From 53a11bbde4e349a490a4648e0ae3e0ae3bdbeb97 Mon Sep 17 00:00:00 2001
From: Keir Fraser <keir.fraser@citrix.com>
Date: Tue, 29 Jan 2008 11:50:30 +0000
Subject: [PATCH] x86: Fix shadow pinning logic (for PV live relo). From: Tim
 Deegan <Tim.Deegan@citrix.com> Signed-off-by: Keir Fraser
 <keir.fraser@citrix.com>

---
 xen/arch/x86/mm/shadow/multi.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/xen/arch/x86/mm/shadow/multi.c b/xen/arch/x86/mm/shadow/multi.c
index 5a460d9de2..6a8d5e1a15 100644
--- a/xen/arch/x86/mm/shadow/multi.c
+++ b/xen/arch/x86/mm/shadow/multi.c
@@ -3518,8 +3518,18 @@ sh_set_toplevel_shadow(struct vcpu *v,
     v->arch.shadow_table[slot] = new_entry;
 
     /* Decrement the refcount of the old contents of this slot */
-    if ( !pagetable_is_null(old_entry) )
-        sh_put_ref(v, pagetable_get_mfn(old_entry), 0);
+    if ( !pagetable_is_null(old_entry) ) {
+        mfn_t old_smfn = pagetable_get_mfn(old_entry);
+        /* Need to repin the old toplevel shadow if it's been unpinned
+         * by shadow_prealloc(): in PV mode we're still running on this
+         * shadow and it's not safe to free it yet. */
+        if ( !mfn_to_shadow_page(old_smfn)->pinned && !sh_pin(v, old_smfn) )
+        {
+            SHADOW_ERROR("can't re-pin %#lx\n", mfn_x(old_smfn));
+            domain_crash(v->domain);
+        }
+        sh_put_ref(v, old_smfn, 0);
+    }
 }
 
 
-- 
2.30.2