Stefan Berger
2007-Feb-26 19:57 UTC
[Xen-devel] [PATCH] [XEN][ACM] fix missing spin_unlock
Insert a missing spin_unlock statement. Signed-off-by: Stefan Berger <stefanb@us.ibm.com> Keir, I have a question regarding the event channel data structure. It looks like a stale entry is in the event channel array indicating that a event channel at a given port has a certain remote domain as target. However, that domain does not exist anymore and therefore the code section where I add the spin_unlock() call gets triggered now. Could this be a bug in the domain-cleanup code? I can trigger this problem when running the xm-test suite with ACM compiled into Xen. After 159 domains have been created, which happens to be during the list tests, the stale port entry shows up and remains. The list tests when run after a reboot do not trigger this, though. Stefan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2007-Feb-26 23:20 UTC
[Xen-devel] Re: [PATCH] [XEN][ACM] fix missing spin_unlock
On 26/2/07 19:57, "Stefan Berger" <stefanb@us.ibm.com> wrote:> I have a question regarding the event channel data structure. It looks > like a stale entry is in the event channel array indicating that a event > channel at a given port has a certain remote domain as target. However, > that domain does not exist anymore and therefore the code section where > I add the spin_unlock() call gets triggered now. Could this be a bug in > the domain-cleanup code? > > I can trigger this problem when running the xm-test suite with ACM > compiled into Xen. After 159 domains have been created, which happens to > be during the list tests, the stale port entry shows up and remains. The > list tests when run after a reboot do not trigger this, though.When one end of a fully-bound interdomain event channel is closed, the remote port enters state ECS_UNBOUND. At this point it still refers to the remote domain by domid, even if the remote domain subsequently dies. In fact this is exactly the state that all currently-interdomain-bound remote ports will immediately enter when a domain is destroyed. It''s safe and expected. Since an ACM check will happen when moving from state ECS_UNBOUND to ECS_INTERDOMAIN you get the chance to check credentials are okay and hence deal with the case that the domid gets reused by a domain who should not be allowed to communicate to the ECS_UNBOUND port. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel