direct-io.hg

view tools/libxc/xc_ptrace_core.c @ 9145:9de50910defd

libxc: Verify Magic number when reading dump

The xen core files record a magic number,
but when they are loaded it isn't checked.
This patch resolves this.

Signed-Off-By: Horms <horms@verge.net.au>
author kaf24@firebug.cl.cam.ac.uk
date Mon Mar 06 15:04:18 2006 +0100 (2006-03-06)
parents 8ed131452f27
children 74ee53209cca
line source
1 #define XC_PTRACE_PRIVATE
3 #include <sys/ptrace.h>
4 #include <sys/wait.h>
5 #include "xc_private.h"
6 #include "xc_ptrace.h"
7 #include <time.h>
9 /* XXX application state */
11 static long nr_pages = 0;
12 static unsigned long *p2m_array = NULL;
13 static unsigned long *m2p_array = NULL;
14 static unsigned long pages_offset;
15 static unsigned long cr3[MAX_VIRT_CPUS];
17 /* --------------------- */
19 static unsigned long
20 map_mtop_offset(unsigned long ma)
21 {
22 return pages_offset + (m2p_array[ma >> PAGE_SHIFT] << PAGE_SHIFT);
23 return 0;
24 }
27 void *
28 map_domain_va_core(unsigned long domfd, int cpu, void * guest_va,
29 vcpu_guest_context_t *ctxt)
30 {
31 unsigned long pde, page;
32 unsigned long va = (unsigned long)guest_va;
33 void *v;
35 static unsigned long cr3_phys[MAX_VIRT_CPUS];
36 static unsigned long *cr3_virt[MAX_VIRT_CPUS];
37 static unsigned long pde_phys[MAX_VIRT_CPUS];
38 static unsigned long *pde_virt[MAX_VIRT_CPUS];
39 static unsigned long page_phys[MAX_VIRT_CPUS];
40 static unsigned long *page_virt[MAX_VIRT_CPUS];
42 if (cr3[cpu] != cr3_phys[cpu])
43 {
44 cr3_phys[cpu] = cr3[cpu];
45 if (cr3_virt[cpu])
46 munmap(cr3_virt[cpu], PAGE_SIZE);
47 v = mmap(
48 NULL, PAGE_SIZE, PROT_READ, MAP_PRIVATE, domfd,
49 map_mtop_offset(cr3_phys[cpu]));
50 if (v == MAP_FAILED)
51 {
52 perror("mmap failed");
53 return NULL;
54 }
55 cr3_virt[cpu] = v;
56 }
57 if ((pde = cr3_virt[cpu][vtopdi(va)]) == 0) /* logical address */
58 return NULL;
59 if (ctxt[cpu].flags & VGCF_HVM_GUEST)
60 pde = p2m_array[pde >> PAGE_SHIFT] << PAGE_SHIFT;
61 if (pde != pde_phys[cpu])
62 {
63 pde_phys[cpu] = pde;
64 if (pde_virt[cpu])
65 munmap(pde_virt[cpu], PAGE_SIZE);
66 v = mmap(
67 NULL, PAGE_SIZE, PROT_READ, MAP_PRIVATE, domfd,
68 map_mtop_offset(pde_phys[cpu]));
69 if (v == MAP_FAILED)
70 return NULL;
71 pde_virt[cpu] = v;
72 }
73 if ((page = pde_virt[cpu][vtopti(va)]) == 0) /* logical address */
74 return NULL;
75 if (ctxt[cpu].flags & VGCF_HVM_GUEST)
76 page = p2m_array[page >> PAGE_SHIFT] << PAGE_SHIFT;
77 if (page != page_phys[cpu])
78 {
79 page_phys[cpu] = page;
80 if (page_virt[cpu])
81 munmap(page_virt[cpu], PAGE_SIZE);
82 v = mmap(
83 NULL, PAGE_SIZE, PROT_READ, MAP_PRIVATE, domfd,
84 map_mtop_offset(page_phys[cpu]));
85 if (v == MAP_FAILED)
86 {
87 printf("cr3 %lx pde %lx page %lx pti %lx\n", cr3[cpu], pde, page, vtopti(va));
88 page_phys[cpu] = 0;
89 return NULL;
90 }
91 page_virt[cpu] = v;
92 }
93 return (void *)(((unsigned long)page_virt[cpu]) | (va & BSD_PAGE_MASK));
94 }
96 int
97 xc_waitdomain_core(
98 int xc_handle,
99 int domfd,
100 int *status,
101 int options,
102 vcpu_guest_context_t *ctxt)
103 {
104 int nr_vcpus;
105 int i;
106 xc_core_header_t header;
108 if (nr_pages == 0)
109 {
111 if (read(domfd, &header, sizeof(header)) != sizeof(header))
112 return -1;
114 if (header.xch_magic != XC_CORE_MAGIC) {
115 printf("Magic number missmatch: 0x%08x (file) != "
116 " 0x%08x (code)\n", header.xch_magic,
117 XC_CORE_MAGIC);
118 return -1;
119 }
121 nr_pages = header.xch_nr_pages;
122 nr_vcpus = header.xch_nr_vcpus;
123 pages_offset = header.xch_pages_offset;
125 if (read(domfd, ctxt, sizeof(vcpu_guest_context_t)*nr_vcpus) !=
126 sizeof(vcpu_guest_context_t)*nr_vcpus)
127 return -1;
129 for (i = 0; i < nr_vcpus; i++) {
130 cr3[i] = ctxt[i].ctrlreg[3];
131 }
132 if ((p2m_array = malloc(nr_pages * sizeof(unsigned long))) == NULL)
133 {
134 printf("Could not allocate p2m_array\n");
135 return -1;
136 }
137 if (read(domfd, p2m_array, sizeof(unsigned long)*nr_pages) !=
138 sizeof(unsigned long)*nr_pages)
139 return -1;
141 if ((m2p_array = malloc((1<<20) * sizeof(unsigned long))) == NULL)
142 {
143 printf("Could not allocate m2p array\n");
144 return -1;
145 }
146 bzero(m2p_array, sizeof(unsigned long)* 1 << 20);
148 for (i = 0; i < nr_pages; i++) {
149 m2p_array[p2m_array[i]] = i;
150 }
152 }
153 return 0;
154 }
156 /*
157 * Local variables:
158 * mode: C
159 * c-set-style: "BSD"
160 * c-basic-offset: 4
161 * tab-width: 4
162 * indent-tabs-mode: nil
163 * End:
164 */