WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] [PATCH] x86-32/pod: fix map_domain_page() leak

from [Jan Beulich] [Permanent Link][Original]
To: <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] [PATCH] x86-32/pod: fix map_domain_page() leak
From: "Jan Beulich" <JBeulich@xxxxxxxxxx>
Date: Wed, 09 Dec 2009 10:08:05 +0000
Delivery-date: Wed, 09 Dec 2009 02:08:59 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
The 'continue' in the if() part of the conditional at the end of
p2m_pod_zero_check() was causing this, but there also really is no
point in retaining the mapping after having checked page contents,
so fix it both ways. Additionally there is no point in updating
map[] at this point anymore.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx>

--- 2009-11-30.orig/xen/arch/x86/mm/p2m.c       2009-11-26 13:58:20.000000000 
+0100
+++ 2009-11-30/xen/arch/x86/mm/p2m.c    2009-12-09 10:56:02.000000000 +0100
@@ -898,12 +898,13 @@ p2m_pod_zero_check(struct domain *d, uns
             if( *(map[i]+j) != 0 )
                 break;
 
+        unmap_domain_page(map[i]);
+
         /* See comment in p2m_pod_zero_check_superpage() re gnttab
          * check timing.  */
         if ( j < PAGE_SIZE/sizeof(*map[i]) )
         {
             set_p2m_entry(d, gfns[i], mfns[i], 0, types[i]);
-            continue;
         }
         else
         {
@@ -911,9 +912,6 @@ p2m_pod_zero_check(struct domain *d, uns
             p2m_pod_cache_add(d, mfn_to_page(mfns[i]), 0);
             d->arch.p2m->pod.entry_count++;
         }
-
-        unmap_domain_page(map[i]);
-        map[i] = NULL;
     }
     
 }

Attachment: xen-x86-p2m-pod-map-leak.patch
Description: Text document

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] [PATCH] x86-32/pod: fix map_domain_page() leak, Jan Beulich <=
Previous by Date:  [Xen-devel] Re: is the xen toolstack backwards compatible ?, Christoph Egger
Next by Date:  Re: [Xen-devel] [PATCH] PoD: appropriate BUG_ON when domain is dying, Keir Fraser
Previous by Thread:  [Xen-devel] [PATCH 4] HVM vcpu add/remove: qemu addtional logic, Liu, Jinsong
Next by Thread:  [Xen-devel] Re: [PATCH 2] HVM vcpu add/remove: setup dsdt and madt infrastructure for vcpu add/remove, Keir Fraser
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy