Module Name: src Committed By: riz Date: Wed Oct 31 16:15:28 UTC 2012
Modified Files: src/sys/arch/xen/xen [netbsd-6-0]: xengnt.c Log Message: Pull up following revision(s) (requested by royger in ticket #640): sys/arch/xen/xen/xengnt.c: revision 1.25 xen: don't use grants 0-8 Not all grants from the first frame can be used, grants from 0 to 8 (both included) are reserved for external tools. Using this grants caused system crashes and fs corruption. Closes PR port-xen/47057 and port-xen/47056 Reviewed by bouyer@ To generate a diff of this commit: cvs rdiff -u -r1.22.2.1 -r1.22.2.1.4.1 src/sys/arch/xen/xen/xengnt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/arch/xen/xen/xengnt.c diff -u src/sys/arch/xen/xen/xengnt.c:1.22.2.1 src/sys/arch/xen/xen/xengnt.c:1.22.2.1.4.1 --- src/sys/arch/xen/xen/xengnt.c:1.22.2.1 Thu Feb 23 21:19:55 2012 +++ src/sys/arch/xen/xen/xengnt.c Wed Oct 31 16:15:28 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: xengnt.c,v 1.22.2.1 2012/02/23 21:19:55 riz Exp $ */ +/* $NetBSD: xengnt.c,v 1.22.2.1.4.1 2012/10/31 16:15:28 riz Exp $ */ /* * Copyright (c) 2006 Manuel Bouyer. @@ -26,7 +26,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: xengnt.c,v 1.22.2.1 2012/02/23 21:19:55 riz Exp $"); +__KERNEL_RCSID(0, "$NetBSD: xengnt.c,v 1.22.2.1.4.1 2012/10/31 16:15:28 riz Exp $"); #include <sys/types.h> #include <sys/param.h> @@ -51,6 +51,9 @@ __KERNEL_RCSID(0, "$NetBSD: xengnt.c,v 1 #define NR_GRANT_ENTRIES_PER_PAGE (PAGE_SIZE / sizeof(grant_entry_t)) +/* External tools reserve first few grant table entries. */ +#define NR_RESERVED_ENTRIES 8 + /* Current number of frames making up the grant table */ int gnt_nr_grant_frames; /* Maximum number of frames that can make up the grant table */ @@ -161,7 +164,7 @@ xengnt_more_entries(void) gnttab_setup_table_t setup; u_long *pages; int nframes_new = gnt_nr_grant_frames + 1; - int i; + int i, start_gnt; KASSERT(mutex_owned(&grant_lock)); if (gnt_nr_grant_frames == gnt_max_grant_frames) @@ -204,9 +207,14 @@ xengnt_more_entries(void) /* * add the grant entries associated to the last grant table frame - * and mark them as free + * and mark them as free. Prevent using the first grants (from 0 to 8) + * since they are used by the tools. */ - for (i = gnt_nr_grant_frames * NR_GRANT_ENTRIES_PER_PAGE; + start_gnt = (gnt_nr_grant_frames * NR_GRANT_ENTRIES_PER_PAGE) < + (NR_RESERVED_ENTRIES + 1) ? + (NR_RESERVED_ENTRIES + 1) : + (gnt_nr_grant_frames * NR_GRANT_ENTRIES_PER_PAGE); + for (i = start_gnt; i < nframes_new * NR_GRANT_ENTRIES_PER_PAGE; i++) { KASSERT(gnt_entries[last_gnt_entry] == XENGNT_NO_ENTRY); @@ -240,7 +248,7 @@ xengnt_get_entry(void) last_gnt_entry--; entry = gnt_entries[last_gnt_entry]; gnt_entries[last_gnt_entry] = XENGNT_NO_ENTRY; - KASSERT(entry != XENGNT_NO_ENTRY); + KASSERT(entry != XENGNT_NO_ENTRY && entry > NR_RESERVED_ENTRIES); KASSERT(last_gnt_entry >= 0); KASSERT(last_gnt_entry <= gnt_max_grant_frames * NR_GRANT_ENTRIES_PER_PAGE); return entry; @@ -253,6 +261,7 @@ static void xengnt_free_entry(grant_ref_t entry) { mutex_enter(&grant_lock); + KASSERT(entry > NR_RESERVED_ENTRIES); KASSERT(gnt_entries[last_gnt_entry] == XENGNT_NO_ENTRY); KASSERT(last_gnt_entry >= 0); KASSERT(last_gnt_entry <= gnt_max_grant_frames * NR_GRANT_ENTRIES_PER_PAGE);