Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/arch/xen/xen xen: don't use grants 0-8



details:   https://anonhg.NetBSD.org/src/rev/d6b9af24844a
branches:  trunk
changeset: 782262:d6b9af24844a
user:      royger <royger%NetBSD.org@localhost>
date:      Wed Oct 24 13:07:46 2012 +0000

description:
xen: don't use grants 0-8

Not all grants from the first frame can be used, grants from 0 to 8
(both included) are reserved for external tools. Using this grants
caused system crashes and fs corruption.

Closes PR port-xen/47057 and port-xen/47056
Reviewed by bouyer@

diffstat:

 sys/arch/xen/xen/xengnt.c |  21 +++++++++++++++------
 1 files changed, 15 insertions(+), 6 deletions(-)

diffs (71 lines):

diff -r 5e09d54e717d -r d6b9af24844a sys/arch/xen/xen/xengnt.c
--- a/sys/arch/xen/xen/xengnt.c Wed Oct 24 11:36:02 2012 +0000
+++ b/sys/arch/xen/xen/xengnt.c Wed Oct 24 13:07:46 2012 +0000
@@ -1,4 +1,4 @@
-/*      $NetBSD: xengnt.c,v 1.24 2012/06/30 23:36:20 jym Exp $      */
+/*      $NetBSD: xengnt.c,v 1.25 2012/10/24 13:07:46 royger Exp $      */
 
 /*
  * Copyright (c) 2006 Manuel Bouyer.
@@ -26,7 +26,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xengnt.c,v 1.24 2012/06/30 23:36:20 jym Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xengnt.c,v 1.25 2012/10/24 13:07:46 royger Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -51,6 +51,9 @@
 
 #define NR_GRANT_ENTRIES_PER_PAGE (PAGE_SIZE / sizeof(grant_entry_t))
 
+/* External tools reserve first few grant table entries. */
+#define NR_RESERVED_ENTRIES 8
+
 /* Current number of frames making up the grant table */
 int gnt_nr_grant_frames;
 /* Maximum number of frames that can make up the grant table */
@@ -161,7 +164,7 @@
        gnttab_setup_table_t setup;
        u_long *pages;
        int nframes_new = gnt_nr_grant_frames + 1;
-       int i;
+       int i, start_gnt;
        KASSERT(mutex_owned(&grant_lock));
 
        if (gnt_nr_grant_frames == gnt_max_grant_frames)
@@ -204,9 +207,14 @@
 
        /*
         * add the grant entries associated to the last grant table frame
-        * and mark them as free
+        * and mark them as free. Prevent using the first grants (from 0 to 8)
+        * since they are used by the tools.
         */
-       for (i = gnt_nr_grant_frames * NR_GRANT_ENTRIES_PER_PAGE;
+       start_gnt = (gnt_nr_grant_frames * NR_GRANT_ENTRIES_PER_PAGE) <
+                   (NR_RESERVED_ENTRIES + 1) ?
+                   (NR_RESERVED_ENTRIES + 1) :
+                   (gnt_nr_grant_frames * NR_GRANT_ENTRIES_PER_PAGE);
+       for (i = start_gnt;
            i < nframes_new * NR_GRANT_ENTRIES_PER_PAGE;
            i++) {
                KASSERT(gnt_entries[last_gnt_entry] == XENGNT_NO_ENTRY);
@@ -240,7 +248,7 @@
        last_gnt_entry--;
        entry = gnt_entries[last_gnt_entry];
        gnt_entries[last_gnt_entry] = XENGNT_NO_ENTRY;
-       KASSERT(entry != XENGNT_NO_ENTRY);
+       KASSERT(entry != XENGNT_NO_ENTRY && entry > NR_RESERVED_ENTRIES);
        KASSERT(last_gnt_entry >= 0);
        KASSERT(last_gnt_entry <= gnt_max_grant_frames * NR_GRANT_ENTRIES_PER_PAGE);
        return entry;
@@ -253,6 +261,7 @@
 xengnt_free_entry(grant_ref_t entry)
 {
        mutex_enter(&grant_lock);
+       KASSERT(entry > NR_RESERVED_ENTRIES);
        KASSERT(gnt_entries[last_gnt_entry] == XENGNT_NO_ENTRY);
        KASSERT(last_gnt_entry >= 0);
        KASSERT(last_gnt_entry <= gnt_max_grant_frames * NR_GRANT_ENTRIES_PER_PAGE);



Home | Main Index | Thread Index | Old Index