From: Jan Beulich <jbeulich@suse.com>
Date: Thu, 15 Nov 2018 12:36:10 +0000 (+0100)
Subject: x86/HVM: make hvmemul_map_linear_addr() honor p2m_ioreq_server
X-Git-Tag: archive/raspbian/4.14.0+80-gd101b417b7-1+rpi1^2~63^2~2921
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=bfdd5e58763a32afdf04b022e2698d39ae4cf4d6;p=xen.git

x86/HVM: make hvmemul_map_linear_addr() honor p2m_ioreq_server

Write accesses to p2m_ioreq_server pages should get redirected to the
emulator also when using the mapping approach. Extend the
p2m_is_discard_write() check there, and restrict both to the write
access case (this is just a latent bug as currently we go this route
only for write accesses).

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Paul Durrant <paul.durrant@citrix.com>
---

diff --git a/xen/arch/x86/hvm/emulate.c b/xen/arch/x86/hvm/emulate.c
index 9e7deaa6cd..e08524be49 100644
--- a/xen/arch/x86/hvm/emulate.c
+++ b/xen/arch/x86/hvm/emulate.c
@@ -613,10 +613,21 @@ static void *hvmemul_map_linear_addr(
 
         *mfn++ = page_to_mfn(page);
 
-        if ( p2m_is_discard_write(p2mt) )
+        if ( pfec & PFEC_write_access )
         {
-            err = ERR_PTR(~X86EMUL_OKAY);
-            goto out;
+            if ( p2m_is_discard_write(p2mt) )
+            {
+                err = ERR_PTR(~X86EMUL_OKAY);
+                goto out;
+            }
+
+            if ( p2mt == p2m_ioreq_server )
+            {
+                err = NULL;
+                goto out;
+            }
+
+            ASSERT(p2mt == p2m_ram_logdirty || !p2m_is_readonly(p2mt));
         }
     }