From 0a87e677f4f4527c439fa12a6d7fa44a28e43cb3 Mon Sep 17 00:00:00 2001 From: Jan Beulich Date: Fri, 9 Apr 2021 09:15:38 +0200 Subject: [PATCH] x86/PV: make post-migration page state consistent MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit When a page table page gets de-validated, its type reference count drops to zero (and PGT_validated gets cleared), but its type remains intact. XEN_DOMCTL_getpageframeinfo3, therefore, so far reported prior usage for such pages. An intermediate write to such a page via e.g. MMU_NORMAL_PT_UPDATE, however, would transition the page's type to PGT_writable_page, thus altering what XEN_DOMCTL_getpageframeinfo3 would return. In libxc the decision which pages to normalize / localize depends solely on the type returned from the domctl. As a result without further precautions the guest won't be able to tell whether such a page has had its (apparent) PTE entries transitioned to the new MFNs. Add a check of PGT_validated, thus consistently avoiding normalization / localization in the tool stack. Also use XEN_DOMCTL_PFINFO_NOTAB in the variable's initializer instead open coding it. Signed-off-by: Jan Beulich Acked-by: Roger Pau Monné --- xen/arch/x86/domctl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c index b129d2cc2f..2aea5b6e9a 100644 --- a/xen/arch/x86/domctl.c +++ b/xen/arch/x86/domctl.c @@ -262,7 +262,7 @@ long arch_do_domctl( for ( i = 0; i < num; ++i ) { - unsigned long gfn = 0, type = 0; + unsigned long gfn = 0, type = XEN_DOMCTL_PFINFO_NOTAB; struct page_info *page; p2m_type_t t; @@ -302,6 +302,8 @@ long arch_do_domctl( if ( page->u.inuse.type_info & PGT_pinned ) type |= XEN_DOMCTL_PFINFO_LPINTAB; + else if ( !(page->u.inuse.type_info & PGT_validated) ) + type = XEN_DOMCTL_PFINFO_NOTAB; if ( page->count_info & PGC_broken ) type = XEN_DOMCTL_PFINFO_BROKEN; -- 2.30.2