On 29/08/18 11:36, Olaf Hering wrote: > On Mon, Aug 13, Jan Beulich wrote: > >> And hence the consideration of mapping in an all zeros page >> instead. This is because of the way __hvmemul_read() / >> __hvm_copy() work: The latter doesn't tell its caller how many >> bytes it was able to read, and hence the former considers the >> entire range MMIO (and forwards the request for emulation). >> Of course all of this is an issue only because >> hvmemul_virtual_to_linear() sees no need to split the request >> at the page boundary, due to the balloon driver having left in >> place the mapping of the ballooned out page. > Should perhaps __hvm_copy detect the fault and copy 0xf for the > unavailable page into 'buf', and finally return success? > > Clearly something must be done at the Xen level.
This is first and formost a Linux bug. No amount of fixing Xen is going to alter that. Architecturally speaking, handing #MC back is probably the closest we can get to sensible behaviour, but it is still a bug that Linux is touching the ballooned out page in the first place. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel