Hi,
On 21/01/2020 12:00, Paul Durrant wrote:
diff --git a/xen/common/page_alloc.c b/xen/common/page_alloc.c
index 919a270587..ef327072ed 100644
--- a/xen/common/page_alloc.c
+++ b/xen/common/page_alloc.c
@@ -2269,7 +2269,8 @@ int assign_pages(
if ( !(memflags & MEMF_no_refcount) )
{
- if ( unlikely((d->tot_pages + (1 << order)) > d->max_pages) )
+ if ( unlikely((d->tot_pages + (1 << order)) > d->max_pages) &&
+ d->creation_finished )
This is not entirely obvious to me how this is safe. What would happen
if d->creation_finished is set on another CPU at the same time? At least
on Arm, this may not be seen directly.
I guess the problem would not only happen in this use case (I am more
concerned in the physmap code), but it would be good to document how it
is meant to be safe to use.
However, AFAIU, the only reason for the check to be here is because
d->max_pages is set quite late. How about setting max_pages as part of
the domain_create hypercall?
Cheers,
--
Julien Grall
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
