From 13f2a6e868d5c27331eac1fa229b8fa90daad3ac Mon Sep 17 00:00:00 2001 From: "kaf24@firebug.cl.cam.ac.uk" Date: Wed, 2 Nov 2005 19:12:30 +0100 Subject: [PATCH] Fix map_domain_page() by reverting a bogus simplification that I committed in changeset 5303:d68bc64e2cfe38a85483a8c5d349b4ee45e91fb9 This fixes some very weird and nasty Xen crashes. Signed-off-by: Keir Fraser --- xen/arch/x86/x86_32/domain_page.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/xen/arch/x86/x86_32/domain_page.c b/xen/arch/x86/x86_32/domain_page.c index 6bec96bc87..7b091d9869 100644 --- a/xen/arch/x86/x86_32/domain_page.c +++ b/xen/arch/x86/x86_32/domain_page.c @@ -27,6 +27,19 @@ l1_pgentry_t *mapcache; static unsigned int map_idx, epoch, shadow_epoch[NR_CPUS]; static spinlock_t map_lock = SPIN_LOCK_UNLOCKED; +/* Use a spare PTE bit to mark entries ready for recycling. */ +#define READY_FOR_TLB_FLUSH (1<<10) + +static void flush_all_ready_maps(void) +{ + l1_pgentry_t *cache = mapcache; + unsigned int i; + + for ( i = 0; i < MAPCACHE_ENTRIES; i++ ) + if ( (l1e_get_flags(cache[i]) & READY_FOR_TLB_FLUSH) ) + cache[i] = l1e_empty(); +} + void *map_domain_page(unsigned long pfn) { unsigned long va; @@ -54,6 +67,7 @@ void *map_domain_page(unsigned long pfn) if ( unlikely(idx == 0) ) { ASSERT(flush_count++ == 0); + flush_all_ready_maps(); perfc_incrc(domain_page_tlb_flush); local_flush_tlb(); shadow_epoch[cpu] = ++epoch; @@ -75,5 +89,5 @@ void unmap_domain_page(void *va) ASSERT((void *)MAPCACHE_VIRT_START <= va); ASSERT(va < (void *)MAPCACHE_VIRT_END); idx = ((unsigned long)va - MAPCACHE_VIRT_START) >> PAGE_SHIFT; - mapcache[idx] = l1e_empty(); + l1e_add_flags(mapcache[idx], READY_FOR_TLB_FLUSH); } -- 2.30.2