|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] x86 shadow: fix race when domain is dying
Hi Tim, Thanks for correcting this. Indeed my patch is unsafe. Keir, This is serious. I think c/s 20508 should be applied to xen-3.4 too. Actually I met this for the first time in xen-3.4. Thanks, Kouya Tim Deegan writes: > Hi, > > At 08:17 +0000 on 26 Nov (1259223466), Kouya Shimura wrote: > > There are some cases that shadow_write_p2m_entry() is called after > > the domain is killed. It causes Xen to crash. > > Thanks for catching this! I'm afraid your fix opens a different race > window, though: any p2m operation that happens after d->is_dying is set > but before p2m_teardown() will corrupt the p2m (because the entry > wouldn't actually get written). If it also happens before > shadow_teardown() it could break the invariants of the shadow > pagetables, possibly causing a crash when shadow_teardown() is reached. > > The right fix is to test for whether shadow_teardown() has been called, > and if so, call safe_write_entry() without trying to fix up the shadows. > I've attached a patch. > > Cheers, > > Tim. > > -- > Tim Deegan <Tim.Deegan@xxxxxxxxxx> > Principal Software Engineer, Citrix Systems (R&D) Ltd. > [Company #02300071, SL9 0DZ, UK.] _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |