From b42db2ecdfe87674ad7544840d5e5f0bd7516135 Mon Sep 17 00:00:00 2001
From: Keir Fraser <keir.fraser@citrix.com>
Date: Mon, 15 Sep 2008 11:34:42 +0100
Subject: [PATCH] x86, shadow: Allow removing writable mappings from splintered
 page tables.

The moving of the pagetable mapping in the linux kernel exposed the
fact that under the linux kernel sh_rm_write_access_from_sl1p was
always failing.

Linux seems to use big pages to access page tables, so we should
instruct the shadow code to be able to remove writable mappings from
splintered pagetables as well, avoiding using OS heuristic (which were
failing in 2.6.27 before George patch, leading to brute-force search
at each resync).

Signed-off-by: Gianluca Guida <gianluca.guida@eu.citrix.com>
---
 xen/arch/x86/mm/shadow/common.c | 11 +++++++----
 xen/arch/x86/mm/shadow/multi.c  |  3 ++-
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/xen/arch/x86/mm/shadow/common.c b/xen/arch/x86/mm/shadow/common.c
index 124b89bd9a..d497bded8d 100644
--- a/xen/arch/x86/mm/shadow/common.c
+++ b/xen/arch/x86/mm/shadow/common.c
@@ -2464,22 +2464,25 @@ int sh_remove_write_access_from_sl1p(struct vcpu *v, mfn_t gmfn,
     ASSERT(mfn_valid(smfn));
     ASSERT(mfn_valid(gmfn));
     
-    if ( sp->type == SH_type_l1_32_shadow )
+    if ( sp->type == SH_type_l1_32_shadow
+         || sp->type == SH_type_fl1_32_shadow )
     {
         return SHADOW_INTERNAL_NAME(sh_rm_write_access_from_sl1p,2)
             (v, gmfn, smfn, off);
     }
 #if CONFIG_PAGING_LEVELS >= 3
-    else if ( sp->type == SH_type_l1_pae_shadow )
+    else if ( sp->type == SH_type_l1_pae_shadow
+              || sp->type == SH_type_fl1_pae_shadow )
         return SHADOW_INTERNAL_NAME(sh_rm_write_access_from_sl1p,3)
             (v, gmfn, smfn, off);
 #if CONFIG_PAGING_LEVELS >= 4
-    else if ( sp->type == SH_type_l1_64_shadow )
+    else if ( sp->type == SH_type_l1_64_shadow
+              || sp->type == SH_type_fl1_64_shadow )
         return SHADOW_INTERNAL_NAME(sh_rm_write_access_from_sl1p,4)
             (v, gmfn, smfn, off);
 #endif
 #endif
-    
+
     return 0;
 }
 #endif 
diff --git a/xen/arch/x86/mm/shadow/multi.c b/xen/arch/x86/mm/shadow/multi.c
index 2bdc1681cb..f3ac8bfc39 100644
--- a/xen/arch/x86/mm/shadow/multi.c
+++ b/xen/arch/x86/mm/shadow/multi.c
@@ -4539,7 +4539,8 @@ int sh_rm_write_access_from_sl1p(struct vcpu *v, mfn_t gmfn,
     sp = mfn_to_shadow_page(smfn);
 
     if ( sp->mbz != 0
-         || (sp->type != SH_type_l1_shadow) )
+         || (sp->type != SH_type_l1_shadow
+             && sp->type != SH_type_fl1_shadow) )
         goto fail;
 
     sl1p = sh_map_domain_page(smfn);
-- 
2.30.2