8724a18868
config handling stack overflow 55a62eb0-xl-correct-handling-of-extra_config-in-main_cpupoolcreate.patch - bsc#907514 - Bus fatal error & sles12 sudden reboot has been observed - bsc#910258 - SLES12 Xen host crashes with FATAL NMI after shutdown of guest with VT-d NIC - bsc#918984 - Bus fatal error & sles11-SP4 sudden reboot has been observed - bsc#923967 - Partner-L3: Bus fatal error & sles11-SP3 sudden reboot has been observed 552d293b-x86-vMSI-X-honor-all-mask-requests.patch 552d2966-x86-vMSI-X-add-valid-bits-for-read-acceleration.patch 5576f143-x86-adjust-PV-I-O-emulation-functions-types.patch 55795a52-x86-vMSI-X-support-qword-MMIO-access.patch 5583d9c5-x86-MSI-X-cleanup.patch 5583da09-x86-MSI-track-host-and-guest-masking-separately.patch 55b0a218-x86-PCI-CFG-write-intercept.patch 55b0a255-x86-MSI-X-maskall.patch 55b0a283-x86-MSI-X-teardown.patch 55b0a2ab-x86-MSI-X-enable.patch 55b0a2db-x86-MSI-track-guest-masking.patch - Upstream patches from Jan 552d0f49-x86-traps-identify-the-vcpu-in-context-when-dumping-regs.patch 559bc633-x86-cpupool-clear-proper-cpu_valid-bit-on-CPU-teardown.patch 559bc64e-credit1-properly-deal-with-CPUs-not-in-any-pool.patch 559bc87f-x86-hvmloader-avoid-data-corruption-with-xenstore-rw.patch 55a66a1e-make-rangeset_report_ranges-report-all-ranges.patch 55a77e4f-dmar-device-scope-mem-leak-fix.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=373
170 lines
5.9 KiB
Diff
170 lines
5.9 KiB
Diff
# Commit 0174da5b79752e2d5d6ca0faed89536e8f3d91c7
|
|
# Date 2015-08-06 10:04:43 +0100
|
|
# Author Anshul Makkar <anshul.makkar@citrix.com>
|
|
# Committer Ian Campbell <ian.campbell@citrix.com>
|
|
x86/mm: Make {hap, shadow}_teardown() preemptible
|
|
|
|
A domain with sufficient shadow allocation can cause a watchdog timeout
|
|
during domain destruction. Expand the existing -ERESTART logic in
|
|
paging_teardown() to allow {hap/sh}_set_allocation() to become
|
|
restartable during the DOMCTL_destroydomain hypercall.
|
|
|
|
Signed-off-by: Anshul Makkar <anshul.makkar@citrix.com>
|
|
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
|
|
Reviewed-by: Tim Deegan <tim@xen.org>
|
|
Reviewed-by: George Dunlap <george.dunlap@eu.citrix.com>
|
|
|
|
--- a/xen/arch/x86/mm/hap/hap.c
|
|
+++ b/xen/arch/x86/mm/hap/hap.c
|
|
@@ -503,7 +503,7 @@ void hap_final_teardown(struct domain *d
|
|
}
|
|
|
|
if ( d->arch.paging.hap.total_pages != 0 )
|
|
- hap_teardown(d);
|
|
+ hap_teardown(d, NULL);
|
|
|
|
p2m_teardown(p2m_get_hostp2m(d));
|
|
/* Free any memory that the p2m teardown released */
|
|
@@ -513,7 +513,7 @@ void hap_final_teardown(struct domain *d
|
|
paging_unlock(d);
|
|
}
|
|
|
|
-void hap_teardown(struct domain *d)
|
|
+void hap_teardown(struct domain *d, int *preempted)
|
|
{
|
|
struct vcpu *v;
|
|
mfn_t mfn;
|
|
@@ -541,18 +541,11 @@ void hap_teardown(struct domain *d)
|
|
|
|
if ( d->arch.paging.hap.total_pages != 0 )
|
|
{
|
|
- HAP_PRINTK("teardown of domain %u starts."
|
|
- " pages total = %u, free = %u, p2m=%u\n",
|
|
- d->domain_id,
|
|
- d->arch.paging.hap.total_pages,
|
|
- d->arch.paging.hap.free_pages,
|
|
- d->arch.paging.hap.p2m_pages);
|
|
- hap_set_allocation(d, 0, NULL);
|
|
- HAP_PRINTK("teardown done."
