• Juergen Gross's avatar
    x86/xen: avoid race in p2m handling · 3a0e94f8
    Juergen Gross authored
    When a new p2m leaf is allocated this leaf is linked into the p2m tree
    via cmpxchg. Unfortunately the compare value for checking the success
    of the update is read after checking for the need of a new leaf. It is
    possible that a new leaf has been linked into the tree concurrently
    in between. This could lead to a leaked memory page and to the loss of
    some p2m entries.
    
    Avoid the race by using the read compare value for checking the need
    of a new p2m leaf and use ACCESS_ONCE() to get it.
    
    There are other places which seem to need ACCESS_ONCE() to ensure
    proper operation. Change them accordingly.
    Signed-off-by: default avatarJuergen Gross <jgross@suse.com>
    Signed-off-by: default avatarDavid Vrabel <david.vrabel@citrix.com>
    3a0e94f8
p2m.c 37.1 KB