ia64/xen-unstable

changeset 19376:6d5aa622fb3d

x86 shadow: Prevent in-sync L1s to become writable
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
author Keir Fraser <keir.fraser@citrix.com>
date Tue Mar 17 14:29:26 2009 +0000 (2009-03-17)
parents 2725f82a7dca
children 0e8005a9d812
files xen/arch/x86/mm/shadow/multi.c
line diff
     1.1 --- a/xen/arch/x86/mm/shadow/multi.c	Tue Mar 17 14:28:33 2009 +0000
     1.2 +++ b/xen/arch/x86/mm/shadow/multi.c	Tue Mar 17 14:29:26 2009 +0000
     1.3 @@ -3123,6 +3123,19 @@ static int sh_page_fault(struct vcpu *v,
     1.4      shadow_lock(d);
     1.5  
     1.6      TRACE_CLEAR_PATH_FLAGS;
     1.7 +
     1.8 +    /* Make sure there is enough free shadow memory to build a chain of
     1.9 +     * shadow tables. (We never allocate a top-level shadow on this path,
    1.10 +     * only a 32b l1, pae l1, or 64b l3+2+1. Note that while
    1.11 +     * SH_type_l1_shadow isn't correct in the latter case, all page
    1.12 +     * tables are the same size there.)
    1.13 +     *
    1.14 +     * Preallocate shadow pages *before* removing writable accesses
    1.15 +     * otherwhise an OOS L1 might be demoted and promoted again with
    1.16 +     * writable mappings. */
    1.17 +    shadow_prealloc(d,
    1.18 +                    SH_type_l1_shadow,
    1.19 +                    GUEST_PAGING_LEVELS < 4 ? 1 : GUEST_PAGING_LEVELS - 1);
    1.20      
    1.21      rc = gw_remove_write_accesses(v, va, &gw);
    1.22  
    1.23 @@ -3156,15 +3169,6 @@ static int sh_page_fault(struct vcpu *v,
    1.24      shadow_audit_tables(v);
    1.25      sh_audit_gw(v, &gw);
    1.26  
    1.27 -    /* Make sure there is enough free shadow memory to build a chain of
    1.28 -     * shadow tables. (We never allocate a top-level shadow on this path,
    1.29 -     * only a 32b l1, pae l1, or 64b l3+2+1. Note that while
    1.30 -     * SH_type_l1_shadow isn't correct in the latter case, all page
    1.31 -     * tables are the same size there.) */
    1.32 -    shadow_prealloc(d,
    1.33 -                    SH_type_l1_shadow,
    1.34 -                    GUEST_PAGING_LEVELS < 4 ? 1 : GUEST_PAGING_LEVELS - 1);
    1.35 -
    1.36      /* Acquire the shadow.  This must happen before we figure out the rights 
    1.37       * for the shadow entry, since we might promote a page here. */
    1.38      ptr_sl1e = shadow_get_and_create_l1e(v, &gw, &sl1mfn, ft);