|
|
- " pages total = %u, free = %u, p2m=%u\n",
|
|
- d->arch.paging.hap.total_pages,
|
|
- d->arch.paging.hap.free_pages,
|
|
- d->arch.paging.hap.p2m_pages);
|
|
+ hap_set_allocation(d, 0, preempted);
|
|
+
|
|
+ if ( preempted && *preempted )
|
|
+ goto out;
|
|
+
|
|
ASSERT(d->arch.paging.hap.total_pages == 0);
|
|
}
|
|
|
|
@@ -561,6 +554,7 @@ void hap_teardown(struct domain *d)
|
|
xfree(d->arch.hvm_domain.dirty_vram);
|
|
d->arch.hvm_domain.dirty_vram = NULL;
|
|
|
|
+out:
|
|
paging_unlock(d);
|
|
}
|
|
|
|
--- a/xen/arch/x86/mm/paging.c
|
|
+++ b/xen/arch/x86/mm/paging.c
|
|
@@ -779,12 +779,15 @@ long paging_domctl_continuation(XEN_GUES
|
|
/* Call when destroying a domain */
|
|
int paging_teardown(struct domain *d)
|
|
{
|
|
- int rc;
|
|
+ int rc, preempted = 0;
|
|
|
|
if ( hap_enabled(d) )
|
|
- hap_teardown(d);
|
|
+ hap_teardown(d, &preempted);
|
|
else
|
|
- shadow_teardown(d);
|
|
+ shadow_teardown(d, &preempted);
|
|
+
|
|
+ if ( preempted )
|
|
+ return -ERESTART;
|
|
|
|
/* clean up log dirty resources. */
|
|
rc = paging_free_log_dirty_bitmap(d, 0);
|
|
--- a/xen/arch/x86/mm/shadow/common.c
|
|
+++ b/xen/arch/x86/mm/shadow/common.c
|
|
@@ -3030,7 +3030,7 @@ int shadow_enable(struct domain *d, u32
|
|
return rv;
|
|
}
|
|
|
|
-void shadow_teardown(struct domain *d)
|
|
+void shadow_teardown(struct domain *d, int *preempted)
|
|
/* Destroy the shadow pagetables of this domain and free its shadow memory.
|
|
* Should only be called for dying domains. */
|
|
{
|
|
@@ -3091,23 +3091,16 @@ void shadow_teardown(struct domain *d)
|
|
|
|
if ( d->arch.paging.shadow.total_pages != 0 )
|
|
{
|
|
- SHADOW_PRINTK("teardown of domain %u starts."
|
|
- " Shadow pages total = %u, free = %u, p2m=%u\n",
|
|
- d->domain_id,
|
|
- d->arch.paging.shadow.total_pages,
|
|
- d->arch.paging.shadow.free_pages,
|
|
- d->arch.paging.shadow.p2m_pages);
|
|
/* Destroy all the shadows and release memory to domheap */
|
|
- sh_set_allocation(d, 0, NULL);
|
|
+ sh_set_allocation(d, 0, preempted);
|
|
+
|
|
+ if ( preempted && *preempted )
|
|
+ goto out;
|
|
+
|
|
/* Release the hash table back to xenheap */
|
|
if (d->arch.paging.shadow.hash_table)
|
|
shadow_hash_teardown(d);
|
|
- /* Should not have any more memory held */
|
|
- SHADOW_PRINTK("teardown done."
|
|
- " Shadow pages total = %u, free = %u, p2m=%u\n",
|
|
- d->arch.paging.shadow.total_pages,
|
|
- d->arch.paging.shadow.free_pages,
|
|
- d->arch.paging.shadow.p2m_pages);
|
|
+
|
|
ASSERT(d->arch.paging.shadow.total_pages == 0);
|
|
}
|
|
|
|
@@ -3138,6 +3131,7 @@ void shadow_teardown(struct domain *d)
|
|
d->arch.hvm_domain.dirty_vram = NULL;
|
|
}
|
|
|
|
+out:
|
|
paging_unlock(d);
|
|
|
|
/* Must be called outside the lock */
|
|
@@ -3159,7 +3153,7 @@ void shadow_final_teardown(struct domain
|
|
* It is possible for a domain that never got domain_kill()ed
|
|
* to get here with its shadow allocation intact. */
|
|
if ( d->arch.paging.shadow.total_pages != 0 )
|
|
- shadow_teardown(d);
|
|
+ shadow_teardown(d, NULL);
|
|
|
|
/* It is now safe to pull down the p2m map. */
|
|
p2m_teardown(p2m_get_hostp2m(d));
|
|
--- a/xen/include/asm-x86/hap.h
|
|
+++ b/xen/include/asm-x86/hap.h
|
|
@@ -54,7 +54,7 @@ int hap_domctl(struct domain *d, xen_d
|
|
XEN_GUEST_HANDLE_PARAM(void) u_domctl);
|
|
int hap_enable(struct domain *d, u32 mode);
|
|
void hap_final_teardown(struct domain *d);
|
|
-void hap_teardown(struct domain *d);
|
|
+void hap_teardown(struct domain *d, int *preempted);
|
|
void hap_vcpu_init(struct vcpu *v);
|
|
int hap_track_dirty_vram(struct domain *d,
|
|
unsigned long begin_pfn,
|
|
--- a/xen/include/asm-x86/shadow.h
|
|
+++ b/xen/include/asm-x86/shadow.h
|
|
@@ -72,7 +72,7 @@ int shadow_domctl(struct domain *d,
|
|
XEN_GUEST_HANDLE_PARAM(void) u_domctl);
|
|
|
|
/* Call when destroying a domain */
|
|
-void shadow_teardown(struct domain *d);
|
|
+void shadow_teardown(struct domain *d, int *preempted);
|
|
|
|
/* Call once all of the references to the domain have gone away */
|
|
void shadow_final_teardown(struct domain *d);
|