On Wed, Nov 09, 2022 at 01:02:28PM +0100, Jan Beulich wrote:
> On 09.11.2022 12:36, Roger Pau Monné wrote:
> > Since I don't see replies to my other comments, do you agree on
> > returning an error then?
>
> No, my view there hasn't changed. I wouldn't block a change to go in
> early for 4.18, but I also wouldn't ack such.
>
> Perhaps just one remark on your other earlier comments: While you're
> right about XEN_DOMCTL_SHADOW_OP_{CLEAN,PEEK}, (effectively) random
> data in the bitmap may cause a caller to do extra work, but wouldn't
> look to be otherwise harmful: Considering pages dirty which aren't
> is never a functional problem, while considering pages clean which
> aren't is (imo) not a problem for a dying domain.
Can't that lead to failures elsewhere when attempts to fetch those
pages find they might have been removed from the p2m?
We are exchanging one failure path for another, but it would make more
sense to return an error here instead of uninitialized data, so that
the tools don't attempt to perform actions based on such invalid
bitmaps.
Thanks, Roger.
