On Thu, Sep 07, 2017 at 12:18:25PM +0100, Paul Durrant wrote: > > -----Original Message----- > > From: Wei Liu [mailto:wei.l...@citrix.com] > > Sent: 07 September 2017 12:11 > > To: Paul Durrant <paul.durr...@citrix.com> > > Cc: xen-de...@lists.xenproject.org; Andrew Cooper > > <andrew.coop...@citrix.com>; Jan Beulich <jbeul...@suse.com>; Wei Liu > > <wei.l...@citrix.com> > > Subject: Re: [Xen-devel] [PATCH v4 02/12] x86/mm: add > > HYPERVISOR_memory_op to acquire guest resources > > > > On Tue, Sep 05, 2017 at 12:37:06PM +0100, Paul Durrant wrote: > > [...] > > > > > > +static int xenmem_acquire_grant_table(struct domain *d, > > > + unsigned long frame, > > > + unsigned long nr_frames, > > > + unsigned long mfn_list[]) > > > +{ > > > + unsigned int i; > > > + > > > + /* > > > + * Iterate through the list backwards so that gnttab_get_frame() is > > > + * first called for the highest numbered frame. This means that the > > > + * out-of-bounds check will be done on the first iteration and, if > > > + * the table needs to grow, it will only grow once. > > > + */ > > > + i = nr_frames; > > > + while ( i-- != 0 ) > > > + { > > > + mfn_t mfn = gnttab_get_frame(d, frame + i); > > > + > > > > I think you should lock guest grant table first and use the _locked > > variant here to get a consistent view of guest grant table frames. > > Once the table has grown, is there any way they can change? >
Hmm... no. I think you can leave the code as-is. > > Ok, if you think it's necessary. (This is a tools-only hypercall and the > ranges are supplied by privcmd, allocated in kernel). > IMHO we should allow for use case for semi-trusted users of this hypercall in the future. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
