa4a8kXtI4Uo5sAUsGTs9C6ntSTTr1t5f1xl6r8mR0Stx8sS+xXHEW4+qxjOKwmtAA7lQAjHTbkMdicrNXjdCdx7mVeYOkYRNwE+30o3whb17C35X99HANK/IlrLbiNDthRNzGJ8JwPlhZSIL6jcxJFvD1wsqORFt+Y= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VI1PR04MB5600.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(186003)(36756003)(6666004)(31696002)(86362001)(66556008)(54906003)(38100700002)(8676002)(31686004)(26005)(6486002)(6916009)(66946007)(6512007)(4326008)(2906002)(316002)(508600001)(66476007)(6506007)(5660300002)(8936002)(83380400001)(2616005)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?ZTdHdU9WT2hyS0lydUVOdHJQYTQ4R09Wd3ZkUHFnWnVNZVJnSVl4MklBSEtF?= =?utf-8?B?d1h4SkdVZmJ5Qm9BMTBtVW84cDI1ME9La0dKZzJaeVpFd2NzNFRLaEM5UXgw?= =?utf-8?B?YXl6dGc2WEsvZGFDVUhNRmZKbjlEVDMwUVdMM1FYZWRZUzBMdHlsK3hRdnVU?= =?utf-8?B?MXhqUnJGbGIvZ3h3ZDQxY0JESjBQYk11WFdoNTQxU3c1cDNvUE9Zb3R1QWhq?= =?utf-8?B?TVh1MHU0cE4vMForR2VuNkRiMjlUb2FKaXlHTVVoc2l4eDlDaktjUzk0VG9j?= =?utf-8?B?ejg2azE3MTliSUhjZU9GZTQwQ1pZODJRdm5mMThxbXFkRXVaQmY1ZjRZeGVV?= =?utf-8?B?cnFZbGVPV01oQkJsZGUwSVEyT3YwNlJkR2c1bU9YaCs0V1JLUFk2c01xNVFK?= =?utf-8?B?RHgxdWJuZjBaTWVXa0RhNTRLYWVLVXd0UDJuc0xNdWcwQ3ozUWZMWTJkeGRM?= =?utf-8?B?Z3UrdXdkalRJYTlyNGQ3WEUwRUpZdHAwUjkxbEZVd0tkeEVxR2xEZVhhSWE3?= =?utf-8?B?YmJFVWNYUzQ1LytEMWxUZ3RBZjRJckl5WWtvbXJlZUpXWVN5L1lNaktFVFoz?= =?utf-8?B?U0VEdkZrSDdRU2pWTUFzMVlPZ1dzU3g4OCtHcmpJemJkdkRlc3NRN2RYazZy?= =?utf-8?B?ZTFqMlk5cjNUbVlYRDhhZlpITVQ2Z09uNnZ5b2xLVXo3UENiemFqSzBieDhP?= =?utf-8?B?U2NCWWpNMUcwdzJ2bTE3U1pMT09YUU9MaUxvQ3BLbDhoNjJJRnFqMjBCUnNO?= =?utf-8?B?OEI5dDdPbXUwbEh4ZHpEa3E5clZlakZRTFlrcTdheWoxeXFWajhNVjNrWXdP?= =?utf-8?B?djR1UUQrQ3lvYWZaVXpuTThhaWJMYjlJdmNnTEVDU0N3Q0VheGkyUERRa3g1?= =?utf-8?B?dWdOL2NLaWwvL2RqZ08xTFArMUZJVnZKRitSeTRFbkdmMC8yRXRsVGpVTWlJ?= =?utf-8?B?bmRVSHdhMEQweGJDTnIrM0dQMWt1M1ROR3pIRGtlcEd2ZHFabmJwNnc2UURO?= =?utf-8?B?Q3FRMGJNTXZ5YU8xeHVDKzRGdnNiTzJKQkh5YnpHU1UyUy8wTWdTd05WdWRm?= =?utf-8?B?S241Z3lJaElGT3Jubll0USt1TUVVWmZoczRaVWUvVGMwNmtwNnZkVVAweEFw?= =?utf-8?B?SlN1UGYxbXlTUjJEdm9HRFVFYjhadzM1TWhuajVMZXhPM0xtMy92ZlRJMXhO?= =?utf-8?B?cExyNUVJbDJlVGMvcDU3L0FURGtmNnZpSzlGbVN0dzdEVkRHWXc4ZFlmQTZs?= =?utf-8?B?dExFOW9KRC9CWWJjcXRDelJpakZhQUpvNkxKZU45YlZwbzRTUGV4MCtyYllo?= =?utf-8?B?MmFoclhGMFZBQXhyRjBkWkRRbXdyaXRBZ2NVd3Z4S0MwWGdoclhuVXBETFBr?= =?utf-8?B?NlBUQjh2VS9saTY5aGhTNUowaFhIeGFQb2FNVVJxd0t5Q0hIYWU2cU1iK0Zo?= =?utf-8?B?RDNBSnlEeVJ2RGFBbld4bGZMaVU4ZXYzVHdKRnBPczJDTnVUSTkxdWkvR0No?= =?utf-8?B?dXlLWndnMlhSUVFTQnp4cThJcVNrcEQxdDJiVUp4eGtXVkxQcUQ2NTdtNnRI?= =?utf-8?B?bjk3Q2ZRMWlhbStOR2NZcW11YTMwZGhDVEJkSXE2M0lScVAxM1ROZThYekln?