|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen master] ARINC653: fix NULL pointer dereference in free_vdata
commit 77b590e41517c7409ab841238683e861acc528dd
Author: Nathan Studer <nate.studer@xxxxxxxxxxxxxxx>
AuthorDate: Mon Nov 4 16:21:11 2013 +0100
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Mon Nov 4 16:21:11 2013 +0100
ARINC653: fix NULL pointer dereference in free_vdata
The ARINC653 scheduler alloc_vdata function does not add the
idle cpu to its internal vcpu_list, but when the free_vdata
function is called, the scheduler attempted to remove the vcpu
from its internal vcpu_list, regardless of whether or not
the vcpu was the idle vcpu. Since the idle vcpu's list field
was never initialized, a NULL pointer was passed to list_del.
When using cpupools, this resulted in a crash when moving a cpu
from an arinc653 scheduler pool.
Signed-off-by: Nathan Studer <nate.studer@xxxxxxxxxxxxxxx>
Acked-by: George Dunlap <george.dunlap@xxxxxxxxxxxxx>
Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
---
xen/common/sched_arinc653.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/xen/common/sched_arinc653.c b/xen/common/sched_arinc653.c
index e5a423f..7b7b387 100644
--- a/xen/common/sched_arinc653.c
+++ b/xen/common/sched_arinc653.c
@@ -418,7 +418,9 @@ a653sched_free_vdata(const struct scheduler *ops, void
*priv)
if (av == NULL)
return;
- list_del(&av->list);
+ if ( !is_idle_vcpu(av->vc) )
+ list_del(&av->list);
+
xfree(av);
update_schedule_vcpus(ops);
}
--
generated by git-patchbot for /home/xen/git/xen.git#master
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |