From: Jan Beulich Date: Fri, 9 Apr 2021 07:15:38 +0000 (+0200) Subject: x86/PV: make post-migration page state consistent X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=0a87e677f4f4527c439fa12a6d7fa44a28e43cb3;p=people%2Fsstabellini%2Fxen-unstable.git%2F.git x86/PV: make post-migration page state consistent When a page table page gets de-validated, its type reference count drops to zero (and PGT_validated gets cleared), but its type remains intact. XEN_DOMCTL_getpageframeinfo3, therefore, so far reported prior usage for such pages. An intermediate write to such a page via e.g. MMU_NORMAL_PT_UPDATE, however, would transition the page's type to PGT_writable_page, thus altering what XEN_DOMCTL_getpageframeinfo3 would return. In libxc the decision which pages to normalize / localize depends solely on the type returned from the domctl. As a result without further precautions the guest won't be able to tell whether such a page has had its (apparent) PTE entries transitioned to the new MFNs. Add a check of PGT_validated, thus consistently avoiding normalization / localization in the tool stack. Also use XEN_DOMCTL_PFINFO_NOTAB in the variable's initializer instead open coding it. Signed-off-by: Jan Beulich Acked-by: Roger Pau Monné --- diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c index b129d2cc2f..2aea5b6e9a 100644 --- a/xen/arch/x86/domctl.c +++ b/xen/arch/x86/domctl.c @@ -262,7 +262,7 @@ long arch_do_domctl( for ( i = 0; i < num; ++i ) { - unsigned long gfn = 0, type = 0; + unsigned long gfn = 0, type = XEN_DOMCTL_PFINFO_NOTAB; struct page_info *page; p2m_type_t t; @@ -302,6 +302,8 @@ long arch_do_domctl( if ( page->u.inuse.type_info & PGT_pinned ) type |= XEN_DOMCTL_PFINFO_LPINTAB; + else if ( !(page->u.inuse.type_info & PGT_validated) ) + type = XEN_DOMCTL_PFINFO_NOTAB; if ( page->count_info & PGC_broken ) type = XEN_DOMCTL_PFINFO_BROKEN;