direct-io.hg

changeset 15207:c388a2ff1b8e

xen: Fix domain teardown to avoid use-after-free of vcpu structs.
Signed-off-by: Keir Fraser <keir@xensource.com>
author kfraser@localhost.localdomain
date Mon Jun 04 14:05:10 2007 +0100 (2007-06-04)
parents 267ccb919967
children 6c636bd3f874
files xen/common/domain.c
line diff
     1.1 --- a/xen/common/domain.c	Mon Jun 04 12:47:53 2007 +0100
     1.2 +++ b/xen/common/domain.c	Mon Jun 04 14:05:10 2007 +0100
     1.3 @@ -467,7 +467,6 @@ static void complete_domain_destroy(stru
     1.4              continue;
     1.5          vcpu_destroy(v);
     1.6          sched_destroy_vcpu(v);
     1.7 -        free_vcpu_struct(v);
     1.8      }
     1.9  
    1.10      acm_domain_destroy(d);
    1.11 @@ -481,6 +480,10 @@ static void complete_domain_destroy(stru
    1.12  
    1.13      sched_destroy_domain(d);
    1.14  
    1.15 +    for ( i = MAX_VIRT_CPUS-1; i >= 0; i-- )
    1.16 +        if ( (v = d->vcpu[i]) != NULL )
    1.17 +            free_vcpu_struct(v);
    1.18 +
    1.19      free_domain(d);
    1.20  
    1.21      send_guest_global_virq(dom0, VIRQ_DOM_EXC);