Re: [Xen-devel] [PATCH] xen: avoid writing to freed memory after race in p2m handling

On 14/10/14 10:49, Juergen Gross wrote: > On 10/14/2014 11:30 AM, David Vrabel wrote: >> On 14/10/14 10:00, Juergen Gross wrote: >>> In case a race was detected during allocation of a new p2m tree >>> element in alloc_p2m() the new allocated mid_mfn page is freed without >>> updating the pointer to

Re: [Xen-devel] [PATCH] xen: avoid writing to freed memory after race in p2m handling

On 10/14/2014 11:30 AM, David Vrabel wrote: On 14/10/14 10:00, Juergen Gross wrote: In case a race was detected during allocation of a new p2m tree element in alloc_p2m() the new allocated mid_mfn page is freed without updating the pointer to the found value in the tree. This will result in over

Re: [Xen-devel] [PATCH] xen: avoid writing to freed memory after race in p2m handling

On 14/10/14 10:00, Juergen Gross wrote: > In case a race was detected during allocation of a new p2m tree > element in alloc_p2m() the new allocated mid_mfn page is freed without > updating the pointer to the found value in the tree. This will result > in overwriting the just freed page with the mf

[PATCH] xen: avoid writing to freed memory after race in p2m handling

In case a race was detected during allocation of a new p2m tree element in alloc_p2m() the new allocated mid_mfn page is freed without updating the pointer to the found value in the tree. This will result in overwriting the just freed page with the mfn of the p2m leaf. Signed-off-by: Juergen Gross