debuggers.hg

view xen/arch/x86/mm/shadow/private.h @ 0:7d21f7218375

Exact replica of unstable on 051908 + README-this
author Mukesh Rathor
date Mon May 19 15:34:57 2008 -0700 (2008-05-19)
parents
children 5c0bf00e371d
line source
1 /******************************************************************************
2 * arch/x86/mm/shadow/private.h
3 *
4 * Shadow code that is private, and does not need to be multiply compiled.
5 * Parts of this code are Copyright (c) 2006 by XenSource Inc.
6 * Parts of this code are Copyright (c) 2006 by Michael A Fetterman
7 * Parts based on earlier work by Michael A Fetterman, Ian Pratt et al.
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22 */
24 #ifndef _XEN_SHADOW_PRIVATE_H
25 #define _XEN_SHADOW_PRIVATE_H
27 // In order to override the definition of mfn_to_page, we make sure page.h has
28 // been included...
29 #include <asm/page.h>
30 #include <xen/domain_page.h>
31 #include <asm/x86_emulate.h>
32 #include <asm/hvm/support.h>
35 /******************************************************************************
36 * Levels of self-test and paranoia
37 */
39 #define SHADOW_AUDIT_HASH 0x01 /* Check current hash bucket */
40 #define SHADOW_AUDIT_HASH_FULL 0x02 /* Check every hash bucket */
41 #define SHADOW_AUDIT_ENTRIES 0x04 /* Check this walk's shadows */
42 #define SHADOW_AUDIT_ENTRIES_FULL 0x08 /* Check every shadow */
43 #define SHADOW_AUDIT_ENTRIES_MFNS 0x10 /* Check gfn-mfn map in shadows */
45 #ifdef NDEBUG
46 #define SHADOW_AUDIT 0
47 #define SHADOW_AUDIT_ENABLE 0
48 #else
49 #define SHADOW_AUDIT 0x15 /* Basic audit of all */
50 #define SHADOW_AUDIT_ENABLE shadow_audit_enable
51 extern int shadow_audit_enable;
52 #endif
54 /******************************************************************************
55 * Levels of optimization
56 */
58 #define SHOPT_WRITABLE_HEURISTIC 0x01 /* Guess at RW PTEs via linear maps */
59 #define SHOPT_EARLY_UNSHADOW 0x02 /* Unshadow l1s on fork or exit */
60 #define SHOPT_FAST_FAULT_PATH 0x04 /* Fast-path MMIO and not-present */
61 #define SHOPT_PREFETCH 0x08 /* Shadow multiple entries per fault */
62 #define SHOPT_LINUX_L3_TOPLEVEL 0x10 /* Pin l3es on early 64bit linux */
63 #define SHOPT_SKIP_VERIFY 0x20 /* Skip PTE v'fy when safe to do so */
64 #define SHOPT_VIRTUAL_TLB 0x40 /* Cache guest v->p translations */
65 #define SHOPT_FAST_EMULATION 0x80 /* Fast write emulation */
67 #define SHADOW_OPTIMIZATIONS 0xff
70 /******************************************************************************
71 * Debug and error-message output
72 */
74 #define SHADOW_PRINTK(_f, _a...) \
75 debugtrace_printk("sh: %s(): " _f, __func__, ##_a)
76 #define SHADOW_ERROR(_f, _a...) \
77 printk("sh error: %s(): " _f, __func__, ##_a)
78 #define SHADOW_DEBUG(flag, _f, _a...) \
79 do { \
80 if (SHADOW_DEBUG_ ## flag) \
81 debugtrace_printk("shdebug: %s(): " _f, __func__, ##_a); \
82 } while (0)
84 // The flags for use with SHADOW_DEBUG:
85 #define SHADOW_DEBUG_PROPAGATE 1
86 #define SHADOW_DEBUG_MAKE_SHADOW 1
87 #define SHADOW_DEBUG_DESTROY_SHADOW 1
88 #define SHADOW_DEBUG_A_AND_D 1
89 #define SHADOW_DEBUG_EMULATE 1
90 #define SHADOW_DEBUG_P2M 1
91 #define SHADOW_DEBUG_LOGDIRTY 0
93 /******************************************************************************
94 * The shadow lock.
95 *
96 * This lock is per-domain. It is intended to allow us to make atomic
97 * updates to the software TLB that the shadow tables provide.
98 *
99 * Specifically, it protects:
100 * - all changes to shadow page table pages
101 * - the shadow hash table
102 * - the shadow page allocator
103 * - all changes to guest page table pages
104 * - all changes to the page_info->tlbflush_timestamp
105 * - the page_info->count fields on shadow pages
106 * - the shadow dirty bit array and count
107 */
108 #ifndef CONFIG_SMP
109 #error shadow.h currently requires CONFIG_SMP
110 #endif
112 #define shadow_lock_init(_d) \
113 do { \
114 spin_lock_init(&(_d)->arch.paging.shadow.lock); \
115 (_d)->arch.paging.shadow.locker = -1; \
116 (_d)->arch.paging.shadow.locker_function = "nobody"; \
117 } while (0)
119 #define shadow_locked_by_me(_d) \
120 (current->processor == (_d)->arch.paging.shadow.locker)
122 #define shadow_lock(_d) \
123 do { \
124 if ( unlikely((_d)->arch.paging.shadow.locker == current->processor) )\
125 { \
126 printk("Error: shadow lock held by %s\n", \
127 (_d)->arch.paging.shadow.locker_function); \
128 BUG(); \
129 } \
130 spin_lock(&(_d)->arch.paging.shadow.lock); \
131 ASSERT((_d)->arch.paging.shadow.locker == -1); \
132 (_d)->arch.paging.shadow.locker = current->processor; \
133 (_d)->arch.paging.shadow.locker_function = __func__; \
134 } while (0)
136 #define shadow_unlock(_d) \
137 do { \
138 ASSERT((_d)->arch.paging.shadow.locker == current->processor); \
139 (_d)->arch.paging.shadow.locker = -1; \
140 (_d)->arch.paging.shadow.locker_function = "nobody"; \
141 spin_unlock(&(_d)->arch.paging.shadow.lock); \
142 } while (0)
146 /******************************************************************************
147 * Auditing routines
148 */
150 #if SHADOW_AUDIT & SHADOW_AUDIT_ENTRIES_FULL
151 extern void shadow_audit_tables(struct vcpu *v);
152 #else
153 #define shadow_audit_tables(_v) do {} while(0)
154 #endif
156 /******************************************************************************
157 * Macro for dealing with the naming of the internal names of the
158 * shadow code's external entry points.
159 */
160 #define SHADOW_INTERNAL_NAME_HIDDEN(name, guest_levels) \
161 name ## __guest_ ## guest_levels
162 #define SHADOW_INTERNAL_NAME(name, guest_levels) \
163 SHADOW_INTERNAL_NAME_HIDDEN(name, guest_levels)
165 #define GUEST_LEVELS 2
166 #include "multi.h"
167 #undef GUEST_LEVELS
169 #define GUEST_LEVELS 3
170 #include "multi.h"
171 #undef GUEST_LEVELS
173 #if CONFIG_PAGING_LEVELS == 4
174 #define GUEST_LEVELS 4
175 #include "multi.h"
176 #undef GUEST_LEVELS
177 #endif /* CONFIG_PAGING_LEVELS == 4 */
179 /******************************************************************************
180 * Page metadata for shadow pages.
