Bug 457137 - [IA64] Fix SMP-unsafe with XENMEM_add_to_physmap on HVM
Summary: [IA64] Fix SMP-unsafe with XENMEM_add_to_physmap on HVM
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel-xen
Version: 5.2
Hardware: ia64
OS: Linux
urgent
urgent
Target Milestone: rc
: ---
Assignee: Tetsu Yamamoto
QA Contact: Martin Jenner
URL:
Whiteboard:
Depends On:
Blocks: 459780
TreeView+ depends on / blocked
 
Reported: 2008-07-29 20:06 UTC by Bryan Mason
Modified: 2018-10-20 03:17 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: XENMEM_add_to_physmap hypercall on HVM was SMP-unsafe. Consequence: Repeat to create/destroy a Windows guest could cause Dom0 crash. Fix: Fixed SMP-unsafe with XENMEM_add_to_physmap on HVM Result: Repeat to create/destroy a Windows guest does not cause Dom0 crash.
Clone Of:
Environment:
Last Closed: 2009-01-20 19:41:33 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
Proposed patch. Same as upstream, but renumbered to match xen-3.0.3-68.el5. (3.33 KB, patch)
2008-07-29 20:06 UTC, Bryan Mason 		no flags Details | Diff
proposed patch. revised to apply to kernel. (3.77 KB, patch)
2008-08-12 16:54 UTC, Tetsu Yamamoto 		no flags Details | Diff
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2009:0225 0 normal SHIPPED_LIVE Important: Red Hat Enterprise Linux 5.3 kernel security and bug fix update 2009-01-20 16:06:24 UTC

Description Bryan Mason 2008-07-29 20:06:15 UTC 
Description of problem:

    XENMEM_add_to_physmap hypercall on HVM is SMP-unsafe and may cause
    a xen crash.
 
    This means that a driver for Guest OS can crash Dom0.  This has
    been observed on a Windows Guest.  It has not been reproduced on a
    Linux HVM guest.

Version-Release number of selected component (if applicable):

    xen-3.0.3-64.el5

How reproducible:

    1/100

Steps to Reproduce:

    1.  Create/Destroy the domain(Windows/IA64+Driver(which uses
        XENMEM_add_to_physmap)).
  
Actual results:

    dom0 hangs

Expected results:

    Guest OS start/stop works properly without Dom0 hang.

Additional info:

    This has been fixed upstream in Cset #17943:

        http://xenbits.xensource.com/ext/ia64/xen-unstable.hg?rev/eb0fc71cfc72

    Discussion thread can be found at:

       
http://lists.xensource.com/archives/html/xen-ia64-devel/2008-07/msg00058.html
Comment 1 Bryan Mason 2008-07-29 20:06:16 UTC 
Created attachment 312930 [details]
Proposed patch.  Same as upstream, but renumbered to match xen-3.0.3-68.el5.
Comment 6 Tetsu Yamamoto 2008-08-01 15:30:32 UTC 
The patch should be applied to kernel-xen.
Comment 8 Tetsu Yamamoto 2008-08-12 16:54:33 UTC 
Created attachment 314114 [details]
proposed patch.  revised to apply to kernel.
Comment 12 Don Zickus 2008-08-22 19:49:55 UTC 
in kernel-2.6.18-105.el5
You can download this test kernel from http://people.redhat.com/dzickus/el5
Comment 17 Ryan Lerch 2008-11-07 00:04:53 UTC 
This bug has been marked for inclusion in the Red Hat Enterprise Linux 5.3
Release Notes.

To aid in the development of relevant and accurate release notes, please fill
out the "Release Notes" field above with the following 4 pieces of information:


Cause:   What actions or circumstances cause this bug to present.

Consequence:  What happens when the bug presents.

Fix:   What was done to fix the bug.

Result:  What now happens when the actions or circumstances above occur. (NB:
this is not the same as 'the bug doesn't present anymore')
Comment 18 Tetsu Yamamoto 2008-11-13 16:45:44 UTC 
release note added.
Comment 19 Tetsu Yamamoto 2008-11-13 16:45:44 UTC 
Release note added. If any revisions are required, please set the 
"requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly.
All revisions will be proofread by the Engineering Content Services team.

New Contents:
Cause:   
     XENMEM_add_to_physmap hypercall on HVM was SMP-unsafe.

Consequence:  
     Repeat to create/destroy a Windows guest could cause Dom0 crash.

Fix:   
    Fixed SMP-unsafe with XENMEM_add_to_physmap on HVM

Result:  
    Repeat to create/destroy a Windows guest does not cause Dom0 crash.
Comment 22 errata-xmlrpc 2009-01-20 19:41:33 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2009-0225.html
Note You need to log in before you can comment on or make changes to this bug.