File xsa240-4.patch of Package xen.11298

From: Jan Beulich <jbeulich@suse.com>
Subject: x86: don't wrongly trigger linear page table assertion (2)

_put_final_page_type(), when free_page_type() has exited early to allow
for preemption, should not update the time stamp, as the page continues
to retain the typ which is in the process of being unvalidated. I can't
see why the time stamp update was put on that path in the first place
(albeit it may well have been me who had put it there years ago).

This is part of XSA-240.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: <George Dunlap <george.dunlap.com>

Index: xen-4.5.5-testing/xen/arch/x86/mm.c
===================================================================
--- xen-4.5.5-testing.orig/xen/arch/x86/mm.c
+++ xen-4.5.5-testing/xen/arch/x86/mm.c
@@ -2389,9 +2389,6 @@ static int _put_final_page_type(struct p
     {
         ASSERT((page->u.inuse.type_info &
                 (PGT_count_mask|PGT_validated|PGT_partial)) == 1);
-        if ( !(shadow_mode_enabled(page_get_owner(page)) &&
-               (page->count_info & PGC_page_table)) )
-            page->tlbflush_timestamp = tlbflush_current_time();
         wmb();
         page->u.inuse.type_info |= PGT_validated;
     }