181 */
183 struct shadow_page_info
184 {
185 union {
186 /* When in use, guest page we're a shadow of */
187 unsigned long backpointer;
188 /* When free, order of the freelist we're on */
189 unsigned int order;
190 };
191 union {
192 /* When in use, next shadow in this hash chain */
193 struct shadow_page_info *next_shadow;
194 /* When free, TLB flush time when freed */
195 u32 tlbflush_timestamp;
196 };
197 struct {
198 unsigned int type:4; /* What kind of shadow is this? */
199 unsigned int pinned:1; /* Is the shadow pinned? */
200 unsigned int count:27; /* Reference count */
201 u32 mbz; /* Must be zero: this is where the owner
202 * field lives in a non-shadow page */
203 } __attribute__((packed));
204 union {
205 /* For unused shadow pages, a list of pages of this order;
206 * for pinnable shadows, if pinned, a list of other pinned shadows
207 * (see sh_type_is_pinnable() below for the definition of
208 * "pinnable" shadow types). */
209 struct list_head list;
210 /* For non-pinnable shadows, a higher entry that points at us */
211 paddr_t up;
212 };
213 };
215 /* The structure above *must* be the same size as a struct page_info
216 * from mm.h, since we'll be using the same space in the frametable.
217 * Also, the mbz field must line up with the owner field of normal
218 * pages, so they look properly like anonymous/xen pages. */
219 static inline void shadow_check_page_struct_offsets(void) {
220 BUILD_BUG_ON(sizeof (struct shadow_page_info)
221 != sizeof (struct page_info));
222 BUILD_BUG_ON(offsetof(struct shadow_page_info, mbz)
223 != offsetof(struct page_info, u.inuse._domain));
224 };
226 /* Shadow type codes */
227 #define SH_type_none (0U) /* on the shadow free list */
228 #define SH_type_min_shadow (1U)
229 #define SH_type_l1_32_shadow (1U) /* shadowing a 32-bit L1 guest page */
230 #define SH_type_fl1_32_shadow (2U) /* L1 shadow for a 32b 4M superpage */
231 #define SH_type_l2_32_shadow (3U) /* shadowing a 32-bit L2 guest page */
232 #define SH_type_l1_pae_shadow (4U) /* shadowing a pae L1 page */
233 #define SH_type_fl1_pae_shadow (5U) /* L1 shadow for pae 2M superpg */
234 #define SH_type_l2_pae_shadow (6U) /* shadowing a pae L2-low page */
235 #define SH_type_l2h_pae_shadow (7U) /* shadowing a pae L2-high page */
236 #define SH_type_l1_64_shadow (8U) /* shadowing a 64-bit L1 page */
237 #define SH_type_fl1_64_shadow (9U) /* L1 shadow for 64-bit 2M superpg */
238 #define SH_type_l2_64_shadow (10U) /* shadowing a 64-bit L2 page */
239 #define SH_type_l2h_64_shadow (11U) /* shadowing a compat PAE L2 high page */
240 #define SH_type_l3_64_shadow (12U) /* shadowing a 64-bit L3 page */
241 #define SH_type_l4_64_shadow (13U) /* shadowing a 64-bit L4 page */
242 #define SH_type_max_shadow (13U)
243 #define SH_type_p2m_table (14U) /* in use as the p2m table */
244 #define SH_type_monitor_table (15U) /* in use as a monitor table */
245 #define SH_type_unused (16U)
247 /*
248 * What counts as a pinnable shadow?
249 */
251 static inline int sh_type_is_pinnable(struct vcpu *v, unsigned int t)
252 {
253 /* Top-level shadow types in each mode can be pinned, so that they
254 * persist even when not currently in use in a guest CR3 */
255 if ( t == SH_type_l2_32_shadow
256 || t == SH_type_l2_pae_shadow
257 || t == SH_type_l2h_pae_shadow
258 || t == SH_type_l4_64_shadow )
259 return 1;
261 #if (SHADOW_OPTIMIZATIONS & SHOPT_LINUX_L3_TOPLEVEL)
262 /* Early 64-bit linux used three levels of pagetables for the guest
263 * and context switched by changing one l4 entry in a per-cpu l4
264 * page. When we're shadowing those kernels, we have to pin l3
265 * shadows so they don't just evaporate on every context switch.
266 * For all other guests, we'd rather use the up-pointer field in l3s. */
267 if ( unlikely((v->domain->arch.paging.shadow.opt_flags & SHOPT_LINUX_L3_TOPLEVEL)
268 && CONFIG_PAGING_LEVELS >= 4
269 && t == SH_type_l3_64_shadow) )
270 return 1;
271 #endif
273 /* Everything else is not pinnable, and can use the "up" pointer */
274 return 0;
275 }
277 /*
278 * Definitions for the shadow_flags field in page_info.
279 * These flags are stored on *guest* pages...
280 * Bits 1-13 are encodings for the shadow types.
281 */
282 #define SHF_page_type_mask \
283 (((1u << (SH_type_max_shadow + 1u)) - 1u) - \
284 ((1u << SH_type_min_shadow) - 1u))
286 #define SHF_L1_32 (1u << SH_type_l1_32_shadow)
287 #define SHF_FL1_32 (1u << SH_type_fl1_32_shadow)
288 #define SHF_L2_32 (1u << SH_type_l2_32_shadow)
289 #define SHF_L1_PAE (1u << SH_type_l1_pae_shadow)
290 #define SHF_FL1_PAE (1u << SH_type_fl1_pae_shadow)
291 #define SHF_L2_PAE (1u << SH_type_l2_pae_shadow)
292 #define SHF_L2H_PAE (1u << SH_type_l2h_pae_shadow)
293 #define SHF_L1_64 (1u << SH_type_l1_64_shadow)
294 #define SHF_FL1_64 (1u << SH_type_fl1_64_shadow)
295 #define SHF_L2_64 (1u << SH_type_l2_64_shadow)
296 #define SHF_L2H_64 (1u << SH_type_l2h_64_shadow)
297 #define SHF_L3_64 (1u << SH_type_l3_64_shadow)
298 #define SHF_L4_64 (1u << SH_type_l4_64_shadow)
300 #define SHF_32 (SHF_L1_32|SHF_FL1_32|SHF_L2_32)
301 #define SHF_PAE (SHF_L1_PAE|SHF_FL1_PAE|SHF_L2_PAE|SHF_L2H_PAE)
302 #define SHF_64 (SHF_L1_64|SHF_FL1_64|SHF_L2_64|SHF_L2H_64|SHF_L3_64|SHF_L4_64)
305 /******************************************************************************
306 * Various function declarations
307 */
309 /* Hash table functions */
310 mfn_t shadow_hash_lookup(struct vcpu *v, unsigned long n, unsigned int t);
311 void shadow_hash_insert(struct vcpu *v,
312 unsigned long n, unsigned int t, mfn_t smfn);
313 void shadow_hash_delete(struct vcpu *v,
314 unsigned long n, unsigned int t, mfn_t smfn);
316 /* shadow promotion */
317 void shadow_promote(struct vcpu *v, mfn_t gmfn, u32 type);
318 void shadow_demote(struct vcpu *v, mfn_t gmfn, u32 type);
320 /* Shadow page allocation functions */
321 void shadow_prealloc(struct domain *d, u32 shadow_type, unsigned int count);
322 mfn_t shadow_alloc(struct domain *d,
323 u32 shadow_type,
324 unsigned long backpointer);
325 void shadow_free(struct domain *d, mfn_t smfn);
327 /* Install the xen mappings in various flavours of shadow */
328 void sh_install_xen_entries_in_l4(struct vcpu *v, mfn_t gl4mfn, mfn_t sl4mfn);
330 /* Update the shadows in response to a pagetable write from Xen */
331 int sh_validate_guest_entry(struct vcpu *v, mfn_t gmfn, void *entry, u32 size);
333 /* Update the shadows in response to a pagetable write from a HVM guest */
334 void sh_validate_guest_pt_write(struct vcpu *v, mfn_t gmfn,
335 void *entry, u32 size);
337 /* Remove all writeable mappings of a guest frame from the shadows.
