xen-devel

[Top] [All Lists]

[Xen-devel] [PATCH] Fix 2-on-3 shadow mode.

from [Gianluca Guida]

[Permanent Link][Original]

To:	"xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject:	[Xen-devel] [PATCH] Fix 2-on-3 shadow mode.
From:	Gianluca Guida <gianluca.guida@xxxxxxxxxxxxx>
Date:	Tue, 17 Mar 2009 13:16:36 +0000
Cc:	Keir Fraser <keir.fraser@xxxxxxxxxxxxx>, Christian Limpach <Christian.Limpach@xxxxxxxxxxxxx>
Delivery-date:	Tue, 17 Mar 2009 06:30:00 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent:	Mozilla-Thunderbird 2.0.0.9 (X11/20080110)

A wrong #ifdef in multi.c may cause memory corruption in some 32 bit HVMguests.

This patch fixes it, and should be applied hopefully to xen-3.3 andunstable.


Thanks,
Gianluca

diff -r 587e81dd3540 xen/arch/x86/mm/shadow/multi.c
--- a/xen/arch/x86/mm/shadow/multi.c    Mon Mar 02 14:19:35 2009 +0000
+++ b/xen/arch/x86/mm/shadow/multi.c    Tue Mar 17 13:11:46 2009 +0000
@@ -2753,14 +2753,13 @@ int sh_safe_not_to_sync(struct vcpu *v, 
         return 0;
     smfn = _mfn(sp->up >> PAGE_SHIFT);
     ASSERT(mfn_valid(smfn));
-
-#if (GUEST_PAGING_LEVELS == 2)
+#endif
+
+#if (GUEST_PAGING_LEVELS == 2 && SHADOW_PAGING_LEVELS == 3)
     /* In 2-on-3 shadow mode the up pointer contains the link to the
      * shadow page, but the shadow_table contains only the first of the
      * four pages that makes the PAE top shadow tables. */
     smfn = _mfn(mfn_x(smfn) & ~0x3UL);
-#endif
-
 #endif
 
     if ( pagetable_get_pfn(v->arch.shadow_table[0]) == mfn_x(smfn)

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-devel] [PATCH] Fix 2-on-3 shadow mode., Gianluca Guida <=

Previous by Date:	Re: [Xen-devel] Xen unstable crash, Keir Fraser
Next by Date:	Re: [Xen-devel] Re: 2.6.28.7 domU: 32-bit emulation seems to be broken, Sven Köhler
Previous by Thread:	[Xen-devel] stubdom build broken?, Rolf Neugebauer
Next by Thread:	[Xen-devel] blktap kernel module accessing freed memory?, Jan Beulich
Indexes:	[Date] [Thread] [Top] [All Lists]