Hello, xen/common/grant_tables.c seems to return without unlocking the BIGLOCK on a domain if it runs into an error. I did not run into this error, but the xen code now runs into the routines so I think it''s better to fix this. Problem code: =====================long do_grant_table_op( unsigned int cmd, void *uop, unsigned int count) { ... LOCK_BIGLOCK(current->domain); switch ( cmd ) { case GNTTABOP_map_grant_ref: printk("%s: \n", __func__); if ( unlikely(!array_access_ok( VERIFY_WRITE, uop, count, sizeof(gnttab_map_grant_ref_t))) ) ===>> return -EFAULT; rc = gnttab_map_grant_ref((gnttab_map_grant_ref_t *)uop, count); break; case GNTTABOP_unmap_grant_ref: printk("%s: \n", __func__); if ( unlikely(!array_access_ok( VERIFY_WRITE, uop, count, sizeof(gnttab_unmap_grant_ref_t))) ) ===>> return -EFAULT; rc = gnttab_unmap_grant_ref((gnttab_unmap_grant_ref_t *)uop, count); break; ... UNLOCK_BIGLOCK(current->domain); ... } ========================= Here is a patch to fix it: ------------------------------------------------------------ --- xeno-unstable.bk_orig/xen/common/grant_table.c 2005-04-14 09:00:50.000000000 -0400 +++ xeno-unstable.bk/xen/common/grant_table.c 2005-04-14 13:03:59.000000000 -0400 @@ -809,13 +809,19 @@ case GNTTABOP_map_grant_ref: if ( unlikely(!array_access_ok( VERIFY_WRITE, uop, count, sizeof(gnttab_map_grant_ref_t))) ) - return -EFAULT; + { + rc = -EFAULT; + break; + } rc = gnttab_map_grant_ref((gnttab_map_grant_ref_t *)uop, count); break; case GNTTABOP_unmap_grant_ref: if ( unlikely(!array_access_ok( VERIFY_WRITE, uop, count, sizeof(gnttab_unmap_grant_ref_t))) ) - return -EFAULT; + { + rc = -EFAULT; + break; + } rc = gnttab_unmap_grant_ref((gnttab_unmap_grant_ref_t *)uop, count); break; case GNTTABOP_setup_table: -------------------------------------------------------------- Regards Reiner _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Vincent Hanquez
2005-Apr-14 18:02 UTC
Re: [Xen-devel] grant_tables.c / domain BIGLOCK anomaly
On Thu, Apr 14, 2005 at 01:19:02PM -0400, Reiner Sailer wrote:> xen/common/grant_tables.c seems to return without unlocking the > BIGLOCK on a domain if it runs into an error. I did not run into this > error, but the xen code now runs into the routines so I think it''s > better to fix this.[list CC this time] Looks good, applied. don''t forget Signed-off-by next time. Thanks, -- Vincent Hanquez _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel