> -----Original Message-----
> From: Jan Beulich <jbeul...@suse.com>
> Sent: 22 May 2020 15:34
> To: Paul Durrant <p...@xen.org>
> Cc: xen-devel@lists.xenproject.org; Durrant, Paul <pdurr...@amazon.co.uk>;
> Ian Jackson
> <ian.jack...@eu.citrix.com>; Wei Liu <w...@xen.org>; Andrew Cooper
> <andrew.coop...@citrix.com>; George
> Dunlap <george.dun...@citrix.com>; Julien Grall <jul...@xen.org>; Stefano
> Stabellini
> <sstabell...@kernel.org>
> Subject: RE: [EXTERNAL] [PATCH v5 4/5] common/domain: add a domain context
> record for shared_info...
>
> CAUTION: This email originated from outside of the organization. Do not click
> links or open
> attachments unless you can confirm the sender and know the content is safe.
>
>
>
> On 21.05.2020 18:19, Paul Durrant wrote:
> > @@ -1649,6 +1650,70 @@ int continue_hypercall_on_cpu(
> > return 0;
> > }
> >
> > +static int save_shared_info(const struct domain *d, struct domain_context
> > *c,
> > + bool dry_run)
> > +{
> > + struct domain_shared_info_context ctxt = {
> > +#ifdef CONFIG_COMPAT
> > + .flags = has_32bit_shinfo(d) ? DOMAIN_SAVE_32BIT_SHINFO : 0,
> > +#endif
> > + .buffer_size = sizeof(shared_info_t),
>
> But this size varies between native and compat.
>
> > +static int load_shared_info(struct domain *d, struct domain_context *c)
> > +{
> > + struct domain_shared_info_context ctxt;
> > + size_t hdr_size = offsetof(typeof(ctxt), buffer);
> > + unsigned int i;
> > + int rc;
> > +
> > + rc = DOMAIN_LOAD_BEGIN(SHARED_INFO, c, &i);
> > + if ( rc )
> > + return rc;
> > +
> > + if ( i ) /* expect only a single instance */
> > + return -ENXIO;
> > +
> > + rc = domain_load_data(c, &ctxt, hdr_size);
> > + if ( rc )
> > + return rc;
> > +
> > + if ( ctxt.buffer_size != sizeof(shared_info_t) )
> > + return -EINVAL;
>
> While on the save side things could be left as they are (yet
> I'd prefer a change), this should be flexible enough to allow
> at least the smaller compat size as well in the compat case.
Ok, I guess we can optimize the buffer size down if only the compat version is
needed. Seems like slightly pointless complexity though.
> I wonder whether any smaller sizes might be acceptable, once
> again with the rest getting zero-padded.
>
If the need arises to zero extend an older shared_info variant then that can be
done in future.
> > + if ( ctxt.flags & DOMAIN_SAVE_32BIT_SHINFO )
> > +#ifdef CONFIG_COMPAT
> > + has_32bit_shinfo(d) = true;
> > +#else
> > + return -EINVAL;
> > +#endif
>
> Am I mis-remembering or was a check lost of the remaining
> flags being zero? If I am, one needs adding in any case, imo.
>
It wasn't flags before, but you're quite right; they should be zero-checked.
Paul
> Jan
