changeset: 23943:1185ae04b5aa user: Olaf Hering date: Tue Oct 11 10:46:28 2011 +0100 files: tools/xenpaging/xenpaging.c xen/arch/x86/mm/p2m.c description: xenpaging: clear page content after evict If the guest happens to read from the gfn while xenpaging is in the process of evicting the page, the guest may read zeros instead of actual data. Also if eviction fails the page content will be corrupted and xenpaging wont attempt to restore the page. Remove page scrubbing from pager and do it after successful eviction. Signed-off-by: Olaf Hering Acked-by: Ian Jackson Acked-by: Tim Deegan Committed-by: Tim Deegan --- tools/xenpaging/xenpaging.c | 3 --- xen/arch/x86/mm/p2m.c | 3 +++ 2 files changed, 3 insertions(+), 3 deletions(-) Index: xen-4.1.2-testing/tools/xenpaging/xenpaging.c =================================================================== --- xen-4.1.2-testing.orig/tools/xenpaging/xenpaging.c +++ xen-4.1.2-testing/tools/xenpaging/xenpaging.c @@ -455,9 +455,6 @@ static int xenpaging_evict_page(xenpagin goto out; } - /* Clear page */ - memset(page, 0, PAGE_SIZE); - munmap(page, PAGE_SIZE); /* Tell Xen to evict page */ Index: xen-4.1.2-testing/xen/arch/x86/mm/p2m.c =================================================================== --- xen-4.1.2-testing.orig/xen/arch/x86/mm/p2m.c +++ xen-4.1.2-testing/xen/arch/x86/mm/p2m.c @@ -2916,6 +2916,9 @@ int p2m_mem_paging_evict(struct p2m_doma set_p2m_entry(p2m, gfn, _mfn(PAGING_MFN), 0, p2m_ram_paged, a); audit_p2m(p2m, 1); + /* Clear content before returning the page to Xen */ + scrub_one_page(page); + /* Put the page back so it gets freed */ put_page(page);