= =?utf-8?B?bnJHTlk5RlVOY0tzNkd5VEdRdWQ1Y1RTa21WdTVHWnZNWGFESGs5Z2lTd005?= =?utf-8?B?dXc5cDZmK3NjTDFjdEEvMHU3Kzh2ME1oYUhtREcrdVorcHV1QVlXTjFLN0Rs?= =?utf-8?B?aVdGODBOOVU2L21TRzRjM202M2liOWk3b2N2aWFGTFg2d3BnZFdHN0lrZTBY?= =?utf-8?B?TDB5NWtwb0M3ZmQvT0dRdUZ4WlVGUkpWek5zSE5nNDI2V2FKckZ1QXFTZ1dw?= =?utf-8?B?eEE5RmRROWFCR3RuSzA1cWtVTWloSThDbDNDWXlhdzVtUFcwZVUydWRhRHBC?= =?utf-8?B?cmJlM0t5eTZCV1k5eWpRc2lYaERpeko4ZHdRZ3o3QzladWpmYmRMaUVLT25V?= =?utf-8?B?WTZLNVFpWkZrOHJKMjhiSkJtdGJheUlzWWJBanVHanptY05qRjVYZWhzNGpL?= =?utf-8?B?VWpEUlhoTktqNlNMOTlOMTlWNEpGNER6RjZQV2dtbFZBNWFLSEZDdTBqWkty?= =?utf-8?B?Z0JZdG8ybWcyTDF0b1B6ZmI1c04vaDJad1MzUlgvT09Jd010UUFPb3NyWEZO?= =?utf-8?Q?bjpdtO7w3vX2eFemIUNk6AY=3D?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: 389d091f-2e5f-45d2-a2da-08d9cf666bf0 X-MS-Exchange-CrossTenant-AuthSource: VI1PR04MB5600.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Jan 2022 09:41:45.5091 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: WiUoZNLA9etRgBCM0NAuIpVJldOQuu3uMZU3Mfzyy/y5Xms+h8V0YTOrfF4nV94BOI0ufk6GSsSuQweaiuxR/Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0402MB3390 X-ZohoMail-DKIM: pass (identity @suse.com) X-ZM-MESSAGEID: 1641289326462100001 Content-Type: text/plain; charset="utf-8" Do away with the "pod_target_out_unlock" label. In particular by folding if()-s, the logic can be expressed with less code (and no goto-s) this way. Limit scope of "p2m", constifying it at the same time. Signed-off-by: Jan Beulich Acked-by: Roger Pau Monn=C3=A9 --- v2: Re-base over new earlier patch. --- a/xen/arch/x86/mm.c +++ b/xen/arch/x86/mm.c @@ -4789,23 +4789,17 @@ long arch_memory_op(unsigned long cmd, X if ( !is_hvm_domain(d) ) rc =3D -EINVAL; else if ( cmd =3D=3D XENMEM_set_pod_target ) - rc =3D xsm_set_pod_target(XSM_PRIV, d); - else - rc =3D xsm_get_pod_target(XSM_PRIV, d); - - if ( rc !=3D 0 ) - goto pod_target_out_unlock; - - if ( cmd =3D=3D XENMEM_set_pod_target ) { - if ( target.target_pages > d->max_pages ) - { + rc =3D xsm_set_pod_target(XSM_PRIV, d); + if ( rc ) + ASSERT(rc < 0); + else if ( target.target_pages > d->max_pages ) rc =3D -EINVAL; - goto pod_target_out_unlock; - } - - rc =3D p2m_pod_set_mem_target(d, target.target_pages); + else + rc =3D p2m_pod_set_mem_target(d, target.target_pages); } + else + rc =3D xsm_get_pod_target(XSM_PRIV, d); =20 if ( rc =3D=3D -ERESTART ) { @@ -4817,13 +4811,9 @@ long arch_memory_op(unsigned long cmd, X p2m_pod_get_mem_target(d, &target); =20 if ( __copy_to_guest(arg, &target, 1) ) - { - rc=3D -EFAULT; - goto pod_target_out_unlock; - } + rc =3D -EFAULT; } =20 - pod_target_out_unlock: rcu_unlock_domain(d); return rc; } From nobody Fri Apr 19 06:48:29 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=suse.com); dmarc=pass(p=quarantine dis=none) header.from=suse.com ARC-Seal: i=2; a=rsa-sha256; t=1649670510; cv=pass; d=zohomail.com; s=zohoarc; b=CEenlXAUnFpO1K8qmpnln3XGg0sSoNi8OGaVjjbl0CTlztSrhtQtyCkwX1uicNBdp1nWbALHHAmjJOTR7iCZoAzqPXEufKgFQAFv1EDIlKzoC2F+s2fMmylR8+NvniqZTRQbHJcnEceGC36VCDb0pffJJqWU2H/LtCr39+qqgew= ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1649670510; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=/zQjR5DK4NpJpp9HOOVnWEC0s4IqMWdnpI2ohv4rQYY=; b=gjxa5RaY17Efg/c/pOY6zPGmdKU4MAIGF31EQTiPZLn+6ymKfYlmPHZxdBQiqbXK5HWVGeXv4OP8fr/jOBo3wyS1zDPaQ7cxeNM9mfqysACZpkRsGGF4310pkv9DCT8boOsq6p+kb0ex3JUFl7vluKBlYNaB/p/yOkpq1533W6g= ARC-Authentication-Results: i=2; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; arc=pass (i=1 dmarc=pass fromdomain=suse.com); dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1649670510235540.3985642671973; Mon, 11 Apr 2022 02:48:30 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.302815.516603 (Exim 4.92) (envelope-from ) id 1ndqeK-0004S7-BU; Mon, 11 Apr 2022 09:47:56 +0000 Received: by outflank-mailman (output) from mailman id 302815.516603; Mon, 11 Apr 2022 09:47:56 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ndqeK-0004S0-8G; Mon, 11 Apr 2022 09:47:56 +0000 Received: by outflank-mailman (input) for mailman id 302815; Mon, 11 Apr 2022 09:47:55 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ndqeI-0004Ru-VN for xen-devel@lists.xenproject.org; Mon, 11 Apr 2022 09:47:55 +0000 Received: from de-smtp-delivery-102.mimecast.com (de-smtp-delivery-102.mimecast.com [194.104.111.102]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 74f37bfb-b97c-11ec-a405-831a346695d4; Mon, 11 Apr 2022 11:47:53 +0200 (CEST) Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01lp2058.outbound.protection.outlook.com [104.47.0.58]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id de-mta-38-IN5cOqAmMjy2Q-dFv1vueg-1; Mon, 11 Apr 2022 11:47:49 +0200 Received: from DU2PR04MB8616.eurprd04.prod.outlook.com (2603:10a6:10:2db::16) by AM6PR04MB4344.eurprd04.prod.outlook.com (2603:10a6:209:3f::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5144.29; Mon, 11 Apr 2022 09:47:48 +0000 Received: from DU2PR04MB8616.eurprd04.prod.outlook.com ([fe80::5592:2abe:fb16:6cd1]) by DU2PR04MB8616.eurprd04.prod.outlook.com ([fe80::5592:2abe:fb16:6cd1%6]) with mapi id 15.20.5144.029; Mon, 11 Apr 2022 09:47:48 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 74f37bfb-b97c-11ec-a405-831a346695d4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=mimecast20200619; t=1649670473; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/zQjR5DK4NpJpp9HOOVnWEC0s4IqMWdnpI2ohv4rQYY=; b=DS96yOLmxW6xDwPwIEWEN8VV9srOCXp3q3MXGCfwzmvSYG2TBxQeiujrnebRz2BGrpmm9F Npr2YDydt+H649KLNZicflMH98tqbhEZocQJY7yXPMkINuatEA233yBbSqwUUpbcpucyGF YrzQ//ZMXISoL7jaL67JfdSXY4Jgff4= X-MC-Unique: IN5cOqAmMjy2Q-dFv1vueg-1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bdfv6GjlGmen2kmkcl1a8eLdAju90s5TIJjCc1dVeTJzQoJMqI4T9465hUqOrsuUgPcyDuigiNyNo3o3D8XeEE/V2UkWIYb1nDpobJ73j66ej75ZnRB46kXPUDtVaY+RqU0Z+aRQmKVAQKMNTapN9QA9sM/z98yiuYGA6ewDQlud1mEQGU4UkCQDIadwiVK/x5XcH1XIFOjsvAge7Jf9pvgWYrOQ/Q/SbMxwYV3v91VTbd8JDLLEHDnPyXv/ykFjvh1RIxplHW6CPVgVmKiJjEUmBV7X0RGO98wC5LJ6SopuMaNddYKphGzjjaove8PGg84BGc+rgCOKqPgLs4bWRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/zQjR5DK4NpJpp9HOOVnWEC0s4IqMWdnpI2ohv4rQYY=; b=g3Y9Cyvi9fPZatHO6l/TmxaZ9olv2u3YUpNdeEQi15HKA6MSv/B2LSMUaWqZt18J7OHu9yY8Lgrc9yZjKzSG19dikT2cBpfXbYhA5ZybVUbpVgNdOV9NCVCcrqUwKiLPpO1VFe3g5RIzHOp8ZowDy/6DkslYLK1GEGycG1FapqAD3u5xO1xQbLwqLiGXyGRM5M4aw3MWTp+wP6nnfJt/7heJYyB7dOIa9J32Zxgsqv4czCvySPf9T3dlhlNAp30Fv7XOr6ZuHnHXJf82cKMhHkq4o0CPZQOnP3BbAupOR3/Lp5BsYOOqEXhBQwATfEmUN/t4U9jbf02u5PsbMVtthw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com; Message-ID: Date: Mon, 11 Apr 2022 11:47:46 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.8.0 From: Jan Beulich Subject: [PATCH v4] IOMMU/x86: disallow device assignment to PoD guests To: "xen-devel@lists.xenproject.org" Cc: Andrew Cooper , Wei Liu , =?UTF-8?Q?Roger_Pau_Monn=c3=a9?= , George Dunlap , Paul Durrant , Tamas K Lengyel , Petre Pircalabu , Alexandru Isaila References: <6fe7b036-2bdb-b391-4e6c-1b5d7e05a119@suse.com> Content-Language: en-US In-Reply-To: <6fe7b036-2bdb-b391-4e6c-1b5d7e05a119@suse.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: AM6P191CA0017.EURP191.PROD.OUTLOOK.COM (2603:10a6:209:8b::30) To DU2PR04MB8616.eurprd04.prod.outlook.com (2603:10a6:10:2db::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: f4562962-5dc6-4466-6ad0-08da1ba0561b X-MS-TrafficTypeDiagnostic: AM6PR04MB4344:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: slBClve9IgrCZBX+LHNx9ZB0J2uFnYYzh5yJ1OC2XGmhNdUAQXqGpwCdZ1SsOmoCbVYrKM24/0qmyKkPDcvbQnan5NwY19uHJm+xGIbd0AnR5Y1ohHydWRyNdRWnd/gK2RQCXg780mjaS23bu2cUFr+nJeZQwYMsYqqoZ3D69wrceC4CgiTbjOZBLrSKu3J8mFaSK+U8ec6M2WaocrY1tEOQjEDetHnDyemNJTcHNSSzBzpij69LJgvdbLE7sDcQN9Sl3A8Yi9RydE2vjmtyy2QTyFkhFceTjensS7c1ZTJZBKKPMWQ8kxGqQaqiTALKo4C/Lsb6+BYvedPxTztfLMO5oiS10PbEIJmwrU1qidjmcj1044cbJzMEFoh4iO3UpTopbCxWDvt/vBW5QXXnRmzFn6bDpFLm+lYPpIEi+1A7hETMjQNNk64xf+FhxZecY7xyx377yZ1AxucHYkjoqFeBPLwwLf1DAbmknhyJ75vj/0Zt6/FzaWBnJylzpyboDL3ARCcFiNIGP3X+Zh/gpx7+kqPKQFho+77i8y+Te072GRchSJW6o2oewkC6FFcI0hJQCBoikM7T0XGyqgNtKURuLH0Kil8eJ63vFnSIReke2+02XCTQtj+EyThG+LubZtMJ/F9WkkT5lZvbaePx6Tmv9JVtbNwaQddAibiVNW06RKUuA2NV+bq16SYvKmCvS5GORzwJ1KNCdNl6Te9Fh802cpK+Tvii5EiK4G0/HPrDJrzxBhP4XX6AeI5hWu8T X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU2PR04MB8616.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(66476007)(66556008)(5660300002)(8676002)(66946007)(83380400001)(54906003)(6916009)(316002)(6486002)(31686004)(36756003)(8936002)(4326008)(508600001)(86362001)(31696002)(2906002)(38100700002)(6512007)(6506007)(26005)(186003)(2616005)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?RG8zaVFEQ2YwOENsdmRWbVp5UHhjWlNZamhqL2tGNUlDMURHNjlkNnNQRFhj?= =?utf-8?B?Y005QVErbFZndWpSOHNUY3UvU0F4OXFDNkdheHA2dDFUUXh6ZFppQnRpeUVh?= =?utf-8?B?T21YUDRaQVliVnQwVkNScXZ1aW9zOWpYQXVta2l2VmlOL0JjaGxEZTBqR25S?= =?utf-8?B?UDBnU2QrOFJUbzYrc3FncjNzeWNoZTA4dVhtRjlqcmpCdkRkZktKVDRHbk16?= =?utf-8?B?YlBPSForNGxBVHNxaVpoenhWNlB6bTZXOHBsYzUyN01ac3NkVS94RmFza2xo?= =?utf-8?B?dWFLVDVvbVdSbHVWQVR0TnFNVWJlMnlndVFCOTM4UGRpVzBGSktGN0xMOTM3?= =?utf-8?B?bys2NFYvMnphVkxzRFFXUnNCa2ZBZlhvbGcwZUUwZEpHZW1DY2lBS3libGVo?= =?utf-8?B?bng2R3JObUU5RnRIODJYYkxxZkRiUXZkOXFnYm4veXdkaWo1cy9CTkxLbjY3?= =?utf-8?B?cjZLTng4NUNFZWcxUW9zcGNSM2JDdTlHb3VQbnZaZGE0Wll0UWQwRlVKN2xE?= =?utf-8?B?MGNYcXUvQlpCcWUvYnJBT1VXMDlNNFE4UlYyS2FRRSswWHlQQTkzZ3JPRUNw?= =?utf-8?B?TGtJaldKU3NKWG9zU0MzU1d6cnNiemE2SFk3OStxSkYyc0RHcWR1ZGE5eDFx?= =?utf-8?B?b2FjeFYyd2VuN29UaWtCMXpSbHhXcFZqdmZwQ0wyZWprZ0ZTVWZzYlBmaTRy?= =?utf-8?B?aCsrNGRkajlVWWdVWm1Db05Xd25QMEJINWR2ZG9hdGFwSWhmRngzU0tZSlVk?= =?utf-8?B?eWpKT2JCZzRlNmhzRUdhNlVOWkxVbnNKZ3BMZUdzTXlweGpNWnlKWUZlRE5x?= =?utf-8?B?ZWhZdVJMZUlUVG91OFZYVVNzMVpUYmQ1RUJmdHNCcFV4MkZLM1E0a2p2dXZD?= =?utf-8?B?MWc2ek5xS3FJWDZHZDhiS2JnN21WeU56cUlBZEZDVnNXQXEwS1hlQ2tkYkgw?= =?utf-8?B?cmlicnU2OFQ0ZDJsVHYwT2M2c0c4Q2s2THRnV3pJbElzOVpqUlA1aS9YUUgy?= =?utf-8?B?K2s5cTlGSUlTdVhESFdybEpzYzdHMnVHWk5CYjJpcHVwZHFBQkhIMGxtWHd4?= =?utf-8?B?Rk5OMEpVMWxWMi9YQWtVUjNUdEhlWHdqRVlBNmhlQm9kNjJSQUk0WkJ0VWFG?= =?utf-8?B?UklhVlI3MEVTMGo2dkwrZVROeW52UnhHNHkveThzcVUrazZXd0RkQW9aVEJU?= =?utf-8?B?bHZnWXdwbmhEc0FUekF1bDhsa2Q2WjMra08zSEpLWWdyekplTVV4R1NvcGRk?= =?utf-8?B?dWVzKzJhSlFqbTRSREd0MFplVWNkL2Q3SmgzR01WdEtLMHNjUUdjQ2QxR01W?= =?utf-8?B?UUdPZDd6UGk5TFdhQzRadmdhZ0tLdHFvcTVDV1ZnTTl5cVNWQklYQ2NUTUFO?= =?utf-8?B?VWlJQW5rRzRNcEFKdG5yK0pWTUpOdjk3Q0tUMXFCS2NBM1MzZFk4ZjFZelNO?= =?utf-8?B?KzJ0VWJsS3BEaEVXWlJlNTlFbU94UkVEVkdlMUhmUThxUlJxcVJ6akI5dUJs?= =?utf-8?B?SFFtTWNia0lUdlZYWHVpOGc3d0FDZ216cHhWZUdtdlczWXp6MDc5T0JzQzNi?= =?utf-8?B?YVFKbERDUVFiRnZRVDg4cFRDUGpHY3RwbDFiQkJBdG1RalNtYWpRcjhsZGd5?= =?utf-8?B?Mi90SlpGaEllOXlhTC9qQm5samRqZXZiWnZDcDN4UVRGMzJHN3QwMHBqdmNV?= =?utf-8?B?N2w1S3VqNFc5emQwcHRsUjh3V3poUFlLeExoNHNKSVZCbm56TnhDZlVaOXZI?= =?utf-8?B?ai9CYTZMYkFPY2VIVjVydlhtbk10Wi8yMHhhQVdydzlpdGU4UllvQTViYnlG?= =?utf-8?B?QWxra1FLYWRoa0dMdUtTMktBbmg3L2hFLytnd1JUUTRIWkViN2t0SXJCaWg2?= =?utf-8?B?c1pzVlN5aXFISWRCY0lqeHgwdUZYbDJOYURIM1k2U3IvME9qN3UzVlVUbk9I?= =?utf-8?B?elloY2xnbGxtdDE4emJLWmN4MjNEdm8rMUhQMjI5OW9sZzNvQnhaZ3IyQTFN?= =?utf-8?B?bFR4ZDFEenVoM2Y1UXRrS2NuV2lpWk1hQkJZYldmbWh5OG9WUFp6amJIUER5?= =?utf-8?B?MjVLNlpSbEVuajhqSzNZa2dPd1p4VHkrbnZ4N2lVdXRwR1RVZlFxS3pDUlB1?= =?utf-8?B?aEFtb3pBVitHcmluTXBWckJFMkVCTjBwcFN3MWhyVE5JN3dJOUVoalBNMFVH?= =?utf-8?B?b2RReVVFU1k4Y1loUlBYTU5ST3phS2RQaTFlNk1ubjQ1UTZwWVBoV3pvZTQ2?= =?utf-8?B?NGlCYURzakJIM25DWlFnLy9aVFFIMHZSWXRRazlxemdwNjVLbmk2QnR3MFRu?= =?utf-8?B?RENJUVl1N3k2dFROb0s1ZVVBb1ZCbms3M1Rzc3c4N3R1Nks0dzZQUT09?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: f4562962-5dc6-4466-6ad0-08da1ba0561b X-MS-Exchange-CrossTenant-AuthSource: DU2PR04MB8616.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Apr 2022 09:47:48.1107 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 5/kJ9tvtbjfaN3OP1n+92fTlo8bSccdVqw1/ZJvTVHjJ8c8yu9yZD2L1lwqVlTSFghgWH8PY9mNpP5KS8Bu/kg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR04MB4344 X-ZohoMail-DKIM: pass (identity @suse.com) X-ZM-MESSAGEID: 1649670512435100001 Content-Type: text/plain; charset="utf-8" While it is okay for IOMMU page tables to be set up for guests starting in PoD mode, actual device assignment may only occur once all PoD entries have been removed from the P2M. So far this was enforced only for boot-time assignment, and only in the tool stack. Also use the new function to replace p2m_pod_entry_count(): Its unlocked access to p2m->pod.entry_count wasn't really okay (irrespective of the result being stale by the time the caller gets to see it). Nor was the use of that function in line with the immediately preceding comment: A PoD guest isn't just one with a non-zero entry count, but also one with a non-empty cache (e.g. prior to actually launching the guest). To allow the tool stack to see a consistent snapshot of PoD state, move the tail of XENMEM_{get,set}_pod_target handling into a function, adding proper locking there. In libxl take the liberty