diff mbox

[v1,2/2] xen/arm: p2m: Check for p2m->domain to be initialized before releasing resources

Message ID 1503941546-24716-3-git-send-email-olekstysh@gmail.com (mailing list archive)
State New, archived
Headers show

Commit Message

Oleksandr Tyshchenko Aug. 28, 2017, 5:32 p.m. UTC 
From: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>

Since p2m_teardown() can be called when p2m_init() haven't executed yet
we might deal with unitialized list "p2m->pages" which leads to crash.
To avoid this use back pointer to domain as end-of-initialization indicator.

Signed-off-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>
---
 xen/arch/arm/p2m.c | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

Comments

Stefano Stabellini Sept. 15, 2017, 9:27 p.m. UTC | #1 
On Mon, 28 Aug 2017, Oleksandr Tyshchenko wrote:
> From: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>
> 
> Since p2m_teardown() can be called when p2m_init() haven't executed yet
> we might deal with unitialized list "p2m->pages" which leads to crash.
> To avoid this use back pointer to domain as end-of-initialization indicator.
> 
> Signed-off-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>
> ---
>  xen/arch/arm/p2m.c | 13 ++++++++++++-
>  1 file changed, 12 insertions(+), 1 deletion(-)
> 
> diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
> index c484469..141ae7e 100644
> --- a/xen/arch/arm/p2m.c
> +++ b/xen/arch/arm/p2m.c
> @@ -1219,6 +1219,9 @@ void p2m_teardown(struct domain *d)
>      struct p2m_domain *p2m = p2m_get_hostp2m(d);
>      struct page_info *pg;

The patch looks good. I'll add a comment saying "p2m not actually
initialized" here.

Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>


> +    if ( !p2m->domain )
> +        return;
> +
>      while ( (pg = page_list_remove_head(&p2m->pages)) )
>          free_domheap_page(pg);
>  
> @@ -1230,6 +1233,8 @@ void p2m_teardown(struct domain *d)
>      p2m_free_vmid(d);
>  
>      radix_tree_destroy(&p2m->mem_access_settings, NULL);
> +
> +    p2m->domain = NULL;
>  }
>  
>  int p2m_init(struct domain *d)
> @@ -1247,7 +1252,6 @@ int p2m_init(struct domain *d)
>      if ( rc != 0 )
>          return rc;
>  
> -    p2m->domain = d;
>      p2m->max_mapped_gfn = _gfn(0);
>      p2m->lowest_mapped_gfn = _gfn(ULONG_MAX);
>  
> @@ -1276,6 +1280,13 @@ int p2m_init(struct domain *d)
>      for_each_possible_cpu(cpu)
>         p2m->last_vcpu_ran[cpu] = INVALID_VCPU_ID;
>  
> +    /*
> +     * Besides getting a domain when we only have the p2m in hand,
> +     * the back pointer to domain is also used in p2m_teardown()
> +     * as an end-of-initialization indicator.
> +     */
> +    p2m->domain = d;
> +
>      return rc;
>  }
>  
> -- 
> 2.7.4
>
diff mbox

Patch

diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c
index c484469..141ae7e 100644
--- a/xen/arch/arm/p2m.c
+++ b/xen/arch/arm/p2m.c
@@ -1219,6 +1219,9 @@  void p2m_teardown(struct domain *d)
     struct p2m_domain *p2m = p2m_get_hostp2m(d);
     struct page_info *pg;
 
+    if ( !p2m->domain )
+        return;
+
     while ( (pg = page_list_remove_head(&p2m->pages)) )
         free_domheap_page(pg);
 
@@ -1230,6 +1233,8 @@  void p2m_teardown(struct domain *d)
     p2m_free_vmid(d);
 
     radix_tree_destroy(&p2m->mem_access_settings, NULL);
+
+    p2m->domain = NULL;
 }
 
 int p2m_init(struct domain *d)
@@ -1247,7 +1252,6 @@  int p2m_init(struct domain *d)
     if ( rc != 0 )
         return rc;
 
-    p2m->domain = d;
     p2m->max_mapped_gfn = _gfn(0);
     p2m->lowest_mapped_gfn = _gfn(ULONG_MAX);
 
@@ -1276,6 +1280,13 @@  int p2m_init(struct domain *d)
     for_each_possible_cpu(cpu)
        p2m->last_vcpu_ran[cpu] = INVALID_VCPU_ID;
 
+    /*
+     * Besides getting a domain when we only have the p2m in hand,
+     * the back pointer to domain is also used in p2m_teardown()
+     * as an end-of-initialization indicator.
+     */
+    p2m->domain = d;
+
     return rc;
 }