WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-changelog

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-changelog] [xen-unstable] [XEN] Better parameter checking for grant

from [Xen patchbot-unstable] [Permanent Link][Original]
To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] [XEN] Better parameter checking for grant table copy operation.
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 02 Nov 2006 22:10:21 +0000
Delivery-date: Thu, 02 Nov 2006 21:29:14 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx 
# HG changeset patch
# User Steven Smith <ssmith@xxxxxxxxxxxxx>
# Node ID 002856e70ca11bc0abc7b468d491718596e3d623
# Parent  36d020268c6c099c7e70c0070ee76f07dedd547d
[XEN] Better parameter checking for grant table copy operation.

Signed-off-by: Steven Smith <sos22@xxxxxxxxx>
---
 xen/common/grant_table.c |   19 ++++++++++++-------
 1 files changed, 12 insertions(+), 7 deletions(-)

diff -r 36d020268c6c -r 002856e70ca1 xen/common/grant_table.c
--- a/xen/common/grant_table.c  Thu Nov 02 11:56:26 2006 +0000
+++ b/xen/common/grant_table.c  Thu Nov 02 13:20:32 2006 +0000
@@ -724,10 +724,6 @@ __release_grant_for_copy(
 {
     grant_entry_t *const sha = &rd->grant_table->shared[gref];
     struct active_grant_entry *const act = &rd->grant_table->active[gref];
-    const unsigned long r_frame = act->frame;
-
-    if ( !readonly )
-        gnttab_mark_dirty(rd, r_frame);
 
     spin_lock(&rd->grant_table->lock);
 
@@ -750,7 +746,8 @@ __release_grant_for_copy(
 
 /* Grab a frame number from a grant entry and update the flags and pin
    count as appropriate.  Note that this does *not* update the page
-   type or reference counts. */
+   type or reference counts, and does not check that the mfn is
+   actually valid. */
 static int
 __acquire_grant_for_copy(
     struct domain *rd, unsigned long gref, int readonly,
@@ -892,6 +889,9 @@ __gnttab_copy(
     {
         s_frame = gmfn_to_mfn(sd, op->source.u.gmfn);
     }
+    if ( unlikely(!mfn_valid(s_frame)) )
+        PIN_FAIL(error_out, GNTST_general_error,
+                 "source frame %lx invalid.\n", s_frame);
     if ( !get_page(mfn_to_page(s_frame), sd) )
         PIN_FAIL(error_out, GNTST_general_error,
                  "could not get source frame %lx.\n", s_frame);
@@ -906,8 +906,11 @@ __gnttab_copy(
     }
     else
     {
-        d_frame = gmfn_to_mfn(sd, op->dest.u.gmfn);
-    }
+        d_frame = gmfn_to_mfn(dd, op->dest.u.gmfn);
+    }
+    if ( unlikely(!mfn_valid(d_frame)) )
+        PIN_FAIL(error_out, GNTST_general_error,
+                 "destination frame %lx invalid.\n", d_frame);
     if ( !get_page_and_type(mfn_to_page(d_frame), dd, PGT_writable_page) )
         PIN_FAIL(error_out, GNTST_general_error,
                  "could not get destination frame %lx.\n", d_frame);
@@ -919,6 +922,8 @@ __gnttab_copy(
 
     unmap_domain_page(dp);
     unmap_domain_page(sp);
+
+    gnttab_mark_dirty(dd, d_frame);
 
     put_page_and_type(mfn_to_page(d_frame));
  error_out:

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] [XEN] Better parameter checking for grant table copy operation., Xen patchbot-unstable <=
Previous by Date:  [Xen-changelog] [xen-unstable] Merge, Xen patchbot-unstable
Next by Date:  [Xen-changelog] [xen-unstable] Dynamically link to libgcc on Solaris. Also clean up duplicate -Wall flags., Xen patchbot-unstable
Previous by Thread:  [Xen-changelog] [xen-unstable] Merge, Xen patchbot-unstable
Next by Thread:  [Xen-changelog] [xen-unstable] Dynamically link to libgcc on Solaris. Also clean up duplicate -Wall flags., Xen patchbot-unstable
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy