Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:kernel-2.6.32
xen
19391-vpmu-double-free.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 19391-vpmu-double-free.patch of Package xen
# HG changeset patch # User Keir Fraser <keir.fraser@citrix.com> # Date 1237457101 0 # Node ID 4b2d8b1c395ad64377f9fc124d806ffa786d280d # Parent f0d033f0a319d4ce0b20244cee68998a7afd3317 x86, hvm: Fix double-free of vpmu->context When `opcontrol --shutdown' is called after xenoprof is used on Dom0, the vpmu owner becomes PMU_OWNER_NONE. So it is possible to acquire the owner as PMU_OWNER_HVM and to allocate vpmu->context twice. As a result, the hypervisor panics because of double-alloc/free of vpmu->context. Signed-off-by: Kazuhiro Suzuki <kaz@jp.fujitsu.com> --- a/xen/arch/x86/hvm/vmx/vpmu_core2.c +++ b/xen/arch/x86/hvm/vmx/vpmu_core2.c @@ -276,7 +276,8 @@ static int core2_vpmu_msr_common_check(u return 0; if ( unlikely(!(vpmu->flags & VPMU_CONTEXT_ALLOCATED)) && - !core2_vpmu_alloc_resource(current) ) + (vpmu->context != NULL || + !core2_vpmu_alloc_resource(current)) ) return 0; vpmu->flags |= VPMU_CONTEXT_ALLOCATED; @@ -468,6 +469,7 @@ static void core2_vpmu_destroy(struct vc if ( cpu_has_vmx_msr_bitmap ) core2_vpmu_unset_msr_bitmap(v->arch.hvm_vmx.msr_bitmap); release_pmu_ownship(PMU_OWNER_HVM); + vpmu->flags &= ~VPMU_CONTEXT_ALLOCATED; } struct arch_vpmu_ops core2_vpmu_ops = {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor