Export machine_to_phys start and end addresses to guests.

Use this info in Linux to bounds-check accesses to the
m2p table.
Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset:   10460:f7bb99cdc391a4a23ee41d48dfd19f3d5b0c69c3
xen-unstable date:        Tue Jun 20 12:01:09 2006 +0100

[LINUX] Fix i386 build -- define max_mapnr in mfn_to_pfn().
Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset:   10464:674890dc1ee2ebc4e0f271c27bbe9b021249b554
xen-unstable date:        Tue Jun 20 13:42:08 2006 +0100

[LINUX] Another fix to i386 mfn_to_pfn().
Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset:   10465:b6ee2a730139b4e8b627c2f412fb8c46dac50185
xen-unstable date:        Tue Jun 20 13:45:23 2006 +0100

diff --git a/linux-2.6-xen-sparse/include/asm-i386/mach-xen/asm/page.h b/linux-2.6-xen-sparse/include/asm-i386/mach-xen/asm/page.h
index cfdffff2586f019b01cbb32e31c4f756d1ec0946..f2990702bdd7292f346787528b281acbf8bd90c4 100644 (file)
--- a/linux-2.6-xen-sparse/include/asm-i386/mach-xen/asm/page.h
+++ b/linux-2.6-xen-sparse/include/asm-i386/mach-xen/asm/page.h
@@ -84,24 +84,29 @@ static inline int phys_to_machine_mapping_valid(unsigned long pfn)
 
 static inline unsigned long mfn_to_pfn(unsigned long mfn)
 {
+       extern unsigned long max_mapnr;
        unsigned long pfn;
 
        if (xen_feature(XENFEAT_auto_translated_physmap))
                return mfn;
 
-       /*
-        * The array access can fail (e.g., device space beyond end of RAM).
-        * In such cases it doesn't matter what we return (we return garbage),
-        * but we must handle the fault without crashing!
-        */
+       if (mfn >= MACH2PHYS_NR_ENTRIES)
+               return max_mapnr;
+
+       /* The array access can fail (e.g., device space beyond end of RAM). */
        asm (
                "1:     movl %1,%0\n"
                "2:\n"
+               ".section .fixup,\"ax\"\n"
+               "3:     movl %2,%0\n"
+               "       jmp  2b\n"
+               ".previous\n"
                ".section __ex_table,\"a\"\n"
                "       .align 4\n"
-               "       .long 1b,2b\n"
+               "       .long 1b,3b\n"
                ".previous"
-               : "=r" (pfn) : "m" (machine_to_phys_mapping[mfn]) );
+               : "=r" (pfn)
+               : "m" (machine_to_phys_mapping[mfn]), "ir" (max_mapnr) );
 
        return pfn;
 }

diff --git a/linux-2.6-xen-sparse/include/asm-x86_64/mach-xen/asm/page.h b/linux-2.6-xen-sparse/include/asm-x86_64/mach-xen/asm/page.h
index 73d9282a85b4282956ec2a0fc12c2c391c2178af..26a450a6b143d9595877d14c574026128f4e3031 100644 (file)
--- a/linux-2.6-xen-sparse/include/asm-x86_64/mach-xen/asm/page.h
+++ b/linux-2.6-xen-sparse/include/asm-x86_64/mach-xen/asm/page.h
@@ -107,19 +107,23 @@ static inline unsigned long mfn_to_pfn(unsigned long mfn)
        if (xen_feature(XENFEAT_auto_translated_physmap))
                return mfn;
 
-       /*
-        * The array access can fail (e.g., device space beyond end of RAM).
-        * In such cases it doesn't matter what we return (we return garbage),
-        * but we must handle the fault without crashing!
-        */
+       if (mfn >= MACH2PHYS_NR_ENTRIES)
+               return end_pfn;
+
+       /* The array access can fail (e.g., device space beyond end of RAM). */
        asm (
                "1:     movq %1,%0\n"
                "2:\n"
+               ".section .fixup,\"ax\"\n"
+               "3:     movq %2,%0\n"
+               "       jmp  2b\n"
+               ".previous\n"
                ".section __ex_table,\"a\"\n"
                "       .align 8\n"
-               "       .quad 1b,2b\n"
+               "       .quad 1b,3b\n"
                ".previous"
-               : "=r" (pfn) : "m" (machine_to_phys_mapping[mfn]) );
+               : "=r" (pfn)
+               : "m" (machine_to_phys_mapping[mfn]), "ir" (end_pfn) );
 
        return pfn;
 }

diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c
index 8393fdef7848fe0c569d772d7d8fbf0c04256c6e..89414c7fcabdf25f825a20fdf0af15237c03820d 100644 (file)
--- a/xen/arch/x86/setup.c
+++ b/xen/arch/x86/setup.c
@@ -363,11 +363,13 @@ void __init __start_xen(multiboot_info_t *mbi)
     BUG_ON(sizeof(shared_info_t) > PAGE_SIZE);
     BUG_ON(sizeof(vcpu_info_t) != 64);
 
-    /* __foo are defined in public headers. Check they match internal defs. */
+    /* Check definitions in public headers match internal defs. */
     BUG_ON(__HYPERVISOR_VIRT_START != HYPERVISOR_VIRT_START);
 #ifdef HYPERVISOR_VIRT_END
     BUG_ON(__HYPERVISOR_VIRT_END   != HYPERVISOR_VIRT_END);
 #endif
+    BUG_ON(MACH2PHYS_VIRT_START != RO_MPT_VIRT_START);
+    BUG_ON(MACH2PHYS_VIRT_END   != RO_MPT_VIRT_END);
 
     init_frametable();
 

diff --git a/xen/include/public/arch-x86_32.h b/xen/include/public/arch-x86_32.h
index 4ca376f326c213097cdee93702f3705bcd6e4dec..e9a2751d10f9c3c3fbb18e156bc231df0c6538bb 100644 (file)
--- a/xen/include/public/arch-x86_32.h
+++ b/xen/include/public/arch-x86_32.h
@@ -72,16 +72,23 @@ DEFINE_GUEST_HANDLE(void);
  */
 #ifdef CONFIG_X86_PAE
 #define __HYPERVISOR_VIRT_START 0xF5800000
+#define __MACH2PHYS_VIRT_START  0xF5800000
+#define __MACH2PHYS_VIRT_END    0xF6800000
 #else
 #define __HYPERVISOR_VIRT_START 0xFC000000
+#define __MACH2PHYS_VIRT_START  0xFC000000
+#define __MACH2PHYS_VIRT_END    0xFC400000
 #endif
 
 #ifndef HYPERVISOR_VIRT_START
 #define HYPERVISOR_VIRT_START mk_unsigned_long(__HYPERVISOR_VIRT_START)
 #endif
 
+#define MACH2PHYS_VIRT_START  mk_unsigned_long(__MACH2PHYS_VIRT_START)
+#define MACH2PHYS_VIRT_END    mk_unsigned_long(__MACH2PHYS_VIRT_END)
+#define MACH2PHYS_NR_ENTRIES  ((MACH2PHYS_VIRT_END-MACH2PHYS_VIRT_START)>>2)
 #ifndef machine_to_phys_mapping
-#define machine_to_phys_mapping ((unsigned long *)HYPERVISOR_VIRT_START)
+#define machine_to_phys_mapping ((unsigned long *)MACH2PHYS_VIRT_START)
 #endif
 
 /* Maximum number of virtual CPUs in multi-processor guests. */

diff --git a/xen/include/public/arch-x86_64.h b/xen/include/public/arch-x86_64.h
index 892d86268fd2e591853af4365e2acb4face9d15b..2767b2b6d81d688334c926df656484cf576a8143 100644 (file)
--- a/xen/include/public/arch-x86_64.h
+++ b/xen/include/public/arch-x86_64.h
@@ -83,22 +83,26 @@ DEFINE_GUEST_HANDLE(void);
 
 #define __HYPERVISOR_VIRT_START 0xFFFF800000000000
 #define __HYPERVISOR_VIRT_END   0xFFFF880000000000
+#define __MACH2PHYS_VIRT_START  0xFFFF800000000000
+#define __MACH2PHYS_VIRT_END    0xFFFF804000000000
 
 #ifndef HYPERVISOR_VIRT_START
 #define HYPERVISOR_VIRT_START mk_unsigned_long(__HYPERVISOR_VIRT_START)
 #define HYPERVISOR_VIRT_END   mk_unsigned_long(__HYPERVISOR_VIRT_END)
 #endif
 
+#define MACH2PHYS_VIRT_START  mk_unsigned_long(__MACH2PHYS_VIRT_START)
+#define MACH2PHYS_VIRT_END    mk_unsigned_long(__MACH2PHYS_VIRT_END)
+#define MACH2PHYS_NR_ENTRIES  ((MACH2PHYS_VIRT_END-MACH2PHYS_VIRT_START)>>3)
+#ifndef machine_to_phys_mapping
+#define machine_to_phys_mapping ((unsigned long *)HYPERVISOR_VIRT_START)
+#endif
+
 /* Maximum number of virtual CPUs in multi-processor guests. */
 #define MAX_VIRT_CPUS 32
 
 #ifndef __ASSEMBLY__
 
-/* The machine->physical mapping table starts at this address, read-only. */
-#ifndef machine_to_phys_mapping
-#define machine_to_phys_mapping ((unsigned long *)HYPERVISOR_VIRT_START)
-#endif
-
 /*
  * int HYPERVISOR_set_segment_base(unsigned int which, unsigned long base)
  *  @which == SEGBASE_*  ;  @base == 64-bit base address