| From 43d492d8c5866c8c8248f887ba45b2e291b57c9c Mon Sep 17 00:00:00 2001 |
| From: Igor Mammedov <imammedo@redhat.com> |
| Date: Thu, 1 Sep 2011 13:46:55 +0200 |
| Subject: [PATCH] xen: x86_32: do not enable iterrupts when returning from |
| exception in interrupt context |
| |
| commit d198d499148a0c64a41b3aba9e7dd43772832b91 upstream. |
| |
| If vmalloc page_fault happens inside of interrupt handler with interrupts |
| disabled then on exit path from exception handler when there is no pending |
| interrupts, the following code (arch/x86/xen/xen-asm_32.S:112): |
| |
| cmpw $0x0001, XEN_vcpu_info_pending(%eax) |
| sete XEN_vcpu_info_mask(%eax) |
| |
| will enable interrupts even if they has been previously disabled according to |
| eflags from the bounce frame (arch/x86/xen/xen-asm_32.S:99) |
| |
| testb $X86_EFLAGS_IF>>8, 8+1+ESP_OFFSET(%esp) |
| setz XEN_vcpu_info_mask(%eax) |
| |
| Solution is in setting XEN_vcpu_info_mask only when it should be set |
| according to |
| cmpw $0x0001, XEN_vcpu_info_pending(%eax) |
| but not clearing it if there isn't any pending events. |
| |
| Reproducer for bug is attached to RHBZ 707552 |
| |
| Signed-off-by: Igor Mammedov <imammedo@redhat.com> |
| Acked-by: Jeremy Fitzhardinge <jeremy@goop.org> |
| Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> |
| Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> |
| |
| diff --git a/arch/x86/xen/xen-asm_32.S b/arch/x86/xen/xen-asm_32.S |
| index 22a2093..b040b0e 100644 |
| --- a/arch/x86/xen/xen-asm_32.S |
| +++ b/arch/x86/xen/xen-asm_32.S |
| @@ -113,11 +113,13 @@ xen_iret_start_crit: |
| |
| /* |
| * If there's something pending, mask events again so we can |
| - * jump back into xen_hypervisor_callback |
| + * jump back into xen_hypervisor_callback. Otherwise do not |
| + * touch XEN_vcpu_info_mask. |
| */ |
| - sete XEN_vcpu_info_mask(%eax) |
| + jne 1f |
| + movb $1, XEN_vcpu_info_mask(%eax) |
| |
| - popl %eax |
| +1: popl %eax |
| |
| /* |
| * From this point on the registers are restored and the stack |
| -- |
| 1.7.12.rc1.1.gbce1580 |
| |