to use the new local variable r also for a pre-existing call into libxc. Signed-off-by: Jan Beulich Reviewed-by: Roger Pau Monn=C3=A9 --- If p2m->pod.entry_count =3D=3D p2m->pod.count it is in principle possible to permit device assignment by actively resolving all remaining PoD entries. Initially I thought this was introduced by f89f555827a6 ("remove late (on-demand) construction of IOMMU page tables"), but without arch_iommu_use_permitted() checking for PoD I think the issue has been there before that. --- v4: Drop tool stack side change (superseded by 07449ecfa425). Extend VM event related paragraph of description. v3: In p2m_pod_set_mem_target() move check down. v2: New. --- a/xen/arch/x86/mm/p2m-pod.c +++ b/xen/arch/x86/mm/p2m-pod.c @@ -20,6 +20,7 @@ */ =20 #include +#include #include #include #include @@ -360,7 +361,10 @@ p2m_pod_set_mem_target(struct domain *d, =20 ASSERT( pod_target >=3D p2m->pod.count ); =20 - ret =3D p2m_pod_set_cache_target(p2m, pod_target, 1/*preemptible*/); + if ( has_arch_pdevs(d) || cache_flush_permitted(d) ) + ret =3D -ENOTEMPTY; + else + ret =3D p2m_pod_set_cache_target(p2m, pod_target, 1/*preemptible*/= ); =20 out: pod_unlock(p2m); @@ -368,6 +372,23 @@ out: return ret; } =20 +void p2m_pod_get_mem_target(const struct domain *d, xen_pod_target_t *targ= et) +{ + struct p2m_domain *p2m =3D p2m_get_hostp2m(d); + + ASSERT(is_hvm_domain(d)); + + pod_lock(p2m); + lock_page_alloc(p2m); + + target->tot_pages =3D domain_tot_pages(d); + target->pod_cache_pages =3D p2m->pod.count; + target->pod_entries =3D p2m->pod.entry_count; + + unlock_page_alloc(p2m); + pod_unlock(p2m); +} + int p2m_pod_empty_cache(struct domain *d) { struct p2m_domain *p2m =3D p2m_get_hostp2m(d); @@ -1391,6 +1412,9 @@ guest_physmap_mark_populate_on_demand(st if ( !paging_mode_translate(d) ) return -EINVAL; =20 + if ( has_arch_pdevs(d) || cache_flush_permitted(d) ) + return -ENOTEMPTY; + do { rc =3D mark_populate_on_demand(d, gfn, chunk_order); =20 @@ -1412,3 +1436,20 @@ void p2m_pod_init(struct p2m_domain *p2m for ( i =3D 0; i < ARRAY_SIZE(p2m->pod.mrp.list); ++i ) p2m->pod.mrp.list[i] =3D gfn_x(INVALID_GFN); } + +bool p2m_pod_active(const struct domain *d) +{ + struct p2m_domain *p2m; + bool res; + + if ( !is_hvm_domain(d) ) + return false; + + p2m =3D p2m_get_hostp2m(d); + + pod_lock(p2m); + res =3D p2m->pod.entry_count | p2m->pod.count; + pod_unlock(p2m); + + return res; +} --- a/xen/arch/x86/mm.c +++ b/xen/arch/x86/mm.c @@ -4804,7 +4804,6 @@ long arch_memory_op(unsigned long cmd, X { xen_pod_target_t target; struct domain *d; - struct p2m_domain *p2m; =20 if ( copy_from_guest(&target, arg, 1) ) return -EFAULT; @@ -4835,10 +4834,7 @@ long arch_memory_op(unsigned long cmd, X } else if ( rc >=3D 0 ) { - p2m =3D p2m_get_hostp2m(d); - target.tot_pages =3D domain_tot_pages(d); - target.pod_cache_pages =3D p2m->pod.count; - target.pod_entries =3D p2m->pod.entry_count; + p2m_pod_get_mem_target(d, &target); =20 if ( __copy_to_guest(arg, &target, 1) ) rc =3D -EFAULT; --- a/xen/common/vm_event.c +++ b/xen/common/vm_event.c @@ -639,7 +639,7 @@ int vm_event_domctl(struct domain *d, st =20 rc =3D -EXDEV; /* Disallow paging in a PoD guest */ - if ( p2m_pod_entry_count(p2m_get_hostp2m(d)) ) + if ( p2m_pod_active(d) ) break; =20 /* domain_pause() not required here, see XSA-99 */ --- a/xen/drivers/passthrough/x86/iommu.c +++ b/xen/drivers/passthrough/x86/iommu.c @@ -513,11 +513,12 @@ bool arch_iommu_use_permitted(const stru { /* * Prevent device assign if mem paging, mem sharing or log-dirty - * have been enabled for this domain. + * have been enabled for this domain, or if PoD is still in active use. */ return d =3D=3D dom_io || (likely(!mem_sharing_enabled(d)) && likely(!mem_paging_enabled(d)) && + likely(!p2m_pod_active(d)) && likely(!p2m_is_global_logdirty(d))); } =20 --- a/xen/arch/x86/include/asm/p2m.h +++ b/xen/arch/x86/include/asm/p2m.h @@ -701,6 +701,12 @@ int p2m_pod_empty_cache(struct domain *d * domain matches target */ int p2m_pod_set_mem_target(struct domain *d, unsigned long target); =20 +/* Obtain a consistent snapshot of PoD related domain state. */ +void p2m_pod_get_mem_target(const struct domain *d, xen_pod_target_t *targ= et); + +/* Check whether PoD is (still) active in a domain. */ +bool p2m_pod_active(const struct domain *d); + /* Scan pod cache when offline/broken page triggered */ int p2m_pod_offline_or_broken_hit(struct page_info *p); @@ -709,11 +715,6 @@ p2m_pod_offline_or_broken_hit(struct pag void p2m_pod_offline_or_broken_replace(struct page_info *p); =20 -static inline long p2m_pod_entry_count(const struct p2m_domain *p2m) -{ - return p2m->pod.entry_count; -} - #else =20 static inline bool @@ -727,6 +728,11 @@ static inline int p2m_pod_empty_cache(st return 0; } =20 +static inline bool p2m_pod_active(const struct domain *d) +{ + return false; +} + static inline int p2m_pod_offline_or_broken_hit(struct page_info *p) { return 0; @@ -737,11 +743,6 @@ static inline void p2m_pod_offline_or_br ASSERT_UNREACHABLE(); } =20 -static inline long p2m_pod_entry_count(const struct p2m_domain *p2m) -{ - return 0; -} - #endif