[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Xen-devel] a question of drop_other_mm_ref
- To: xen devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
- From: MaoXiaoyun <tinnycloud@xxxxxxxxxxx>
- Date: Mon, 25 Apr 2011 15:20:12 +0800
- Delivery-date: Mon, 25 Apr 2011 00:22:08 -0700
- Importance: Normal
- List-id: Xen developer discussion <xen-devel.lists.xensource.com>
Hi:
I have a question on drop_other_mm_ref.
Say another CPU B send IPI message to invalid a process P'mm, also CPU A holds
P'mm, and in userspace, TLBstate is TLBSTATE_OK that is CPU A' active_mm = P'mm.
When A receive B's IPI message, line 1512 is true, thus will cause BUG() in leave_mm().
Am I right? It looks like 1512 needs to change to
if ((active_mm == mm) && !mm) to allow only kernel thread can enter leave_mm.
Any comments?
1502 #ifdef CONFIG_SMP 1503 /* Another cpu may still have their %cr3 pointing at the pagetable, so 1504 we need to repoint it somewhere else before we can unpin it. */ 1505 static void drop_other_mm_ref(void *info) 1506 { 1507 struct mm_struct *mm = info; 1508 struct mm_struct *active_mm; 1509 1510 active_mm = percpu_read(cpu_tlbstate.active_mm); 1511 1512 if (active_mm == mm) &nb
sp; 1513 leave_mm(smp_processor_id()); 1514 1515 /* If this cpu still has a stale cr3 reference, then make sure 1516 it has been flushed. */ 1517 if (percpu_read(xen_current_cr3) == __pa(mm->pgd)) 1518 load_cr3(swapper_pg_dir); 1519 } 1520
|
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|