On 20/11/14 10:11, Jan Beulich wrote:
> MMU_MACHPHYS_UPDATE, not manipulating page tables, shouldn't ignore
> a bad page table domain being specified.
>
> Also pt_owner can't be NULL when reaching the "out" label, so the
> respective check can be dropped.
Yes it can.
Failing
if ( (pg_owner = get_pg_owner((uint16_t)foreigndom)) == NULL )
{
rc = -ESRCH;
goto out;
}
around line 3462 will cause pt_owner to be NULL at the out label.
~Andrew
>
> Signed-off-by: Jan Beulich <jbeul...@suse.com>
> Acked-by: Tim Deegan <t...@xen.org>
>
> --- a/xen/arch/x86/mm.c
> +++ b/xen/arch/x86/mm.c
> @@ -3618,6 +3618,11 @@ long do_mmu_update(
> break;
>
> case MMU_MACHPHYS_UPDATE:
> + if ( unlikely(d != pt_owner) )
> + {
> + rc = -EPERM;
> + break;
> + }
>
> mfn = req.ptr >> PAGE_SHIFT;
> gpfn = req.val;
> @@ -3694,7 +3699,7 @@ long do_mmu_update(
> perfc_add(num_page_updates, i);
>
> out:
> - if ( pt_owner && (pt_owner != d) )
> + if ( pt_owner != d )
> rcu_unlock_domain(pt_owner);
>
> /* Add incremental work we have done to the @done output parameter. */
>
>
>
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
