WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-ia64-devel

[Xen-ia64-devel] [PATCH 5/5] fix efi_emulate_set_virtual_address_map()

To: xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-ia64-devel] [PATCH 5/5] fix efi_emulate_set_virtual_address_map()
From: Isaku Yamahata <yamahata@xxxxxxxxxxxxx>
Date: Tue, 9 Dec 2008 18:29:41 +0900
Cc: volker.simonis@xxxxxxxxx, Isaku Yamahata <yamahata@xxxxxxxxxxxxx>, alex.williamson@xxxxxx
Delivery-date: Tue, 09 Dec 2008 01:25:35 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-ia64-devel-request@lists.xensource.com?subject=help>
List-id: Discussion of the ia64 port of Xen <xen-ia64-devel.lists.xensource.com>
List-post: <mailto:xen-ia64-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-ia64-devel>, <mailto:xen-ia64-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-ia64-devel>, <mailto:xen-ia64-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-ia64-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.18 (2008-05-17)
IA64: fix efi_emulate_set_virtual_address_map()

get_page() before touching guest pages.
Otherwise pages may be freed during those operations.

Signed-off-by: Isaku Yamahata <yamahata@xxxxxxxxxxxxx>

diff --git a/xen/arch/ia64/xen/fw_emul.c b/xen/arch/ia64/xen/fw_emul.c
--- a/xen/arch/ia64/xen/fw_emul.c
+++ b/xen/arch/ia64/xen/fw_emul.c
@@ -1334,6 +1334,10 @@ efi_emulate_set_virtual_address_map(
        efi_desc_size = sizeof(efi_memory_desc_t);
 
        for (p = efi_map_start; p < efi_map_end; p += efi_desc_size) {
+               struct page_info *efi_runtime_page = NULL;
+               struct page_info *fpswa_inf_page = NULL;
+               struct page_info *fw_table_page = NULL;
+               
                if (copy_from_user(&entry, p, sizeof(efi_memory_desc_t))) {
                        printk ("efi_emulate_set_virtual_address_map: 
copy_from_user() fault. addr=0x%p\n", p);
                        return EFI_UNSUPPORTED;
@@ -1342,6 +1346,27 @@ efi_emulate_set_virtual_address_map(
                /* skip over non-PAL_CODE memory descriptors; EFI_RUNTIME is 
included in PAL_CODE. */
                 if (md->type != EFI_PAL_CODE)
                         continue;
+
+               /* get pages to prevend them from being freed 
+                * during touching them.
+                * those entres are in [FW_TABLES_BASE_PADDR, ...]
+                * see dom_fw.h for its layout.
+                */
+               efi_runtime_page = virt_to_page(efi_runtime);
+               fpswa_inf_page = virt_to_page(fpswa_inf);
+               fw_table_page = virt_to_page(
+                       domain_mpa_to_imva(d, FW_TABLES_BASE_PADDR));
+               if (get_page(efi_runtime_page, d) == 0)
+                       return EFI_INVALID_PARAMETER;
+               if (get_page(fpswa_inf_page, d) == 0) {
+                       put_page(efi_runtime_page);
+                       return EFI_INVALID_PARAMETER;
+               }
+               if (get_page(fw_table_page, d) == 0) {
+                       put_page(fpswa_inf_page);
+                       put_page(efi_runtime_page);
+                       return EFI_INVALID_PARAMETER;
+               }
 
 #define EFI_HYPERCALL_PATCH_TO_VIRT(tgt,call) \
        do { \
@@ -1365,6 +1390,10 @@ efi_emulate_set_virtual_address_map(
                *vfn++ = FW_HYPERCALL_FPSWA_PATCH_INDEX * 16UL + md->virt_addr;
                *vfn   = 0;
                fpswa_inf->fpswa = (void *) (FW_HYPERCALL_FPSWA_ENTRY_INDEX * 
16UL + md->virt_addr);
+
+               put_page(fw_table_page);
+               put_page(fpswa_inf_page);
+               put_page(efi_runtime_page);
                break;
        }
 

Attachment: efi-virtual-map.patch
Description: Text Data

_______________________________________________
Xen-ia64-devel mailing list
Xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-ia64-devel
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-ia64-devel] [PATCH 5/5] fix efi_emulate_set_virtual_address_map(), Isaku Yamahata <=