[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] fix BUG in gnttab_unpopulate_status_frames()

  • To: Paul Durrant <paul.durrant@xxxxxxxxxx>
  • From: Jan Beulich <JBeulich@xxxxxxxx>
  • Date: Fri, 2 Aug 2019 14:44:03 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=suse.com;dmarc=pass action=none header.from=suse.com;dkim=pass header.d=suse.com;arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=urzbp8ybDTIqPAHpPgFzqz7hmKaO9QXrS6RXuoo6GOs=; b=kN55xmA0pXkeCfAQlPK1Y9XYORaw/BZpSQGh1GNhGkxNsV9QkWzW9Ynf78F7EzB+1h23Mynx/RtXyL1DvMSjvF7HRjxiYVeAurSwc5iWQ48pTHgVVxx9EreOq7+8NA7JxSaQ/Mql6v1i4yDRN5itzQYesi4Vb5a0cKlyqlBtUM8/Dc6esoGI2FoSv1ZgIF9QDWs03Jum3RnG/Fnoe8o9xktrnRIG67mSp5mFajVHmWvBjrbc2QT9F/vkzFEyGoYQoXAjCUzCmjXvkQ/12a1kpHwlWwM3q91m8kVG8hBV1/PeWDHyRhXAoC9ePXszp52ypMea9IwFr/vMqJZMXfVsnw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fnLr8xEzZS2LsIlkxCEyeDfTqtFKUuXNkE9Nh8VNQLmXkcaDOKPTyR0/lxk9C85X5/uvJ+cSES1V9vCmQYmR8edKgOKYmX8Vx1NohefA+YzJyexxtR7ze4WE8Utb+3rdUhud5L3cEO8OKa9xqqkE8zudeobTj0IIK1es5ZbUYEzFo6YJLhN4i/1JtCcewH+RpVQB1RbcU+GvGWrvoyHM7TWbSh7GBdc+poxK7JhS4wkiWLkilViI8g3w123u52UyTffd2KEiCSCyMUZZW3hb5absrJ5ktQciJnzNkN88b5An7f55YDuCODzInptuIV/sjbD5WKhWcC/Zni/8hy5VIA==
  • Authentication-results: spf=none (sender IP is ) smtp.mailfrom=JBeulich@xxxxxxxx;
  • Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, TimDeegan <tim@xxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Fri, 02 Aug 2019 14:48:58 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHVRvYU53mQ2TT1206aIElM8FExd6bn84QA
  • Thread-topic: [PATCH] fix BUG in gnttab_unpopulate_status_frames()
On 30.07.2019 18:44, Paul Durrant wrote:
> --- a/xen/common/grant_table.c
> +++ b/xen/common/grant_table.c
> @@ -1682,6 +1682,14 @@ gnttab_unpopulate_status_frames(struct domain *d, 
> struct grant_table *gt)
>           struct page_info *pg = virt_to_page(gt->status[i]);
>           gfn_t gfn = gnttab_get_frame_gfn(gt, true, i);
>   
> +        if ( !get_page(pg, d) )
> +        {
> +            gprintk(XENLOG_ERR,
> +                    "Could not get a reference to status frame %u\n", i);
> +            domain_crash(d);
> +            return -EINVAL;
> +        }
> +
>           /*
>            * For translated domains, recovering from failure after partial
>            * changes were made is more complicated than it seems worth
> @@ -1708,6 +1716,7 @@ gnttab_unpopulate_status_frames(struct domain *d, 
> struct grant_table *gt)
>   
>           BUG_ON(page_get_owner(pg) != d);
>           put_page_alloc_ref(pg);
> +        put_page(pg);
>   
>           if ( pg->count_info & ~PGC_xen_heap )
>           {
> 

I dislike this approach, and not chosing the alternative of excluding
xenheap pages in the check in put_page_alloc_ref() (as I had recommended
elsewhere) should at least be discussed in the description. It is the
very nature of xenheap pages that they won't get freed, and hence don't
need this extra ref to be held for clearing PGC_allocated.

Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.