xen/arm: p2m: Restrict preemption check in apply_p2m_changes

The commit 569fb6c "xen/arm: Data abort exception (R/W) mem_access
events" makes apply_p2m_changes to call hypercall_preempt_check for any
operation rather than for relinquish.

The function hypercall_preempt_check call local_events_need_delivery
which rely on the current VCPU is not an idle VCPU.
Although, during DOM0 building the current VCPU is an idle one. This
would make Xen crash with the following stack trace:

(XEN) CPU0: Unexpected Trap: Data Abort
[...]
(XEN) Xen call trace:
(XEN)    [<00256ef4>] apply_p2m_changes+0x210/0x1190 (PC)
(XEN)    [<002506b4>] gic_events_need_delivery+0x5c/0x13c (LR)
(XEN)    [<002580ec>] map_mmio_regions+0x64/0x74
(XEN)    [<00251958>] gicv2v_setup+0xf8/0x150
(XEN)    [<00250964>] gicv_setup+0x20/0x30
(XEN)    [<0024cb3c>] arch_domain_create+0x170/0x244
(XEN)    [<00207df0>] domain_create+0x2ac/0x4d8
(XEN)    [<0028e3d0>] start_xen+0xcbc/0xee4
(XEN)    [<00200540>] paging+0x94/0xd8
(XEN)
(XEN)
(XEN) ****************************************
(XEN) Panic on CPU 0:
(XEN) CPU0: Unexpected Trap: Data Abort
(XEN)
(XEN) ****************************************

hypercall_preempt_check is expecting to be call only when the current
VCPU belong to a real domain (see x86 behavior).

As the bug prevents Xen booting on some platform, fix it by only check
preemption when the current VCPU is an idle one for now. We could
improve it later.

Reported-by: Riku Voipio <riku.voipio@linaro.org>
Signed-off-by: Julien Grall <julien.grall@citrix.com>
CC: Tamas K Lengyel <tklengyel@sec.in.tum.de>
Acked-by: Ian Campbell <ian.campbell@citrix.com>

diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
index 65efa949e564c68525c8684794cf3fef1db11420..59dd23a7f16125689ec88b79f32d0dafdc64f87e 100644 (file)
--- a/xen/arch/arm/p2m.c
+++ b/xen/arch/arm/p2m.c
@@ -948,6 +948,7 @@ static int apply_p2m_changes(struct domain *d,
     const unsigned long sgfn = paddr_to_pfn(start_gpaddr),
                         egfn = paddr_to_pfn(end_gpaddr);
     const unsigned int preempt_count_limit = (op == MEMACCESS) ? 1 : 0x2000;
+    const bool_t preempt = !is_idle_vcpu(current);
     bool_t flush = false;
     bool_t flush_pt;
 
@@ -980,7 +981,8 @@ static int apply_p2m_changes(struct domain *d,
          * always make at least one pass as long as preempt_count_limit is
          * initialized with a value >= 1.
          */
-        if ( count >= preempt_count_limit && hypercall_preempt_check() )
+        if ( preempt && count >= preempt_count_limit
+             && hypercall_preempt_check() )
         {
             switch ( op )
             {