[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] Grant table: fix a bug when grant copying a previous grant mapped page.

# HG changeset patch
# User Wei Liu <wei.liu2@xxxxxxxxxx>
# Date 1330523387 0
# Node ID be6bd7febd33d5dd21cbbeb180e6907cd6038a77
# Parent  a43eeaedf61ccaf269d0823ea80d3dfa8157cc63
Grant table: fix a bug when grant copying a previous grant mapped page.

In grant table version 2, when we create a non-transitive mapping from
DomU to Dom0, we need to set active entry's trans_domain and trans_ref.
Otherwise when we grant copy from this previous mapped ref, preemption
count will get messed up.

Considering following scenario, src_gref is already grant mapped
(act->pin != 0) in Dom0 and it is not transitive.

__gnttab_copy(src_gref,dst_gref)
{
  __acquire_grant_for_copy(src_gref)
  __acquire_grant_for_copy(dst_gref)
  ...copy...
  __release_grant_for_copy(src_gref)
  __release_grant_for_cooy(dst_gref)
}

__acquire_grant_for_copy(rd,gref)
{
  act <- get active entry for gref
  if (!act->pin) {
    check stuff for transitive grant
    if (!act->pin) {
      set fields in act
    }
  } else {
    set owning_domain
  }
}

__release_grant_for_copy(rd,gref)
{
  act <- get active entry for gref
  if (grant table version is 1) {
    use v1 stuff
  } else {
    td = act->trans_domain
    trans_gref = act->trans_gref
  }
  if (td != rd) {
    recursively release grant
    rcu_unlock_domain(td)
  }
}

If we don't set trans_domain when creating mapping, in the release path
td = act->trans_domain, in which case it is NULL, will screw up preemption
count with rcu_unlock_domain(NULL).

See changeset 22994:299ed79acecf for more information.

Signed-off-by: Wei Liu <wei.liu2@xxxxxxxxxx>

diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c
--- a/xen/common/grant_table.c
+++ b/xen/common/grant_table.c
@@ -585,6 +585,8 @@ __gnttab_map_grant_ref(
             act->start = 0;
             act->length = PAGE_SIZE;
             act->is_sub_page = 0;
+            act->trans_domain = rd;
+            act->trans_gref = op->ref;
         }
     }
 



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.