bitkeeper revision 1.1326 (42650a788JSw9ebwfL7C9aWTza0ZlA)

Address space reorganization.

Intention is to have largely the same memory layout
in both PAE and non-PAE mode, so I moved the
fixed-size stuff to the top, followed by the
variable-sized stuff (frametable and linear page
tables), and the domain-accessable machine-phys-table
at the bottom.

Signed-off-by: Gerd Knorr <kraxel@bytesex.org>
Signed-off-by: Keir Fraser <keir@xensource.com>

diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c
index 48acad9e999ac6d50e4ea01c6316664a0297cd38..4bfe7bacd22f04109d6406383ee13a8521fb3c77 100644 (file)
--- a/xen/arch/x86/mm.c
+++ b/xen/arch/x86/mm.c
@@ -1634,7 +1634,6 @@ int do_mmuext_op(
         {
             if ( shadow_mode_external(d) )
             {
-                // ignore this request from an external domain...
                 MEM_LOG("ignoring SET_LDT hypercall from external "
                         "domain %u\n", d->id);
                 okay = 0;
@@ -1645,8 +1644,7 @@ int do_mmuext_op(
             unsigned long ents = op.nr_ents;
             if ( ((ptr & (PAGE_SIZE-1)) != 0) || 
                  (ents > 8192) ||
-                 ((ptr+ents*LDT_ENTRY_SIZE) < ptr) ||
-                 ((ptr+ents*LDT_ENTRY_SIZE) > PAGE_OFFSET) )
+                 !array_access_ok(VERIFY_READ, ptr, ents, LDT_ENTRY_SIZE) )
             {
                 okay = 0;
                 MEM_LOG("Bad args to SET_LDT: ptr=%p, ents=%p", ptr, ents);

diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 97d206ccd310ea4c3aeffef6d87f49da44c20c6c..39a93641ef4616279736887cd06db847e63991ce 100644 (file)
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -268,8 +268,6 @@ asmlinkage int do_page_fault(struct xen_regs *regs)
 
     DEBUGGER_trap_entry(TRAP_page_fault, regs);
 
-    //printk("do_page_fault(eip=%p, va=%p, code=%d)\n", regs->eip, addr, regs->error_code);
-
     perfc_incrc(page_faults);
 
     if ( likely(VM_ASSIST(d, VMASST_TYPE_writable_pagetables)) )
@@ -284,7 +282,7 @@ asmlinkage int do_page_fault(struct xen_regs *regs)
             return EXCRET_fault_fixed;
         }
 
-        if ( (addr < PAGE_OFFSET) &&
+        if ( (addr < HYPERVISOR_VIRT_START) &&
              ((regs->error_code & 3) == 3) && /* write-protection fault */
              ptwr_do_page_fault(d, addr) )
         {
@@ -1100,13 +1098,6 @@ long do_set_trap_table(trap_info_t *traps)
 }
 
 
-#if defined(__i386__)
-#define DB_VALID_ADDR(_a) \
-    ((_a) <= (PAGE_OFFSET - 4))
-#elif defined(__x86_64__)
-#define DB_VALID_ADDR(_a) \
-    ((_a) >= HYPERVISOR_VIRT_END) || ((_a) <= (HYPERVISOR_VIRT_START-8))
-#endif
 long set_debugreg(struct exec_domain *p, int reg, unsigned long value)
 {
     int i;
@@ -1114,22 +1105,26 @@ long set_debugreg(struct exec_domain *p, int reg, unsigned long value)
     switch ( reg )
     {
     case 0: 
-        if ( !DB_VALID_ADDR(value) ) return -EPERM;
+        if ( !access_ok(VERIFY_READ, value, sizeof(long)) )
+            return -EPERM;
         if ( p == current ) 
             __asm__ ( "mov %0, %%db0" : : "r" (value) );
         break;
     case 1: 
-        if ( !DB_VALID_ADDR(value) ) return -EPERM;
+        if ( !access_ok(VERIFY_READ, value, sizeof(long)) )
+            return -EPERM;
         if ( p == current ) 
             __asm__ ( "mov %0, %%db1" : : "r" (value) );
         break;
     case 2: 
-        if ( !DB_VALID_ADDR(value) ) return -EPERM;
+        if ( !access_ok(VERIFY_READ, value, sizeof(long)) )
+            return -EPERM;
         if ( p == current ) 
             __asm__ ( "mov %0, %%db2" : : "r" (value) );
         break;
     case 3:
-        if ( !DB_VALID_ADDR(value) ) return -EPERM;
+        if ( !access_ok(VERIFY_READ, value, sizeof(long)) )
+            return -EPERM;
         if ( p == current ) 
             __asm__ ( "mov %0, %%db3" : : "r" (value) );
         break;

diff --git a/xen/arch/x86/x86_32/mm.c b/xen/arch/x86/x86_32/mm.c
index c33758b69dfcf30c5bb13eaeb1f533fad4150249..686ad7ef0064bca4983a6de142a829b9568e2970 100644 (file)
--- a/xen/arch/x86/x86_32/mm.c
+++ b/xen/arch/x86/x86_32/mm.c
@@ -249,7 +249,7 @@ int check_descriptor(struct desc_struct *d)
     
     /* Check that base is at least a page away from Xen-private area. */
     base  = (b&(0xff<<24)) | ((b&0xff)<<16) | (a>>16);
-    if ( base >= (PAGE_OFFSET - PAGE_SIZE) )
+    if ( base >= (GUEST_SEGMENT_MAX_ADDR - PAGE_SIZE) )
         goto bad;
 
     /* Check and truncate the limit if necessary. */
@@ -282,9 +282,9 @@ int check_descriptor(struct desc_struct *d)
          *     limit == 0x00000 provides 4kB access (if G=1).
          */
         if ( ((base + limit) <= base) || 
-             ((base + limit) > PAGE_OFFSET) )
+             ((base + limit) > GUEST_SEGMENT_MAX_ADDR) )
         {
-            limit = PAGE_OFFSET - base;
+            limit = GUEST_SEGMENT_MAX_ADDR - base;
         truncate:
             if ( !(b & _SEGMENT_G) )
                 goto bad; /* too dangerous; too hard to work out... */

diff --git a/xen/arch/x86/x86_32/seg_fixup.c b/xen/arch/x86/x86_32/seg_fixup.c
index 8c3d2a5d5205f806bfafb968b0e5ebb583cb05aa..b9ed3f7ece562e04acb2524845a69b8806fc6a32 100644 (file)
--- a/xen/arch/x86/x86_32/seg_fixup.c
+++ b/xen/arch/x86/x86_32/seg_fixup.c
@@ -145,7 +145,7 @@ int get_baselimit(u16 seg, unsigned long *base, unsigned long *limit)
      * Anything that looks like a truncated segment we assume ought really
      * to be a 4GB segment. DANGER!
      */
-    if ( (PAGE_OFFSET - (*base + *limit)) < PAGE_SIZE )
+    if ( (GUEST_SEGMENT_MAX_ADDR - (*base + *limit)) < PAGE_SIZE )
         *limit = 0;
 
     return 1;
@@ -226,14 +226,14 @@ int fixup_seg(u16 seg, unsigned long offset)
         if ( ((base + limit) < PAGE_SIZE) && (offset <= limit)  )
         {
             /* Flip to expands-up. */
-            limit = PAGE_OFFSET - base;
+            limit = GUEST_SEGMENT_MAX_ADDR - base;
             goto flip;
         }
     }
     else
     {
         /* Expands-up: All the way to Xen space? Assume 4GB if so. */
-        if ( ((PAGE_OFFSET - (base + limit)) < PAGE_SIZE) &&
+        if ( ((GUEST_SEGMENT_MAX_ADDR - (base + limit)) < PAGE_SIZE) &&
              (offset > limit) )
         {
             /* Flip to expands-down. */

diff --git a/xen/arch/x86/x86_32/xen.lds b/xen/arch/x86/x86_32/xen.lds
index 604b0e62110bb20d8ce4814d38361db76192ba2f..fec62dbf2405dec9ecc1fe1f24214395e4d53ec6 100644 (file)
--- a/xen/arch/x86/x86_32/xen.lds
+++ b/xen/arch/x86/x86_32/xen.lds
@@ -11,7 +11,7 @@ PHDRS
 }
 SECTIONS
 {
-  . = 0xFC400000 + 0x100000;
+  . = 0xFF000000 + 0x100000;
   _text = .;                   /* Text and read-only data */
   .text : {
        *(.text)

diff --git a/xen/include/asm-x86/config.h b/xen/include/asm-x86/config.h
index c7957634885677c7ed89da8458b3bdd32b4aaba9..4a85112244dae669679832982e7ec1e30de3fd40 100644 (file)
--- a/xen/include/asm-x86/config.h
+++ b/xen/include/asm-x86/config.h
@@ -216,12 +216,71 @@ extern void __out_of_line_bug(int line) __attribute__((noreturn));
 
 #define asmlinkage __attribute__((regparm(0)))
 
-#define XENHEAP_DEFAULT_MB (12)
-#define DIRECTMAP_PHYS_END (12*1024*1024)
+/*
+ * Memory layout (high to low):                          SIZE   PAE-SIZE
+ *                                                       ------ ------
+ *  I/O remapping area                                   ( 4MB)
+ *  Direct-map (1:1) area [Xen code/data/heap]           (12MB)
+ *  map_domain_mem cache                                 ( 4MB)
+ *  Per-domain mappings                                  ( 4MB)
+ *  Shadow linear pagetable                              ( 4MB) ( 8MB)
+ *  Guest linear pagetable                               ( 4MB) ( 8MB)
+ *  Machine-to-physical translation table [writable]     ( 4MB)
+ *  Frame-info table                                     (24MB) (96MB)
+ *   * Start of guest inaccessible area
+ *  Machine-to-physical translation table [read-only]    ( 4MB)
+ *   * Start of guest unmodifiable area
+ */
+
+#define IOREMAP_MBYTES           4
+#define DIRECTMAP_MBYTES        12
+#define MAPCACHE_MBYTES          4
+#define PERDOMAIN_MBYTES         4
+
+#ifdef CONFIG_X86_PAE
+# define LINEARPT_MBYTES         8
+# define MACHPHYS_MBYTES         4 /* KAF: This needs to be bigger */
+# define FRAMETABLE_MBYTES     96 /* 16 GB mem limit (total)      */
+#else
+# define LINEARPT_MBYTES         4
+# define MACHPHYS_MBYTES         4
+# define FRAMETABLE_MBYTES      24
+#endif
 
+#define IOREMAP_VIRT_END       0UL
+#define IOREMAP_VIRT_START     (IOREMAP_VIRT_END - (IOREMAP_MBYTES<<20))
+#define DIRECTMAP_VIRT_END     IOREMAP_VIRT_START
+#define DIRECTMAP_VIRT_START   (DIRECTMAP_VIRT_END - (DIRECTMAP_MBYTES<<20))
+#define MAPCACHE_VIRT_END      DIRECTMAP_VIRT_START
+#define MAPCACHE_VIRT_START    (MAPCACHE_VIRT_END - (MAPCACHE_MBYTES<<20))
+#define PERDOMAIN_VIRT_END     MAPCACHE_VIRT_START
+#define PERDOMAIN_VIRT_START   (PERDOMAIN_VIRT_END - (PERDOMAIN_MBYTES<<20))
+#define SH_LINEAR_PT_VIRT_END  PERDOMAIN_VIRT_START
+#define SH_LINEAR_PT_VIRT_START        (SH_LINEAR_PT_VIRT_END - (LINEARPT_MBYTES<<20))
+#define LINEAR_PT_VIRT_END     SH_LINEAR_PT_VIRT_START
+#define LINEAR_PT_VIRT_START   (LINEAR_PT_VIRT_END - (LINEARPT_MBYTES<<20))
+#define RDWR_MPT_VIRT_END      LINEAR_PT_VIRT_START
+#define RDWR_MPT_VIRT_START    (RDWR_MPT_VIRT_END - (MACHPHYS_MBYTES<<20))
+#define FRAMETABLE_VIRT_END    RDWR_MPT_VIRT_START
+#define FRAMETABLE_VIRT_START  (FRAMETABLE_VIRT_END - (FRAMETABLE_MBYTES<<20))
+#define RO_MPT_VIRT_END                FRAMETABLE_VIRT_START
+#define RO_MPT_VIRT_START      (RO_MPT_VIRT_END - (MACHPHYS_MBYTES<<20))
+
+#define XENHEAP_DEFAULT_MB     (DIRECTMAP_MBYTES)
+#define DIRECTMAP_PHYS_END     (DIRECTMAP_MBYTES<<20)
+
+/* Maximum linear address accessible via guest memory segments. */
+#define GUEST_SEGMENT_MAX_ADDR  RO_MPT_VIRT_END
+
+#ifdef CONFIG_X86_PAE
+/* Hypervisor owns top 144MB of virtual address space. */
+# define __HYPERVISOR_VIRT_START  0xF7000000
+# define HYPERVISOR_VIRT_START   (0xF7000000UL)
+#else
 /* Hypervisor owns top 64MB of virtual address space. */
-#define __HYPERVISOR_VIRT_START  0xFC000000
-#define HYPERVISOR_VIRT_START   (0xFC000000UL)
+# define __HYPERVISOR_VIRT_START  0xFC000000
+# define HYPERVISOR_VIRT_START   (0xFC000000UL)
+#endif
 
 #define ROOT_PAGETABLE_FIRST_XEN_SLOT \
     (HYPERVISOR_VIRT_START >> L2_PAGETABLE_SHIFT)
@@ -230,37 +289,6 @@ extern void __out_of_line_bug(int line) __attribute__((noreturn));
 #define ROOT_PAGETABLE_XEN_SLOTS \
     (ROOT_PAGETABLE_LAST_XEN_SLOT - ROOT_PAGETABLE_FIRST_XEN_SLOT + 1)
 
-/*
- * First 4MB are mapped read-only for all. It's for the machine->physical
- * mapping table (MPT table). The following are virtual addresses.
- */
-#define RO_MPT_VIRT_START     (HYPERVISOR_VIRT_START)
-#define RO_MPT_VIRT_END       (RO_MPT_VIRT_START + (4*1024*1024))
-/* Xen heap extends to end of 1:1 direct-mapped memory region. */
-#define DIRECTMAP_VIRT_START  (RO_MPT_VIRT_END)
-#define DIRECTMAP_VIRT_END    (DIRECTMAP_VIRT_START + DIRECTMAP_PHYS_END)
-/* Machine-to-phys conversion table. */
-#define RDWR_MPT_VIRT_START   (DIRECTMAP_VIRT_END)
-#define RDWR_MPT_VIRT_END     (RDWR_MPT_VIRT_START + (4*1024*1024))
-/* Variable-length page-frame information array. */
-#define FRAMETABLE_VIRT_START (RDWR_MPT_VIRT_END)
-#define FRAMETABLE_VIRT_END   (FRAMETABLE_VIRT_START + (24*1024*1024))
-/* Next 4MB of virtual address space is used as a linear p.t. mapping. */
-#define LINEAR_PT_VIRT_START  (FRAMETABLE_VIRT_END)
-#define LINEAR_PT_VIRT_END    (LINEAR_PT_VIRT_START + (4*1024*1024))
-/* Next 4MB of virtual address space is used as a shadow linear p.t. map. */
-#define SH_LINEAR_PT_VIRT_START (LINEAR_PT_VIRT_END)
-#define SH_LINEAR_PT_VIRT_END (SH_LINEAR_PT_VIRT_START + (4*1024*1024))
-/* Next 4MB of virtual address space used for per-domain mappings (eg. GDT). */
-#define PERDOMAIN_VIRT_START  (SH_LINEAR_PT_VIRT_END)
-#define PERDOMAIN_VIRT_END    (PERDOMAIN_VIRT_START + (4*1024*1024))
-/* Penultimate 4MB of virtual address space used for domain page mappings. */
-#define MAPCACHE_VIRT_START   (PERDOMAIN_VIRT_END)
-#define MAPCACHE_VIRT_END     (MAPCACHE_VIRT_START + (4*1024*1024))
-/* Final 4MB of virtual address space used for ioremap(). */
-#define IOREMAP_VIRT_START    (MAPCACHE_VIRT_END)
-#define IOREMAP_VIRT_END      (IOREMAP_VIRT_START + (4*1024*1024))
-
 #define PGT_base_page_table PGT_l2_page_table
 
 #define __HYPERVISOR_CS 0x0808

diff --git a/xen/include/asm-x86/x86_32/page.h b/xen/include/asm-x86/x86_32/page.h
index 90bd6a3c95bab99debb652ab868fa2a9ca582cfc..d03a220abe73fd9c39049884c63a36b4e178239d 100644 (file)
--- a/xen/include/asm-x86/x86_32/page.h
+++ b/xen/include/asm-x86/x86_32/page.h
@@ -12,7 +12,7 @@
 #define L2_PAGETABLE_ENTRIES    (1<<PAGETABLE_ORDER)
 #define ROOT_PAGETABLE_ENTRIES  L2_PAGETABLE_ENTRIES
 
-#define __PAGE_OFFSET           (0xFC400000)
+#define __PAGE_OFFSET           (0xFF000000)
 
 #define PADDR_BITS              32
 #define VADDR_BITS              32