WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] shadow2 corrupting PV guest state

from [Doi . Tsunehisa] [Permanent Link][Original]
To: Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>
Subject: Re: [Xen-devel] shadow2 corrupting PV guest state
From: Doi.Tsunehisa@xxxxxxxxxxxxxx
Date: Mon, 23 Oct 2006 20:21:12 +0900
Cc: Jeremy Fitzhardinge <jeremy@xxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>, Chris Wright <chrisw@xxxxxxxxxxxx>, Michael A Fetterman <Michael.Fetterman@xxxxxxxxxxxx>, Doi.Tsunehisa@xxxxxxxxxxxxxx
Delivery-date: Mon, 23 Oct 2006 04:22:26 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: Your message of Mon, 23 Oct 2006 11:26:34 +0100. <20061023102634.GC8271@xxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <453020EE.4080603@xxxxxxxx> <200610230545.k9N5jWF05122@xxxxxxxxxxxxxxxxxxxxxxxxxxx><20061023102634.GC8271@xxxxxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
  Hi,

You (Tim.Deegan) said:
>>   Basically, the referencee should not be released during to exist the
>> referencer, I think.
>> 
>>   In domain_kill phase, domain_relinquish_resource releases a memory
>> of destroying domain. So, the memory may use other domain. But, P2M
>> table of the domain exists, then the memory might be corrupted by
>> gnttab_copy.
>> 
>>   In __gnttab_copy code, it will avoid to corrupt a memory that was
>> used in destroying domain with __acquire_grant_for_copy and get_page.
>> But, I think that it has atomicity issue of owner.
> 
> Are you worried about a race where the foreign domain is destroyed and
> another domain created, with the same struct domain pointer, and which
> owns the same frame, between the __acquire_grant_for_copy() and the
> get_page()?

  No, I'm worried that two domains use with same page frame.

  The released pages can be used by new domain, but old domain sturct
exists between domain_kill and domain_destroy.

> Earlier in __gnttab_copy, we call find_domain_by_id() on the foreign
> domain, which calls get_domain(), so we're safe from that.

  I suppose that find_domain_by_id doesn't ensure not to be used by
both domains.

Thanks,
- Tsunehisa Doi

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] Create command fail if giving an empty disk file path, such as ', hdc:cdrom, r', Keir Fraser
Next by Date:  RE: [Xen-devel] [patch] Add support for barriers to blk{back, front} drivers., Ian Pratt
Previous by Thread:  Re: [Xen-devel] shadow2 corrupting PV guest state, Tim Deegan
Next by Thread:  Re: [Xen-devel] shadow2 corrupting PV guest state, Tim Deegan
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy