WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [PATCH] x86 shadow: fix race when domain is dying

from [Kouya Shimura] [Permanent Link][Original]
To: Tim Deegan <Tim.Deegan@xxxxxxxxxx>, Keir Fraser <keir.fraser@xxxxxxxxxxxxx>
Subject: Re: [Xen-devel] [PATCH] x86 shadow: fix race when domain is dying
From: Kouya Shimura <kouya@xxxxxxxxxxxxxx>
Date: Fri, 27 Nov 2009 10:22:11 +0900
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Thu, 26 Nov 2009 17:22:40 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20091126110746.GF14284@xxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <7kvdgxya1h.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxx> <20091126110746.GF14284@xxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
Hi Tim,

Thanks for correcting this. Indeed my patch is unsafe.

Keir,
This is serious. I think c/s 20508 should be applied to xen-3.4 too.
Actually I met this for the first time in xen-3.4.

Thanks,
Kouya

Tim Deegan writes:
> Hi,
> 
> At 08:17 +0000 on 26 Nov (1259223466), Kouya Shimura wrote:
> > There are some cases that shadow_write_p2m_entry() is called after
> > the domain is killed. It causes Xen to crash.
> 
> Thanks for catching this!  I'm afraid your fix opens a different race
> window, though: any p2m operation that happens after d->is_dying is set
> but before p2m_teardown() will corrupt the p2m (because the entry
> wouldn't actually get written).  If it also happens before
> shadow_teardown() it could break the invariants of the shadow
> pagetables, possibly causing a crash when shadow_teardown() is reached.
> 
> The right fix is to test for whether shadow_teardown() has been called,
> and if so, call safe_write_entry() without trying to fix up the shadows.
> I've attached a patch.
> 
> Cheers,
> 
> Tim.
> 
> -- 
> Tim Deegan <Tim.Deegan@xxxxxxxxxx>
> Principal Software Engineer, Citrix Systems (R&D) Ltd.
> [Company #02300071, SL9 0DZ, UK.]

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] compile error in xen-unstable, Simon Horman
Next by Date:  [Xen-devel] RE: (v)MCE# injection, Jiang, Yunhong
Previous by Thread:  Re: [Xen-devel] [PATCH] x86 shadow: fix race when domain is dying, Tim Deegan
Next by Thread:  [Xen-devel] (v)MCE# injection, Jan Beulich
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy