[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen master] libxc: don't populate same pfn more than once in populate_pfns

commit e8e9f830dc46ea2bad6919af1fdffc136dfb3aeb
Author:     Wei Liu <wei.liu2@xxxxxxxxxx>
AuthorDate: Sun Sep 6 21:05:38 2015 +0100
Commit:     Ian Campbell <ian.campbell@xxxxxxxxxx>
CommitDate: Mon Sep 7 11:54:30 2015 +0100

    libxc: don't populate same pfn more than once in populate_pfns
    
    The original implementation of populate_pfns didn't consider the same
    pfn can be present multiple times in the array. The mechanism to prevent
    populating the same pfn multiple times only worked if the recurring pfn
    appeared in different batches.
    
    This bug is discovered by Linux 4.1 32 bit kernel save / restore test,
    which has several ptes pointing to same pfn, which results in an array
    containing recurring pfn.  When libxc called x86_pv_localise_page, the
    original implementation would populate the same pfn more than once.
    
    The fix is to set bit in populated bitmap as we generate list of pfns to
    be populated.
    
    Signed-off-by: Wei Liu <wei.liu2@xxxxxxxxxx>
    Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
---
 tools/libxc/xc_sr_restore.c |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tools/libxc/xc_sr_restore.c b/tools/libxc/xc_sr_restore.c
index df885b6..924dd55 100644
--- a/tools/libxc/xc_sr_restore.c
+++ b/tools/libxc/xc_sr_restore.c
@@ -214,6 +214,9 @@ int populate_pfns(struct xc_sr_context *ctx, unsigned count,
                           types[i] != XEN_DOMCTL_PFINFO_BROKEN))) &&
              !pfn_is_populated(ctx, original_pfns[i]) )
         {
+            rc = pfn_set_populated(ctx, original_pfns[i]);
+            if ( rc )
+                goto err;
             pfns[nr_pfns] = mfns[nr_pfns] = original_pfns[i];
             ++nr_pfns;
         }
@@ -238,9 +241,6 @@ int populate_pfns(struct xc_sr_context *ctx, unsigned count,
                 goto err;
             }
 
-            rc = pfn_set_populated(ctx, pfns[i]);
-            if ( rc )
-                goto err;
             ctx->restore.ops.set_gfn(ctx, pfns[i], mfns[i]);
         }
     }
--
generated by git-patchbot for /home/xen/git/xen.git#master

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.