|
|
|
|
|
|
|
|
|
|
xen-devel
RE: [Xen-devel] [HVM]A possible mov_to_cr3 bug
>From: Tim Deegan [mailto:Tim.Deegan@xxxxxxxxxxxxx]
>Sent: 2006年11月28日 17:43
>
>Hi,
>
>At 17:25 +0800 on 28 Nov (1164734703), Tian, Kevin wrote:
>> However the logic within shadow_update_cr3() doesn't ensure this,
>> which will sh_put_ref old shadow. Normally l4 shadow page is pinned
>> and thus with refcount as 2. So above sh_put_ref doesn't free this
>> shadow page, and the original one will be re-chosed immediately.
>>
>> This is the normal case, however it doesn't hold true once
>> shadow_prealloc is invoked before this update.
>
>Yes; that's a bug in sh_set_toplevel_shadow(), since we don't want to
>accidentally unshadow an entire process. I've fixed it to take the ref
>on the new contents before putting the ref on the old.
>
>Thanks,
>
>Tim.
Yes, that's a clean fix. Thanks for doing this.
Thanks,
Kevin
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
|
|