Xen project Mailing List

[PATCH] xen: fix broken tainted value in mark_page_free

To: <xen-devel@xxxxxxxxxxxxxxxxxxxx>, <sstabellini@xxxxxxxxxx>, <julien@xxxxxxx>, <jbeulich@xxxxxxxx>

From: Penny Zheng <penny.zheng@xxxxxxx>

Date: Wed, 22 Sep 2021 11:44:32 +0000

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 40.67.248.234) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=none (message not signed); arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=lOVPuq3M+VKdkPUXWM5c9CrS27QS5LinUmI4Pl5ZKhw=; b=mgY7pRP4OXXqrVnv8BbOUENB26vfRNfk2eH12XlkpAVVOkW0hdH5RhC5ks3IaLSgTdh7YecwCRe+biM33rFcm0IukFT46g7pkzUgrwKd63B7CsDUuu54gE2K1ntPaLqdv5j7KmVgE/n1whtusCi1u249ifQuw5ZieaNovtVZcupeYmlsGdXIcd9hOiKCl+ZOkGKCioXIzxsiyBVPdqVEv7SZd5FLf4wQqT4tHqvQQyVxes92Omo4gACZD2MivwhOGy2fwWDAQRsV3h1iWURDtRwAv5tExqyJg0FoQ2BPRbZ+2SjFoHW/e9gRgk92Cv43ap59iAxRl7kfvh2SYJezpg==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=McIOSh/HJv1dPUE9Gia0VkU5oLfDo2qKfJZqQug8N0smaRkmM18BSykyfM4vSPsiy2Hjhxvq79oZYxkyW7OQAByeeA0Hr6kSdIAZxZJ5MJCC+iB5sbsYLd1Mg7ZLEdKu7mAn3n7g803zbj7PVZfls9POMqJSO+/jJ1coFE/qjSJxwt0K6du7l2fa2hnYyMzKG6i/+sU/bh/HmbpmiCvC1QGXm3mBapW4y1dfwpoKdJqfK4S3/tw4bLaOUI+rDBbOhdZu4HeCRIlbKQduQ84r84SPY+7RTcOOOEaAbX67o2w6NMAJ4PAt6bq8FQDgyvOpcM5TST9m42JKQUk1i2gyXQ==

Cc: <Bertrand.Marquis@xxxxxxx>, <Wei.Chen@xxxxxxx>

Delivery-date: Wed, 22 Sep 2021 11:45:19 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Nodisclaimer: true

Commit 540a637c3410780b519fc055f432afe271f642f8 defines a new helper mark_page_free to extract common codes, while it accidently breaks the local variable "tainted". This patch fix it by letting mark_page_free() return bool of whether the page is offlined and rename local variable "tainted" to "pg_offlined". Coverity ID: 1491872 Fixes: 540a637c3410780b519fc055f432afe271f642f8 Signed-off-by: Penny Zheng <penny.zheng@xxxxxxx> --- v2 changes: - rename local variable "tainted" to "pg_offlined", and make it bool --- xen/common/page_alloc.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/xen/common/page_alloc.c b/xen/common/page_alloc.c index 6142c7bb6a..5801358b4b 100644 --- a/xen/common/page_alloc.c +++ b/xen/common/page_alloc.c @@ -1380,8 +1380,10 @@ bool scrub_free_pages(void) return node_to_scrub(false) != NUMA_NO_NODE; } -static void mark_page_free(struct page_info *pg, mfn_t mfn) +static bool mark_page_free(struct page_info *pg, mfn_t mfn) { + bool pg_offlined = false; + ASSERT(mfn_x(mfn) == mfn_x(page_to_mfn(pg))); /* @@ -1405,7 +1407,7 @@ static void mark_page_free(struct page_info *pg, mfn_t mfn) case PGC_state_offlining: pg->count_info = (pg->count_info & PGC_broken) | PGC_state_offlined; - tainted = 1; + pg_offlined = true; break; default: @@ -1425,6 +1427,8 @@ static void mark_page_free(struct page_info *pg, mfn_t mfn) /* This page is not a guest frame any more. */ page_set_owner(pg, NULL); /* set_gpfn_from_mfn snoops pg owner */ set_gpfn_from_mfn(mfn_x(mfn), INVALID_M2P_ENTRY); + + return pg_offlined; } /* Free 2^@order set of pages. */ @@ -1433,7 +1437,7 @@ static void free_heap_pages( { unsigned long mask; mfn_t mfn = page_to_mfn(pg); - unsigned int i, node = phys_to_nid(mfn_to_maddr(mfn)), tainted = 0; + unsigned int i, node = phys_to_nid(mfn_to_maddr(mfn)), pg_offlined = 0; unsigned int zone = page_to_zone(pg); ASSERT(order <= MAX_ORDER); @@ -1443,7 +1447,8 @@ static void free_heap_pages( for ( i = 0; i < (1 << order); i++ ) { - mark_page_free(&pg[i], mfn_add(mfn, i)); + if ( mark_page_free(&pg[i], mfn_add(mfn, i)) ) + pg_offlined = 1; if ( need_scrub ) { @@ -1517,7 +1522,7 @@ static void free_heap_pages( page_list_add_scrub(pg, node, zone, order, pg->u.free.first_dirty); - if ( tainted ) + if ( pg_offlined ) reserve_offlined_page(pg); spin_unlock(&heap_lock); -- 2.25.1

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.