x86/altp2m: use __get_gfn_type_access to avoid lock conflicts

Use __get_gfn_type_access instead of get_gfn_type_access when checking
the hostp2m entries during altp2m mem_access setting and gfn remapping
to avoid a lock conflict which can make dom0 freeze. During mem_access
setting the hp2m is already locked. For gfn remapping we change the flow
to lock the hp2m before locking the ap2m.

Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
Reviewed-by: Razvan Cojocaru <rcojocaru@bitdefender.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Acked-by: George Dunlap <george.dunlap@citrix.com>

diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index 27f9d26d9c1ec91b05470b6bfb6e427ce4e3a471..7d14c3bac68c7aadb4031fe9e399559b566a12e5 100644 (file)
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -1769,8 +1769,8 @@ int p2m_set_altp2m_mem_access(struct domain *d, struct p2m_domain *hp2m,
     if ( !mfn_valid(mfn) )
     {
 
-        mfn = get_gfn_type_access(hp2m, gfn_l, &t, &old_a,
-                                  P2M_ALLOC | P2M_UNSHARE, &page_order);
+        mfn = __get_gfn_type_access(hp2m, gfn_l, &t, &old_a,
+                                    P2M_ALLOC | P2M_UNSHARE, &page_order, 0);
 
         rc = -ESRCH;
         if ( !mfn_valid(mfn) || t != p2m_ram_rw )
@@ -2530,6 +2530,7 @@ int p2m_change_altp2m_gfn(struct domain *d, unsigned int idx,
     hp2m = p2m_get_hostp2m(d);
     ap2m = d->arch.altp2m_p2m[idx];
 
+    p2m_lock(hp2m);
     p2m_lock(ap2m);
 
     mfn = ap2m->get_entry(ap2m, gfn_x(old_gfn), &t, &a, 0, NULL, NULL);
@@ -2545,8 +2546,8 @@ int p2m_change_altp2m_gfn(struct domain *d, unsigned int idx,
     /* Check host p2m if no valid entry in alternate */
     if ( !mfn_valid(mfn) )
     {
-        mfn = get_gfn_type_access(hp2m, gfn_x(old_gfn), &t, &a,
-                                  P2M_ALLOC | P2M_UNSHARE, &page_order);
+        mfn = __get_gfn_type_access(hp2m, gfn_x(old_gfn), &t, &a,
+                                    P2M_ALLOC | P2M_UNSHARE, &page_order, 0);
 
         if ( !mfn_valid(mfn) || t != p2m_ram_rw )
             goto out;
@@ -2588,6 +2589,7 @@ int p2m_change_altp2m_gfn(struct domain *d, unsigned int idx,
 
  out:
     p2m_unlock(ap2m);
+    p2m_unlock(hp2m);
     return rc;
 }