# HG changeset patch
# User kaf24@xxxxxxxxxxxxxxxxxxxx
# Node ID ec1e371ec3208f771595da6c82baae4cd9a441f5
# Parent 86062ecef2941a742ec7634c7c1056d8ac7399f5
[HVM] Fix shadow mode to not corrupt frame 0's page_info struct.
Signed-off-by: Jun Nakajima <jun.nakajima@xxxxxxxxx>
---
xen/arch/x86/shadow.c | 3 ++-
xen/arch/x86/shadow32.c | 3 ++-
xen/include/asm-x86/shadow.h | 12 +++++++++---
3 files changed, 13 insertions(+), 5 deletions(-)
diff -r 86062ecef294 -r ec1e371ec320 xen/arch/x86/shadow.c
--- a/xen/arch/x86/shadow.c Wed May 31 07:23:54 2006 +0100
+++ b/xen/arch/x86/shadow.c Wed May 31 07:25:59 2006 +0100
@@ -1724,7 +1724,8 @@ static int resync_all(struct domain *d,
unshadow_l1 = 1;
else {
need_flush |= error;
- set_guest_back_ptr(d, *sl1e_p, smfn, i);
+ if ( l1e_get_flags(*sl1e_p) & _PAGE_PRESENT )
+ set_guest_back_ptr(d, *sl1e_p, smfn, i);
}
// can't update snapshots of linear page tables -- they
// are used multiple times...
diff -r 86062ecef294 -r ec1e371ec320 xen/arch/x86/shadow32.c
--- a/xen/arch/x86/shadow32.c Wed May 31 07:23:54 2006 +0100
+++ b/xen/arch/x86/shadow32.c Wed May 31 07:25:59 2006 +0100
@@ -2691,7 +2691,8 @@ static int resync_all(struct domain *d,
unshadow_l1 = 1;
else {
need_flush |= error;
- set_guest_back_ptr(d, shadow1[i], smfn, i);
+ if ( l1e_get_flags(shadow1[i]) & _PAGE_PRESENT )
+ set_guest_back_ptr(d, shadow1[i], smfn, i);
}
// can't update snapshots of linear page tables -- they
diff -r 86062ecef294 -r ec1e371ec320 xen/include/asm-x86/shadow.h
--- a/xen/include/asm-x86/shadow.h Wed May 31 07:23:54 2006 +0100
+++ b/xen/include/asm-x86/shadow.h Wed May 31 07:25:59 2006 +0100
@@ -762,10 +762,16 @@ static inline void set_guest_back_ptr(
unsigned long gmfn;
ASSERT(shadow_lock_is_acquired(d));
+ ASSERT( smfn );
gmfn = l1e_get_pfn(spte);
- mfn_to_page(gmfn)->tlbflush_timestamp = smfn;
- mfn_to_page(gmfn)->u.inuse.type_info &= ~PGT_va_mask;
- mfn_to_page(gmfn)->u.inuse.type_info |= (unsigned long) index <<
PGT_va_shift;
+ ASSERT( gmfn );
+ if ( l1e_get_flags(spte) & _PAGE_RW )
+ {
+ mfn_to_page(gmfn)->tlbflush_timestamp = smfn;
+ mfn_to_page(gmfn)->u.inuse.type_info &= ~PGT_va_mask;
+ mfn_to_page(gmfn)->u.inuse.type_info |=
+ (unsigned long) index << PGT_va_shift;
+ }
}
}
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|