x86, hvm: Fix double-free of vpmu->context

When `opcontrol --shutdown' is called after xenoprof is used on Dom0, the vpmu owner becomes PMU_OWNER_NONE. So it is possible to acquire the owner as PMU_OWNER_HVM and to allocate vpmu->context twice. As a result, the hypervisor panics because of double-alloc/free of vpmu->context. Signed-off-by: Kazuhiro Suzuki <kaz@jp.fujitsu.com>
author: Keir Fraser <keir.fraser@citrix.com> 2009-03-19 10:05:01 +0000
committer: Keir Fraser <keir.fraser@citrix.com> 2009-03-19 10:05:01 +0000
commit: d532e54c26d054c9ba97ecb0429ddfb7842e2f52 (patch)
tree: a4a33d374dde3476ee5ba6107f893b168b2c4124 /xen/arch/x86/oprofile
parent: d046c2261f88fd7dd5eb274f2847eb66f0dae1c9 (diff)
download: xen-d532e54c26d054c9ba97ecb0429ddfb7842e2f52.tar.gz
xen-d532e54c26d054c9ba97ecb0429ddfb7842e2f52.tar.bz2
xen-d532e54c26d054c9ba97ecb0429ddfb7842e2f52.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/xen/arch/x86/oprofile/op_model_ppro.c b/xen/arch/x86/oprofile/op_model_ppro.c
index 90b5d2887a..0dc962dfe6 100644
--- a/xen/arch/x86/oprofile/op_model_ppro.c
+++ b/xen/arch/x86/oprofile/op_model_ppro.c
@@ -219,6 +219,8 @@ static void ppro_free_msr(struct vcpu *v)
 {
 	struct vpmu_struct *vpmu = vcpu_vpmu(v);
 
+	if ( !(vpmu->flags & PASSIVE_DOMAIN_ALLOCATED) )
+		return;
 	xfree(vpmu->context);
 	vpmu->flags &= ~PASSIVE_DOMAIN_ALLOCATED;
 }
author	Keir Fraser <keir.fraser@citrix.com>	2009-03-19 10:05:01 +0000
committer	Keir Fraser <keir.fraser@citrix.com>	2009-03-19 10:05:01 +0000
commit	d532e54c26d054c9ba97ecb0429ddfb7842e2f52 (patch)
tree	a4a33d374dde3476ee5ba6107f893b168b2c4124 /xen/arch/x86/oprofile
parent	d046c2261f88fd7dd5eb274f2847eb66f0dae1c9 (diff)
download	xen-d532e54c26d054c9ba97ecb0429ddfb7842e2f52.tar.gz xen-d532e54c26d054c9ba97ecb0429ddfb7842e2f52.tar.bz2 xen-d532e54c26d054c9ba97ecb0429ddfb7842e2f52.zip