diff options
author | Rusty Russell <rusty@rustcorp.com.au> | 2009-03-30 23:55:23 -0400 |
---|---|---|
committer | Rusty Russell <rusty@rustcorp.com.au> | 2009-03-30 07:25:24 -0400 |
commit | b7ff99ea53cd16de8f6166c0e98f19a7c6ca67ee (patch) | |
tree | fed5a3cf8fc8061967e60b5bbf32e81f3c742822 /arch/x86/lguest | |
parent | 6afbdd059c27330eccbd85943354f94c2b83a7fe (diff) |
lguest: wire up pte_update/pte_update_defer
Impact: intermittent guest segv/crash fix
I've been seeing random guest bad address crashes and segmentation faults:
bisect led to 4f98a2fee8 (vmscan: split LRU lists into anon & file sets),
but that's a red herring.
It turns out that lguest never hooked up the pte_update/pte_update_defer
calls, so our ptes were not always in sync. After the vmscan commit, the
bug became reproducible; now a fsck in a 64MB guest causes reproducible
pagetable corruption.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Cc: jeremy@xensource.com
Cc: virtualization@lists.osdl.org
Cc: stable@kernel.org
Diffstat (limited to 'arch/x86/lguest')
-rw-r--r-- | arch/x86/lguest/boot.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/arch/x86/lguest/boot.c b/arch/x86/lguest/boot.c index 9fe4ddaa8f6f..7822d29b02c7 100644 --- a/arch/x86/lguest/boot.c +++ b/arch/x86/lguest/boot.c | |||
@@ -490,11 +490,17 @@ static void lguest_write_cr4(unsigned long val) | |||
490 | * into a process' address space. We set the entry then tell the Host the | 490 | * into a process' address space. We set the entry then tell the Host the |
491 | * toplevel and address this corresponds to. The Guest uses one pagetable per | 491 | * toplevel and address this corresponds to. The Guest uses one pagetable per |
492 | * process, so we need to tell the Host which one we're changing (mm->pgd). */ | 492 | * process, so we need to tell the Host which one we're changing (mm->pgd). */ |
493 | static void lguest_pte_update(struct mm_struct *mm, unsigned long addr, | ||
494 | pte_t *ptep) | ||
495 | { | ||
496 | lazy_hcall(LHCALL_SET_PTE, __pa(mm->pgd), addr, ptep->pte_low); | ||
497 | } | ||
498 | |||
493 | static void lguest_set_pte_at(struct mm_struct *mm, unsigned long addr, | 499 | static void lguest_set_pte_at(struct mm_struct *mm, unsigned long addr, |
494 | pte_t *ptep, pte_t pteval) | 500 | pte_t *ptep, pte_t pteval) |
495 | { | 501 | { |
496 | *ptep = pteval; | 502 | *ptep = pteval; |
497 | lazy_hcall(LHCALL_SET_PTE, __pa(mm->pgd), addr, pteval.pte_low); | 503 | lguest_pte_update(mm, addr, ptep); |
498 | } | 504 | } |
499 | 505 | ||
500 | /* The Guest calls this to set a top-level entry. Again, we set the entry then | 506 | /* The Guest calls this to set a top-level entry. Again, we set the entry then |
@@ -1040,6 +1046,8 @@ __init void lguest_init(void) | |||
1040 | pv_mmu_ops.read_cr3 = lguest_read_cr3; | 1046 | pv_mmu_ops.read_cr3 = lguest_read_cr3; |
1041 | pv_mmu_ops.lazy_mode.enter = paravirt_enter_lazy_mmu; | 1047 | pv_mmu_ops.lazy_mode.enter = paravirt_enter_lazy_mmu; |
1042 | pv_mmu_ops.lazy_mode.leave = lguest_leave_lazy_mode; | 1048 | pv_mmu_ops.lazy_mode.leave = lguest_leave_lazy_mode; |
1049 | pv_mmu_ops.pte_update = lguest_pte_update; | ||
1050 | pv_mmu_ops.pte_update_defer = lguest_pte_update; | ||
1043 | 1051 | ||
1044 | #ifdef CONFIG_X86_LOCAL_APIC | 1052 | #ifdef CONFIG_X86_LOCAL_APIC |
1045 | /* apic read/write intercepts */ | 1053 | /* apic read/write intercepts */ |