From: Christopher Lalancette <clalance@redhat.com>
Date: Thu, 26 Nov 2009 09:45:30 -0500
Subject: [vbd] xen: fix crash after ballooning
Message-id: <4B0E4E3A.6040304@redhat.com>
Patchwork-id: 21516
O-Subject: [RHEL5.5 PATCH]: Fix crash after ballooning
Bugzilla: 540811
RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: Prarit Bhargava <prarit@redhat.com>

All,
     While doing some recent testing, I found that a RHEL-5.5 Xen PV i686
guest would crash after it was ballooned.  I eventually tracked this down
to the fact that in Xen:

1)  We never set up bounce buffering (in mm/highmem.c), and
2)  We forget to tell the block layer never to use bounce buffering

The combination of these two factors mean that in the right circumstances,
the system could go ahead and try to use bounce buffering even though we
have never set it up.  This leads to a NULL pointer being accessed and
a crash.

The fix is simple; simply tell the block layer never to bounce buffer.
This fixes the crash for me in testing, and should fix BZ 540811.  It's
a backport of linux-2.6.18-xen.hg c/s 148.  Please review and ACK.

Signed-off-by: Don Zickus <dzickus@redhat.com>

diff --git a/drivers/xen/blkfront/vbd.c b/drivers/xen/blkfront/vbd.c
index a1f1bff..98bf39d 100644
--- a/drivers/xen/blkfront/vbd.c
+++ b/drivers/xen/blkfront/vbd.c
@@ -238,6 +238,9 @@ xlvbd_init_blk_queue(struct gendisk *gd, u16 sector_size)
 	/* Make sure buffer addresses are sector-aligned. */
 	blk_queue_dma_alignment(rq, 511);
 
+	/* Make sure we don't use bounce buffers. */
+	blk_queue_bounce_limit(rq, BLK_BOUNCE_ANY);
+
 	gd->queue = rq;
 
 	return 0;