diff options
| -rw-r--r-- | xen/arch/x86/mm/mem_sharing.c | 4 | ||||
| -rw-r--r-- | xen/arch/x86/mm/p2m.c | 8 |
2 files changed, 9 insertions, 3 deletions
diff --git a/xen/arch/x86/mm/mem_sharing.c b/xen/arch/x86/mm/mem_sharing.c index 38ef870bf9..36a50e58d4 100644 --- a/xen/arch/x86/mm/mem_sharing.c +++ b/xen/arch/x86/mm/mem_sharing.c @@ -201,7 +201,9 @@ static struct page_info* mem_sharing_lookup(unsigned long mfn) /* Count has to be at least two, because we're called * with the mfn locked (1) and this is supposed to be * a shared page (1). */ - ASSERT((page->u.inuse.type_info & PGT_count_mask) >= 2); + unsigned long t = read_atomic(&page->u.inuse.type_info); + ASSERT((t & PGT_type_mask) == PGT_shared_page); + ASSERT((t & PGT_count_mask) >= 2); ASSERT(get_gpfn_from_mfn(mfn) == SHARED_M2P_ENTRY); return page; } diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c index 233853b493..fd1ef34a73 100644 --- a/xen/arch/x86/mm/p2m.c +++ b/xen/arch/x86/mm/p2m.c @@ -735,6 +735,7 @@ set_shared_p2m_entry(struct domain *d, unsigned long gfn, mfn_t mfn) p2m_access_t a; p2m_type_t ot; mfn_t omfn; + unsigned long pg_type; if ( !paging_mode_translate(p2m->domain) ) return 0; @@ -745,8 +746,11 @@ set_shared_p2m_entry(struct domain *d, unsigned long gfn, mfn_t mfn) * sharable first */ ASSERT(p2m_is_shared(ot)); ASSERT(mfn_valid(omfn)); - if ( ((mfn_to_page(omfn)->u.inuse.type_info & PGT_type_mask) - != PGT_shared_page) ) + /* Set the m2p entry to invalid only if there are no further type + * refs to this page as shared */ + pg_type = read_atomic(&(mfn_to_page(omfn)->u.inuse.type_info)); + if ( (pg_type & PGT_count_mask) == 0 + || (pg_type & PGT_type_mask) != PGT_shared_page ) set_gpfn_from_mfn(mfn_x(omfn), INVALID_M2P_ENTRY); P2M_DEBUG("set shared %lx %lx\n", gfn, mfn_x(mfn)); |