338 * Returns non-zero if we need to flush TLBs.
339 * level and fault_addr desribe how we found this to be a pagetable;
340 * level==0 means we have some other reason for revoking write access. */
341 extern int sh_remove_write_access(struct vcpu *v, mfn_t readonly_mfn,
342 unsigned int level,
343 unsigned long fault_addr);
345 /* Functions that atomically write PT/P2M entries and update state */
346 void shadow_write_p2m_entry(struct vcpu *v, unsigned long gfn,
347 l1_pgentry_t *p, mfn_t table_mfn,
348 l1_pgentry_t new, unsigned int level);
349 int shadow_write_guest_entry(struct vcpu *v, intpte_t *p,
350 intpte_t new, mfn_t gmfn);
351 int shadow_cmpxchg_guest_entry(struct vcpu *v, intpte_t *p,
352 intpte_t *old, intpte_t new, mfn_t gmfn);
356 /******************************************************************************
357 * Flags used in the return value of the shadow_set_lXe() functions...
358 */
360 /* We actually wrote something new to the shadow */
361 #define SHADOW_SET_CHANGED 0x1
362 /* Caller should flush TLBs to clear the old entry */
363 #define SHADOW_SET_FLUSH 0x2
364 /* Something went wrong: the shadow entry was invalid or refcount failed */
365 #define SHADOW_SET_ERROR 0x4
368 /******************************************************************************
369 * MFN/page-info handling
370 */
372 // Override mfn_to_page from asm/page.h, which was #include'd above,
373 // in order to make it work with our mfn type.
374 #undef mfn_to_page
375 #define mfn_to_page(_m) (frame_table + mfn_x(_m))
376 #define mfn_to_shadow_page(_m) ((struct shadow_page_info *)mfn_to_page(_m))
378 // Override page_to_mfn from asm/page.h, which was #include'd above,
379 // in order to make it work with our mfn type.
380 #undef page_to_mfn
381 #define page_to_mfn(_pg) (_mfn((_pg) - frame_table))
382 #define shadow_page_to_mfn(_spg) (page_to_mfn((struct page_info *)_spg))
384 // Override mfn_valid from asm/page.h, which was #include'd above,
385 // in order to make it work with our mfn type.
386 #undef mfn_valid
387 #define mfn_valid(_mfn) (mfn_x(_mfn) < max_page)
389 /* Override pagetable_t <-> struct page_info conversions to work with mfn_t */
390 #undef pagetable_get_page
391 #define pagetable_get_page(x) mfn_to_page(pagetable_get_mfn(x))
392 #undef pagetable_from_page
393 #define pagetable_from_page(pg) pagetable_from_mfn(page_to_mfn(pg))
395 static inline int
396 sh_mfn_is_a_page_table(mfn_t gmfn)
397 {
398 struct page_info *page = mfn_to_page(gmfn);
399 struct domain *owner;
400 unsigned long type_info;
402 if ( !mfn_valid(gmfn) )
403 return 0;
405 owner = page_get_owner(page);
406 if ( owner && shadow_mode_refcounts(owner)
407 && (page->count_info & PGC_page_table) )
408 return 1;
410 type_info = page->u.inuse.type_info & PGT_type_mask;
411 return type_info && (type_info <= PGT_l4_page_table);
412 }
414 // Provide mfn_t-aware versions of common xen functions
415 static inline void *
416 sh_map_domain_page(mfn_t mfn)
417 {
418 return map_domain_page(mfn_x(mfn));
419 }
421 static inline void
422 sh_unmap_domain_page(void *p)
423 {
424 unmap_domain_page(p);
425 }
427 static inline void *
428 sh_map_domain_page_global(mfn_t mfn)
429 {
430 return map_domain_page_global(mfn_x(mfn));
431 }
433 static inline void
434 sh_unmap_domain_page_global(void *p)
435 {
436 unmap_domain_page_global(p);
437 }
439 /******************************************************************************
440 * Log-dirty mode bitmap handling
441 */
443 extern void sh_mark_dirty(struct domain *d, mfn_t gmfn);
445 static inline int
446 sh_mfn_is_dirty(struct domain *d, mfn_t gmfn)
447 /* Is this guest page dirty? Call only in log-dirty mode. */
448 {
449 unsigned long pfn;
450 mfn_t mfn, *l4, *l3, *l2;
451 unsigned long *l1;
452 int rv;
454 ASSERT(shadow_mode_log_dirty(d));
455 ASSERT(mfn_valid(d->arch.paging.log_dirty.top));
457 /* We /really/ mean PFN here, even for non-translated guests. */
458 pfn = get_gpfn_from_mfn(mfn_x(gmfn));
459 if ( unlikely(!VALID_M2P(pfn)) )
460 return 0;
462 if ( d->arch.paging.log_dirty.failed_allocs > 0 )
463 /* If we have any failed allocations our dirty log is bogus.
464 * Since we can't signal an error here, be conservative and
465 * report "dirty" in this case. (The only current caller,
466 * _sh_propagate, leaves known-dirty pages writable, preventing
467 * subsequent dirty-logging faults from them.)
468 */
469 return 1;
471 l4 = map_domain_page(mfn_x(d->arch.paging.log_dirty.top));
472 mfn = l4[L4_LOGDIRTY_IDX(pfn)];
473 unmap_domain_page(l4);
474 if ( !mfn_valid(mfn) )
475 return 0;
477 l3 = map_domain_page(mfn_x(mfn));
478 mfn = l3[L3_LOGDIRTY_IDX(pfn)];
479 unmap_domain_page(l3);
480 if ( !mfn_valid(mfn) )
481 return 0;
483 l2 = map_domain_page(mfn_x(mfn));
484 mfn = l2[L2_LOGDIRTY_IDX(pfn)];
485 unmap_domain_page(l2);
486 if ( !mfn_valid(mfn) )
487 return 0;
489 l1 = map_domain_page(mfn_x(mfn));
490 rv = test_bit(L1_LOGDIRTY_IDX(pfn), l1);
491 unmap_domain_page(l1);
493 return rv;
494 }
496 /**************************************************************************/
497 /* VRAM dirty tracking support */
499 struct sh_dirty_vram {
500 unsigned long begin_pfn;
501 unsigned long end_pfn;
502 paddr_t *sl1ma;
503 uint8_t *dirty_bitmap;
504 s_time_t last_dirty;
505 };
507 /**************************************************************************/
508 /* Shadow-page refcounting. */
510 void sh_destroy_shadow(struct vcpu *v, mfn_t smfn);
512 /* Increase the refcount of a shadow page. Arguments are the mfn to refcount,
513 * and the physical address of the shadow entry that holds the ref (or zero
514 * if the ref is held by something else).
515 * Returns 0 for failure, 1 for success. */
516 static inline int sh_get_ref(struct vcpu *v, mfn_t smfn, paddr_t entry_pa)
517 {
518 u32 x, nx;
519 struct shadow_page_info *sp = mfn_to_shadow_page(smfn);
521 ASSERT(mfn_valid(smfn));
523 x = sp->count;
524 nx = x + 1;
526 if ( unlikely(nx >= 1U<<26) )
527 {
528 SHADOW_PRINTK("shadow ref overflow, gmfn=%" PRtype_info " smfn=%lx\n",
529 sp->backpointer, mfn_x(smfn));
530 return 0;
531 }
533 /* Guarded by the shadow lock, so no need for atomic update */
534 sp->count = nx;
536 /* We remember the first shadow entry that points to each shadow. */
537 if ( entry_pa != 0
538 && !sh_type_is_pinnable(v, sp->type)
539 && sp->up == 0 )
540 sp->up = entry_pa;
542 return 1;
543 }
546 /* Decrease the refcount of a shadow page. As for get_ref, takes the
547 * physical address of the shadow entry that held this reference. */
548 static inline void sh_put_ref(struct vcpu *v, mfn_t smfn, paddr_t entry_pa)
549 {
550 u32 x, nx;
551 struct shadow_page_info *sp = mfn_to_shadow_page(smfn);
553 ASSERT(mfn_valid(smfn));
554 ASSERT(sp->mbz == 0);
556 /* If this is the entry in the up-pointer, remove it */
557 if ( entry_pa != 0
558 && !sh_type_is_pinnable(v, sp->type)
559 && sp->up == entry_pa )
560 sp->up = 0;
562 x = sp->count;
563 nx = x - 1;
565 if ( unlikely(x == 0) )
566 {
567 SHADOW_ERROR("shadow ref underflow, smfn=%lx oc=%08x t=%#x\n",
568 mfn_x(smfn), sp->count, sp->type);
569 BUG();
570 }
572 /* Guarded by the shadow lock, so no need for atomic update */
573 sp->count = nx;
575 if ( unlikely(nx == 0) )
576 sh_destroy_shadow(v, smfn);
577 }
580 /* Pin a shadow page: take an extra refcount, set the pin bit,
581 * and put the shadow at the head of the list of pinned shadows.
582 * Returns 0 for failure, 1 for success. */
583 static inline int sh_pin(struct vcpu *v, mfn_t smfn)
584 {
585 struct shadow_page_info *sp;
587 ASSERT(mfn_valid(smfn));
588 sp = mfn_to_shadow_page(smfn);
589 ASSERT(sh_type_is_pinnable(v, sp->type));
590 if ( sp->pinned )
591 {
592 /* Already pinned: take it out of the pinned-list so it can go
593 * at the front */
594 list_del(&sp->list);
595 }
596 else
597 {
598 /* Not pinned: pin it! */
599 if ( !sh_get_ref(v, smfn, 0) )
600 return 0;
601 sp->pinned = 1;
602 }
603 /* Put it at the head of the list of pinned shadows */
604 list_add(&sp->list, &v->domain->arch.paging.shadow.pinned_shadows);
605 return 1;
606 }
608 /* Unpin a shadow page: unset the pin bit, take the shadow off the list
609 * of pinned shadows, and release the extra ref. */
610 static inline void sh_unpin(struct vcpu *v, mfn_t smfn)
611 {
612 struct shadow_page_info *sp;
614 ASSERT(mfn_valid(smfn));
615 sp = mfn_to_shadow_page(smfn);
616 ASSERT(sh_type_is_pinnable(v, sp->type));
617 if ( sp->pinned )
618 {
619 sp->pinned = 0;
620 list_del(&sp->list);
621 sp->up = 0; /* in case this stops being a pinnable type in future */
622 sh_put_ref(v, smfn, 0);
623 }
624 }
627 /**************************************************************************/
628 /* PTE-write emulation. */
630 struct sh_emulate_ctxt {
631 struct x86_emulate_ctxt ctxt;
633 /* Cache of up to 31 bytes of instruction. */
634 uint8_t insn_buf[31];
635 uint8_t insn_buf_bytes;
636 unsigned long insn_buf_eip;
638 /* Cache of segment registers already gathered for this emulation. */
639 unsigned int valid_seg_regs;
640 struct segment_register seg_reg[6];
642 /* MFNs being written to in write/cmpxchg callbacks */
643 mfn_t mfn1, mfn2;
645 #if (SHADOW_OPTIMIZATIONS & SHOPT_SKIP_VERIFY)
646 /* Special case for avoiding having to verify writes: remember
647 * whether the old value had its low bit (_PAGE_PRESENT) clear. */
648 int low_bit_was_clear:1;
649 #endif
650 };
652 struct x86_emulate_ops *shadow_init_emulation(
653 struct sh_emulate_ctxt *sh_ctxt, struct cpu_user_regs *regs);
654 void shadow_continue_emulation(
655 struct sh_emulate_ctxt *sh_ctxt, struct cpu_user_regs *regs);
656 struct segment_register *hvm_get_seg_reg(
657 enum x86_segment seg, struct sh_emulate_ctxt *sh_ctxt);
659 #if (SHADOW_OPTIMIZATIONS & SHOPT_VIRTUAL_TLB)
660 /**************************************************************************/
661 /* Virtual TLB entries
662 *
663 * We keep a cache of virtual-to-physical translations that we have seen
664 * since the last TLB flush. This is safe to use for frame translations,
665 * but callers need to re-check the actual guest tables if the lookup fails.
666 *
667 * Lookups and updates are protected by a per-vTLB (and hence per-vcpu)
668 * lock. This lock is held *only* while reading or writing the table,
669 * so it is safe to take in any non-interrupt context. Most lookups
670 * happen with v==current, so we expect contention to be low.
671 */
673 #define VTLB_ENTRIES 13
675 struct shadow_vtlb {
676 unsigned long page_number; /* Guest virtual address >> PAGE_SHIFT */
677 unsigned long frame_number; /* Guest physical address >> PAGE_SHIFT */
678 uint32_t pfec; /* PF error code of the lookup that filled this
679 * entry. A pfec of zero means the slot is empty
680 * (since that would require us to re-try anyway) */
681 };
683 /* Call whenever the guest flushes hit actual TLB */
684 static inline void vtlb_flush(struct vcpu *v)
685 {
686 spin_lock(&v->arch.paging.vtlb_lock);
687 memset(v->arch.paging.vtlb, 0, VTLB_ENTRIES * sizeof (struct shadow_vtlb));
688 spin_unlock(&v->arch.paging.vtlb_lock);
689 }
691 static inline int vtlb_hash(unsigned long page_number)
692 {
693 return page_number % VTLB_ENTRIES;
694 }
696 /* Put a translation into the vTLB, potentially clobbering an old one */
697 static inline void vtlb_insert(struct vcpu *v, unsigned long page,
698 unsigned long frame, uint32_t pfec)
699 {
700 struct shadow_vtlb entry =
701 { .page_number = page, .frame_number = frame, .pfec = pfec };
702 spin_lock(&v->arch.paging.vtlb_lock);
703 v->arch.paging.vtlb[vtlb_hash(page)] = entry;
704 spin_unlock(&v->arch.paging.vtlb_lock);
705 }
707 /* Look a translation up in the vTLB. Returns INVALID_GFN if not found. */
708 static inline unsigned long vtlb_lookup(struct vcpu *v,
709 unsigned long va, uint32_t pfec)
710 {
711 unsigned long page_number = va >> PAGE_SHIFT;
712 unsigned long frame_number = INVALID_GFN;
713 int i = vtlb_hash(page_number);
715 spin_lock(&v->arch.paging.vtlb_lock);
716 if ( v->arch.paging.vtlb[i].pfec != 0
717 && v->arch.paging.vtlb[i].page_number == page_number
718 /* Any successful walk that had at least these pfec bits is OK */
719 && (v->arch.paging.vtlb[i].pfec & pfec) == pfec )
720 {
721 frame_number = v->arch.paging.vtlb[i].frame_number;
722 }
723 spin_unlock(&v->arch.paging.vtlb_lock);
724 return frame_number;
725 }
726 #endif /* (SHADOW_OPTIMIZATIONS & SHOPT_VIRTUAL_TLB) */
729 #endif /* _XEN_SHADOW_PRIVATE_H */
731 /*
732 * Local variables:
733 * mode: C
734 * c-set-style: "BSD"
735 * c-basic-offset: 4
736 * indent-tabs-mode: nil
737 * End:
738 */