We need to do sync when mov_to_cr3 to a value already shadowed.

The L2 page and already shadowed L1 page may be out of sync.
This fixes the problems of segmentation faults and strange prints
when booting Redhat FC3 and make kernel in FC3 in VMX domain.

Signed-off-by: Xiaofeng Ling <xiaofeng.ling@intel.com>

diff --git a/xen/arch/x86/shadow.c b/xen/arch/x86/shadow.c
index 8819071b04460e8d186c2c4b3d9146a9bc475a68..0663d16f6dc6a55bcfa8ffc4e588dab790638507 100644 (file)
--- a/xen/arch/x86/shadow.c
+++ b/xen/arch/x86/shadow.c
@@ -2154,7 +2154,8 @@ static void shadow_update_pagetables(struct vcpu *v)
 #elif CONFIG_PAGING_LEVELS == 4
         smfn = shadow_l4_table(d, gpfn, gmfn);
 #endif
-    }
+    }else
+        shadow_sync_all(d);
     if ( !get_shadow_ref(smfn) )
         BUG();
     old_smfn = pagetable_get_pfn(v->arch.shadow_table);

diff --git a/xen/arch/x86/shadow32.c b/xen/arch/x86/shadow32.c
index c4162186f199e740a7e5338ea289e1afc5393407..9d372ac4debf92e2e79454cdef2cf6781a388257 100644 (file)
--- a/xen/arch/x86/shadow32.c
+++ b/xen/arch/x86/shadow32.c
@@ -2911,6 +2911,8 @@ void __update_pagetables(struct vcpu *v)
      */
     if ( unlikely(!(smfn = __shadow_status(d, gpfn, PGT_base_page_table))) )
         smfn = shadow_l2_table(d, gpfn, gmfn);
+    else
+        shadow_sync_all(d);
     if ( !get_shadow_ref(smfn) )
         BUG();
     old_smfn = pagetable_get_pfn(v->arch.shadow_table);