From: Keir Fraser <keir.fraser@citrix.com>
Date: Wed, 26 May 2010 07:01:21 +0000 (+0100)
Subject: x86 shadow: Avoid remove-all-shadows after shadow teardown
X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~12090
X-Git-Url: https://dgit.raspbian.org/%22http:/www.example.com/cgi/%22https://%22%22/%22http:/www.example.com/cgi/%22https:/%22%22?a=commitdiff_plain;h=e4a1897ed12f699aadb40970438fe4e39404e086;p=xen.git

x86 shadow: Avoid remove-all-shadows after shadow teardown

If dom0 alters the p2m of a domain that's being destroyed, we can end
up doing a remove-all-shadows after the shadow hash table has been
freed. Since no hash table implies no shadows, just return
immediately.

Signed-off-by: Tim Deegan <Tim.Deegan@citrix.com>
---

diff --git a/xen/arch/x86/mm/shadow/common.c b/xen/arch/x86/mm/shadow/common.c
index 6c49134fe0..36f5839c66 100644
--- a/xen/arch/x86/mm/shadow/common.c
+++ b/xen/arch/x86/mm/shadow/common.c
@@ -2173,8 +2173,13 @@ static void hash_foreach(struct vcpu *v,
     struct domain *d = v->domain;
     struct page_info *x;
 
-    /* Say we're here, to stop hash-lookups reordering the chains */
     ASSERT(shadow_locked_by_me(d));
+
+    /* Can be called via p2m code &c after shadow teardown. */
+    if ( unlikely(!d->arch.paging.shadow.hash_table) )
+        return;
+
+    /* Say we're here, to stop hash-lookups reordering the chains */
     ASSERT(d->arch.paging.shadow.hash_walking == 0);
     d->arch.paging.shadow.hash_walking = 1;