diff options
| author | Rusty Russell <rusty@rustcorp.com.au> | 2009-03-30 23:55:23 -0400 |
|---|---|---|
| committer | Rusty Russell <rusty@rustcorp.com.au> | 2009-03-30 07:25:24 -0400 |
| commit | b7ff99ea53cd16de8f6166c0e98f19a7c6ca67ee (patch) | |
| tree | fed5a3cf8fc8061967e60b5bbf32e81f3c742822 | |
| parent | 6afbdd059c27330eccbd85943354f94c2b83a7fe (diff) | |
lguest: wire up pte_update/pte_update_defer
Impact: intermittent guest segv/crash fix
I've been seeing random guest bad address crashes and segmentation faults:
bisect led to 4f98a2fee8 (vmscan: split LRU lists into anon & file sets),
but that's a red herring.
It turns out that lguest never hooked up the pte_update/pte_update_defer
calls, so our ptes were not always in sync. After the vmscan commit, the
bug became reproducible; now a fsck in a 64MB guest causes reproducible
pagetable corruption.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Cc: jeremy@xensource.com
Cc: virtualization@lists.osdl.org
Cc: stable@kernel.org
| -rw-r--r-- | arch/x86/lguest/boot.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/arch/x86/lguest/boot.c b/arch/x86/lguest/boot.c index 9fe4ddaa8f6f..7822d29b02c7 100644 --- a/arch/x86/lguest/boot.c +++ b/arch/x86/lguest/boot.c | |||
| @@ -490,11 +490,17 @@ static void lguest_write_cr4(unsigned long val) | |||
| 490 | * into a process' address space. We set the entry then tell the Host the | 490 | * into a process' address space. We set the entry then tell the Host the |
| 491 | * toplevel and address this corresponds to. The Guest uses one pagetable per | 491 | * toplevel and address this corresponds to. The Guest uses one pagetable per |
| 492 | * process, so we need to tell the Host which one we're changing (mm->pgd). */ | 492 | * process, so we need to tell the Host which one we're changing (mm->pgd). */ |
| 493 | static void lguest_pte_update(struct mm_struct *mm, unsigned long addr, | ||
| 494 | pte_t *ptep) | ||
| 495 | { | ||
| 496 | lazy_hcall(LHCALL_SET_PTE, __pa(mm->pgd), addr, ptep->pte_low); | ||
| 497 | } | ||
| 498 | |||
| 493 | static void lguest_set_pte_at(struct mm_struct *mm, unsigned long addr, | 499 | static void lguest_set_pte_at(struct mm_struct *mm, unsigned long addr, |
| 494 | pte_t *ptep, pte_t pteval) | 500 | pte_t *ptep, pte_t pteval) |
| 495 | { | 501 | { |
| 496 | *ptep = pteval; | 502 | *ptep = pteval; |
| 497 | lazy_hcall(LHCALL_SET_PTE, __pa(mm->pgd), addr, pteval.pte_low); | 503 | lguest_pte_update(mm, addr, ptep); |
| 498 | } | 504 | } |
| 499 | 505 | ||
| 500 | /* The Guest calls this to set a top-level entry. Again, we set the entry then | 506 | /* The Guest calls this to set a top-level entry. Again, we set the entry then |
| @@ -1040,6 +1046,8 @@ __init void lguest_init(void) | |||
| 1040 | pv_mmu_ops.read_cr3 = lguest_read_cr3; | 1046 | pv_mmu_ops.read_cr3 = lguest_read_cr3; |
| 1041 | pv_mmu_ops.lazy_mode.enter = paravirt_enter_lazy_mmu; | 1047 | pv_mmu_ops.lazy_mode.enter = paravirt_enter_lazy_mmu; |
| 1042 | pv_mmu_ops.lazy_mode.leave = lguest_leave_lazy_mode; | 1048 | pv_mmu_ops.lazy_mode.leave = lguest_leave_lazy_mode; |
| 1049 | pv_mmu_ops.pte_update = lguest_pte_update; | ||
| 1050 | pv_mmu_ops.pte_update_defer = lguest_pte_update; | ||
| 1043 | 1051 | ||
| 1044 | #ifdef CONFIG_X86_LOCAL_APIC | 1052 | #ifdef CONFIG_X86_LOCAL_APIC |
| 1045 | /* apic read/write intercepts */ | 1053 | /* apic read/write intercepts */ |