Red Hat Bugzilla – Bug 457137
[IA64] Fix SMP-unsafe with XENMEM_add_to_physmap on HVM
Last modified: 2010-10-22 23:16:25 EDT
Description of problem:
XENMEM_add_to_physmap hypercall on HVM is SMP-unsafe and may cause
a xen crash.
This means that a driver for Guest OS can crash Dom0. This has
been observed on a Windows Guest. It has not been reproduced on a
Linux HVM guest.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Create/Destroy the domain(Windows/IA64+Driver(which uses
Guest OS start/stop works properly without Dom0 hang.
This has been fixed upstream in Cset #17943:
Discussion thread can be found at:
Created attachment 312930 [details]
Proposed patch. Same as upstream, but renumbered to match xen-3.0.3-68.el5.
The patch should be applied to kernel-xen.
Created attachment 314114 [details]
proposed patch. revised to apply to kernel.
You can download this test kernel from http://people.redhat.com/dzickus/el5
This bug has been marked for inclusion in the Red Hat Enterprise Linux 5.3
To aid in the development of relevant and accurate release notes, please fill
out the "Release Notes" field above with the following 4 pieces of information:
Cause: What actions or circumstances cause this bug to present.
Consequence: What happens when the bug presents.
Fix: What was done to fix the bug.
Result: What now happens when the actions or circumstances above occur. (NB:
this is not the same as 'the bug doesn't present anymore')
release note added.
Release note added. If any revisions are required, please set the
"requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly.
All revisions will be proofread by the Engineering Content Services team.
XENMEM_add_to_physmap hypercall on HVM was SMP-unsafe.
Repeat to create/destroy a Windows guest could cause Dom0 crash.
Fixed SMP-unsafe with XENMEM_add_to_physmap on HVM
Repeat to create/destroy a Windows guest does not cause Dom0 crash.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.