From efa1e6c6b05705b4fede2bda994332639ecd70d9 Mon Sep 17 00:00:00 2001 From: Keir Fraser Date: Wed, 7 Oct 2009 15:56:05 +0100 Subject: [PATCH] x86 shadow: fix the check for having killed the guest in the fault handler. We care only about when we have called domain_crash() (and therefore shadow invariants may not hold) and shouldn't spuriously inject pagefaults into guests that are shutting down for other reasons. Signed-off-by: Tim Deegan --- xen/arch/x86/mm/shadow/multi.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/xen/arch/x86/mm/shadow/multi.c b/xen/arch/x86/mm/shadow/multi.c index bc7b4327ba..46c5f1cf48 100644 --- a/xen/arch/x86/mm/shadow/multi.c +++ b/xen/arch/x86/mm/shadow/multi.c @@ -3111,7 +3111,7 @@ static int sh_page_fault(struct vcpu *v, * already used for some special purpose (ioreq pages, or granted pages). * If that happens we'll have killed the guest already but it's still not * safe to propagate entries out of the guest PT so get out now. */ - if ( unlikely(d->is_shutting_down) ) + if ( unlikely(d->is_shutting_down && d->shutdown_code == SHUTDOWN_crash) ) { SHADOW_PRINTK("guest is shutting down\n"); goto propagate; @@ -3212,7 +3212,7 @@ static int sh_page_fault(struct vcpu *v, && ft == ft_demand_write ) sh_unsync(v, gmfn); - if ( unlikely(d->is_shutting_down) ) + if ( unlikely(d->is_shutting_down && d->shutdown_code == SHUTDOWN_crash) ) { /* We might end up with a crashed domain here if * sh_remove_shadows() in a previous sh_resync() call has -- 2.30.2