ARINC653: fix sched_priv corruption in alloc_vdata

The ARINC653 scheduler was directly assigning and manipulating
the sched_priv field of a vcpu in its alloc_vdata function.

When creating a cpu pool, this resulted in the corruption
of the sched_priv field of the vcpu, which was then passed
to the initial scheduler's free_vdata function with
disastrous results.

Signed-off-by: Nathan Studer <nate.studer@dornerworks.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: George Dunlap <george.dunlap@eu.citrix.com>

diff --git a/xen/common/sched_arinc653.c b/xen/common/sched_arinc653.c
index 25021922265076bee033c7c293bd81f5a948f773..e5a423f4a6334459172ff6a4d2fd36546230ef22 100644 (file)
--- a/xen/common/sched_arinc653.c
+++ b/xen/common/sched_arinc653.c
@@ -380,11 +380,14 @@ a653sched_deinit(const struct scheduler *ops)
 static void *
 a653sched_alloc_vdata(const struct scheduler *ops, struct vcpu *vc, void *dd)
 {
-    /* 
+    arinc653_vcpu_t *svc;
+
+    /*
      * Allocate memory for the ARINC 653-specific scheduler data information
-     * associated with the given VCPU (vc). 
-     */ 
-    if ( (vc->sched_priv = xmalloc(arinc653_vcpu_t)) == NULL )
+     * associated with the given VCPU (vc).
+     */
+    svc = xmalloc(arinc653_vcpu_t);
+    if ( svc == NULL )
         return NULL;
 
     /*
@@ -393,13 +396,13 @@ a653sched_alloc_vdata(const struct scheduler *ops, struct vcpu *vc, void *dd)
      * will call the vcpu_wake scheduler callback function and our scheduler 
      * will mark the VCPU awake.
      */
-    AVCPU(vc)->vc = vc;
-    AVCPU(vc)->awake = 0;
+    svc->vc = vc;
+    svc->awake = 0;
     if ( !is_idle_vcpu(vc) )
-        list_add(&AVCPU(vc)->list, &SCHED_PRIV(ops)->vcpu_list);
+        list_add(&svc->list, &SCHED_PRIV(ops)->vcpu_list);
     update_schedule_vcpus(ops);
 
-    return AVCPU(vc);
+    return svc;
 }
 
 /**