# HG changeset patch
# User tristan.gingold@xxxxxxxx
# Node ID e7dbb3d127a5ea5034644f67a07f071f9fdf4bb1
# Parent  e687fc5cd371af2db54a819356b35107147f3d7f
Strengthen dom0_getmemlist.

(reset num_pfns before hypercalling, more checks in hypercall, cleanup).

Signed-off-by: Tristan Gingold <tristan.gingold@xxxxxxxx>

diff -r e687fc5cd371 -r e7dbb3d127a5 tools/libxc/xc_ia64_stubs.c
--- a/tools/libxc/xc_ia64_stubs.c	Mon May 15 02:49:43 2006
+++ b/tools/libxc/xc_ia64_stubs.c	Mon May 15 03:31:42 2006
@@ -50,7 +50,7 @@
 }
 /*  
     VMM uses put_user to copy pfn_list to guest buffer, this maybe fail,
-    VMM don't handle this now.
+    VMM doesn't handle this now.
     This method will touch guest buffer to make sure the buffer's mapping
     is tracked by VMM,
  */
@@ -66,6 +66,7 @@
     unsigned int __start_page, __nr_pages;
     unsigned long max_pfns;
     unsigned long *__pfn_buf;
+
     __start_page = start_page;
     __nr_pages = nr_pages;
     __pfn_buf = pfn_buf;
@@ -75,6 +76,7 @@
         op.cmd = DOM0_GETMEMLIST;
         op.u.getmemlist.domain   = (domid_t)domid;
         op.u.getmemlist.max_pfns = max_pfns;
+        op.u.getmemlist.num_pfns = 0;
         set_xen_guest_handle(op.u.getmemlist.buffer, __pfn_buf);
 
         if ( (max_pfns != -1UL)
diff -r e687fc5cd371 -r e7dbb3d127a5 xen/arch/ia64/xen/dom0_ops.c
--- a/xen/arch/ia64/xen/dom0_ops.c	Mon May 15 02:49:43 2006
+++ b/xen/arch/ia64/xen/dom0_ops.c	Mon May 15 03:31:42 2006
@@ -151,10 +151,7 @@
         put_domain(d);
     }
     break;
-    /*
-     * NOTE: DOM0_GETMEMLIST has somewhat different semantics on IA64 -
-     * it actually allocates and maps pages.
-     */
+
     case DOM0_GETMEMLIST:
     {
         unsigned long i = 0;
@@ -198,7 +195,8 @@
                 ret = -ENOMEM;
 
             op->u.getmemlist.num_pfns = i - start_page;
-            copy_to_guest(u_dom0_op, op, 1);
+            if (copy_to_guest(u_dom0_op, op, 1))
+                ret = -EFAULT;
             
             put_domain(d);
         }