From patchwork Wed May 10 11:13:21 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Igor Druzhinin <igor.druzhinin@citrix.com>
X-Patchwork-Id: 9719689
Return-Path: <xen-devel-bounces@lists.xen.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	DAC0E60365 for <patchwork-xen-devel@patchwork.kernel.org>;
	Wed, 10 May 2017 11:17:46 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D15C0205FB
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Wed, 10 May 2017 11:17:46 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id C2EA12857B; Wed, 10 May 2017 11:17:46 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED
	autolearn=ham version=3.3.1
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 75273205FB
	for <patchwork-xen-devel@patchwork.kernel.org>;
	Wed, 10 May 2017 11:17:45 +0000 (UTC)
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <xen-devel-bounces@lists.xen.org>)
	id 1d8PYq-0000Un-Ku; Wed, 10 May 2017 11:13:40 +0000
Received: from mail6.bemta5.messagelabs.com ([195.245.231.135])
	by lists.xenproject.org with esmtp (Exim 4.84_2)
	(envelope-from <prvs=296f43a01=igor.druzhinin@citrix.com>)
	id 1d8PYo-0000Uh-RD
	for xen-devel@lists.xen.org; Wed, 10 May 2017 11:13:38 +0000
Received: from [85.158.139.211] by server-7.bemta-5.messagelabs.com id
	44/AB-02181-2E5F2195; Wed, 10 May 2017 11:13:38 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrOLMWRWlGSWpSXmKPExsWyU9JRQvfeV6F
	Igzl/tSyWfFzM4sDocXT3b6YAxijWzLyk/IoE1oym/aUFF8Urzs7ZxdTA+FCwi5GTQ0LAT+Ly
	+yOsIDabgIHEqU2LWEBsEQFZidVdc9i7GLk4mAW+MEqsO7GNrYuRg0NYIEBiwfFIkBoWAVWJZ
	3fns4HYvAKeEt0/FzNDzJSTuHmukxkiLihxcuYTsJnMAhISB1+8AIsLCahJHO3axQJRny6x+s
	UPtgmMPLOQtMxC0rKAkWkVo3pxalFZapGumV5SUWZ6RkluYmaOrqGBqV5uanFxYnpqTmJSsV5
	yfu4mRmCAMADBDsapDc6HGCU5mJREeXV3CUUK8SXlp1RmJBZnxBeV5qQWH2KU4eBQkuA9+wUo
	J1iUmp5akZaZAwxVmLQEB4+SCG8wMFyFeIsLEnOLM9MhUqcYFaXEeY+B9AmAJDJK8+DaYPFxi
	VFWSpiXEegQIZ6C1KLczBJU+VeM4hyMSsK810Cm8GTmlcBNfwW0mAlocSCDAMjikkSElFQDo1
	q/f9FWZoEGlkeX//uH+oj9epnoFtV58vmyuz1xX1ftClBzTOAsvBU29+FnboYJfOeP/hNiYmm
	ffarJaNXV9tP88i1ChiE/PofsuyWe9Orkwe82M0OSZ3xVvbOR+4ffnguGMzm2yvw9svDxqt8n
	DmRvu8L4fKvR7Plec7sa/jiEPRP7nujwgUGJpTgj0VCLuag4EQDAxr2aigIAAA==
X-Env-Sender: prvs=296f43a01=igor.druzhinin@citrix.com
X-Msg-Ref: server-5.tower-206.messagelabs.com!1494414813!95641361!1
X-Originating-IP: [185.25.65.24]
X-SpamReason: No, hits=0.0 required=7.0 tests=received_headers: No
	Received headers
X-StarScan-Received: 
X-StarScan-Version: 9.4.12; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 52660 invoked from network); 10 May 2017 11:13:33 -0000
Received: from smtp.ctxuk.citrix.com (HELO SMTP.EU.CITRIX.COM) (185.25.65.24)
	by server-5.tower-206.messagelabs.com with RC4-SHA encrypted SMTP;
	10 May 2017 11:13:33 -0000
X-IronPort-AV: E=Sophos;i="5.38,318,1491264000"; d="scan'208";a="45752131"
From: Igor Druzhinin <igor.druzhinin@citrix.com>
To: <xen-devel@lists.xen.org>
Date: Wed, 10 May 2017 12:13:21 +0100
Message-ID: <1494414801-28953-1-git-send-email-igor.druzhinin@citrix.com>
X-Mailer: git-send-email 2.7.4
MIME-Version: 1.0
X-ClientProxiedBy: FTLPEX02CAS02.citrite.net (10.13.99.123) To
	AMSPEX02CL03.citrite.net (10.69.22.127)
Cc: Igor Druzhinin <igor.druzhinin@citrix.com>,
	Kevin Tian <kevin.tian@intel.com>,
	Jun Nakajima <jun.nakajima@intel.com>,
	George Dunlap <george.dunlap@eu.citrix.com>,
	Andrew Cooper <andrew.cooper3@citrix.com>,
	Jan Beulich <jbeulich@suse.com>
Subject: [Xen-devel] [PATCH v2 for-4.9] x86/mm: Fix incorrect unmapping of
	2MB and 1GB pages
X-BeenThere: xen-devel@lists.xen.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xen.org>
List-Unsubscribe: <https://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <https://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xen.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xen.org>
X-Virus-Scanned: ClamAV using ClamSMTP

The same set of functions is used to set as well as to clean
P2M entries, except that for clean operations INVALID_MFN (~0UL)
is passed as a parameter. Unfortunately, when calculating an
appropriate target order for a particular mapping INVALID_MFN
is not taken into account which leads to 4K page target order
being set each time even for 2MB and 1GB mappings. This eventually
breaks down an EPT structure irreversibly into 4K mappings which
prevents consecutive high order mappings to this area.

Signed-off-by: Igor Druzhinin <igor.druzhinin@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
Acked-by: George Dunlap <george.dunlap@citrix.com>
---
Changes in v2:
* changed mistakenly used mfn_valid() to mfn_eq()
* aggregated gfn-mfn mask into one

CC: Jun Nakajima <jun.nakajima@intel.com>
CC: Kevin Tian <kevin.tian@intel.com>
CC: George Dunlap <george.dunlap@eu.citrix.com>
CC: Jan Beulich <jbeulich@suse.com>
CC: Andrew Cooper <andrew.cooper3@citrix.com>

Bugfix intended for 4.9 release.
---
 xen/arch/x86/mm/p2m-ept.c |  3 ++-
 xen/arch/x86/mm/p2m.c     | 11 +++++++----
 2 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/xen/arch/x86/mm/p2m-ept.c b/xen/arch/x86/mm/p2m-ept.c
index f37a1f2..f98121d 100644
--- a/xen/arch/x86/mm/p2m-ept.c
+++ b/xen/arch/x86/mm/p2m-ept.c
@@ -681,6 +681,7 @@ ept_set_entry(struct p2m_domain *p2m, unsigned long gfn, mfn_t mfn,
     ept_entry_t *table, *ept_entry = NULL;
     unsigned long gfn_remainder = gfn;
     unsigned int i, target = order / EPT_TABLE_ORDER;
+    unsigned long fn_mask = !mfn_eq(mfn, INVALID_MFN) ? (gfn | mfn_x(mfn)) : gfn;
     int ret, rc = 0;
     bool_t entry_written = 0;
     bool_t direct_mmio = (p2mt == p2m_mmio_direct);
@@ -701,7 +702,7 @@ ept_set_entry(struct p2m_domain *p2m, unsigned long gfn, mfn_t mfn,
      * 2. gfn not exceeding guest physical address width.
      * 3. passing a valid order.
      */
-    if ( ((gfn | mfn_x(mfn)) & ((1UL << order) - 1)) ||
+    if ( (fn_mask & ((1UL << order) - 1)) ||
          ((u64)gfn >> ((ept->wl + 1) * EPT_TABLE_ORDER)) ||
          (order % EPT_TABLE_ORDER) )
         return -EINVAL;
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index ae70a92..e902f1a 100644
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -543,12 +543,15 @@ int p2m_set_entry(struct p2m_domain *p2m, unsigned long gfn, mfn_t mfn,
     while ( todo )
     {
         if ( hap_enabled(d) )
-            order = (!((gfn | mfn_x(mfn) | todo) &
-                       ((1ul << PAGE_ORDER_1G) - 1)) &&
+        {
+            unsigned long fn_mask = !mfn_eq(mfn, INVALID_MFN) ?
+                                     (gfn | mfn_x(mfn) | todo) : (gfn | todo);
+
+            order = (!(fn_mask & ((1ul << PAGE_ORDER_1G) - 1)) &&
                      hap_has_1gb) ? PAGE_ORDER_1G :
-                    (!((gfn | mfn_x(mfn) | todo) &
-                       ((1ul << PAGE_ORDER_2M) - 1)) &&
+                    (!(fn_mask & ((1ul << PAGE_ORDER_2M) - 1)) &&
                      hap_has_2mb) ? PAGE_ORDER_2M : PAGE_ORDER_4K;
+        }
         else
             order = 0;