When an interrupt is received during an EFI runtime service call, Xen
may call map_domain_page() while using the EFI runtime page tables.
This fails because, although the EFI runtime page tables are a
copy of the idle domain's page tables, current points at a different
domain's vCPU.
To fix this, return NULL from mapcache_current_vcpu() when using the EFI
runtime page tables which is treated equivalently to running in an idle
vCPU.
This issue can be reproduced by repeatedly calling GetVariable() from
dom0 while using VT-d, since VT-d frequently maps a page from interrupt
context.
Example call trace:
[<
ffff82d0801615dc>] __find_next_zero_bit+0x28/0x60
[<
ffff82d08016a10e>] map_domain_page+0x4c6/0x4eb
[<
ffff82d080156ae6>] map_vtd_domain_page+0xd/0xf
[<
ffff82d08015533a>] msi_msg_read_remap_rte+0xe3/0x1d8
[<
ffff82d08014e516>] iommu_read_msi_from_ire+0x31/0x34
[<
ffff82d08016ff6c>] set_msi_affinity+0x134/0x17a
[<
ffff82d0801737b5>] move_masked_irq+0x5c/0x98
[<
ffff82d080173816>] move_native_irq+0x25/0x36
[<
ffff82d08016ffcb>] ack_nonmaskable_msi_irq+0x19/0x20
[<
ffff82d08016ffdb>] ack_maskable_msi_irq+0x9/0x37
[<
ffff82d080173e8b>] do_IRQ+0x251/0x635
[<
ffff82d080234502>] common_interrupt+0x62/0x70
[<
00000000df7ed2be>]
00000000df7ed2be
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
if ( v == (struct vcpu *)0xfffff000 )
return NULL;
+ /*
+ * When using efi runtime page tables, we have the equivalent of the idle
+ * domain's page tables but current may point at another domain's VCPU.
+ * Return NULL as though current is not properly set up yet.
+ */
+ if ( efi_enabled && efi_rs_using_pgtables() )
+ return NULL;
+
/*
* If guest_table is NULL, and we are running a paravirtualised guest,
* then it means we are running on the idle domain's page table and must
*/
if ( unlikely(pagetable_is_null(v->arch.guest_table)) && is_pv_vcpu(v) )
{
- unsigned long cr3;
-
/* If we really are idling, perform lazy context switch now. */
if ( (v = idle_vcpu[smp_processor_id()]) == current )
sync_local_execstate();
/* We must now be running on the idle page table. */
- ASSERT((cr3 = read_cr3()) == __pa(idle_pg_table) ||
- (efi_enabled && cr3 == efi_rs_page_table()));
+ ASSERT(read_cr3() == __pa(idle_pg_table));
}
return v;
void efi_update_l4_pgtable(unsigned int l4idx, l4_pgentry_t l4e) { }
-paddr_t efi_rs_page_table(void)
+bool_t efi_rs_using_pgtables(void)
{
BUG();
return 0;
const EFI_RUNTIME_SERVICES *__read_mostly efi_rs;
#ifndef CONFIG_ARM /* TODO - disabled until implemented on ARM */
static DEFINE_SPINLOCK(efi_rs_lock);
+static unsigned int efi_rs_on_cpu = NR_CPUS;
#endif
UINTN __read_mostly efi_memmap_size;
spin_lock(&efi_rs_lock);
+ efi_rs_on_cpu = smp_processor_id();
+
/* prevent fixup_page_fault() from doing anything */
irq_enter();
asm volatile ( "lgdt %0" : : "m" (gdt_desc) );
}
irq_exit();
+ efi_rs_on_cpu = NR_CPUS;
spin_unlock(&efi_rs_lock);
stts();
}
-paddr_t efi_rs_page_table(void)
+bool_t efi_rs_using_pgtables(void)
{
- return efi_l4_pgtable ? virt_to_maddr(efi_l4_pgtable) : 0;
+ return efi_l4_pgtable &&
+ (smp_processor_id() == efi_rs_on_cpu) &&
+ (read_cr3() == virt_to_maddr(efi_l4_pgtable));
}
unsigned long efi_get_time(void)
struct compat_pf_efi_runtime_call;
void efi_init_memory(void);
-paddr_t efi_rs_page_table(void);
+bool_t efi_rs_using_pgtables(void);
unsigned long efi_get_time(void);
void efi_halt_system(void);
void efi_reset_system(bool_t warm);
projects / people / liuw / libxenctrl-split / xen.git / commitdiff