>>> On 21.08.18 at 10:29, <roger....@citrix.com> wrote: > On Fri, Aug 17, 2018 at 04:12:43PM +0100, Wei Liu wrote: >> @@ -2723,12 +2736,13 @@ static int sh_remove_all_mappings(struct domain *d, >> mfn_t gmfn, gfn_t gfn) >> && (page->count_info & PGC_count_mask) <= 3 >> && ((page->u.inuse.type_info & PGT_count_mask) >> == (is_xen_heap_page(page) || >> - is_ioreq_server_page(d, page)))) ) >> + (is_hvm_domain(d) && is_ioreq_server_page(d, >> page))))) ) > > Isn't this a separate bugfix? is_ioreq_server_page shouldn't be called > for PV domains at all (same below).
There's a shadow_mode_external() just out of context here. Along the lines of my previous reply, this one too should be forced to constant false when !HVM. Without this, i.e. if the code was somehow reachable for PV guests, this would have been a security issue. Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
