direct-io.hg

changeset 15399:45a44a9cbe8d

Enhance guest memory accessor macros so that source operands can be
pointers to const or arrays.

Only build-tested on ia64, and untested for powerpc (which, however,
is almost identical to ia64, except for an apparent bug in the original
version of __copy_field_{from,to}_guest in that the field offset was
multiplied by the field size).

Signed-off-by: Jan Beulich <jbeulich@novell.com>
author kfraser@localhost.localdomain
date Wed Jun 20 15:29:53 2007 +0100 (2007-06-20)
parents 499bab040137
children 005dd6b1cf8e
files xen/arch/x86/mm.c xen/arch/x86/traps.c xen/common/domctl.c xen/common/kernel.c xen/common/perfc.c xen/drivers/char/console.c xen/include/asm-ia64/guest_access.h xen/include/asm-x86/guest_access.h xen/include/xen/compat.h xen/include/xen/xencomm.h
line diff
     1.1 --- a/xen/arch/x86/mm.c	Wed Jun 20 15:08:32 2007 +0100
     1.2 +++ b/xen/arch/x86/mm.c	Wed Jun 20 15:29:53 2007 +0100
     1.3 @@ -2942,7 +2942,7 @@ long do_set_gdt(XEN_GUEST_HANDLE(ulong) 
     1.4      if ( entries > FIRST_RESERVED_GDT_ENTRY )
     1.5          return -EINVAL;
     1.6      
     1.7 -    if ( copy_from_guest((unsigned long *)frames, frame_list, nr_pages) )
     1.8 +    if ( copy_from_guest(frames, frame_list, nr_pages) )
     1.9          return -EFAULT;
    1.10  
    1.11      LOCK_BIGLOCK(current->domain);
    1.12 @@ -3123,7 +3123,7 @@ long arch_memory_op(int op, XEN_GUEST_HA
    1.13          else if ( (d = rcu_lock_domain_by_id(fmap.domid)) == NULL )
    1.14              return -ESRCH;
    1.15  
    1.16 -        rc = copy_from_guest(&d->arch.e820[0], fmap.map.buffer,
    1.17 +        rc = copy_from_guest(d->arch.e820, fmap.map.buffer,
    1.18                               fmap.map.nr_entries) ? -EFAULT : 0;
    1.19          d->arch.nr_e820 = fmap.map.nr_entries;
    1.20  
    1.21 @@ -3144,7 +3144,7 @@ long arch_memory_op(int op, XEN_GUEST_HA
    1.22              return -EFAULT;
    1.23  
    1.24          map.nr_entries = min(map.nr_entries, d->arch.nr_e820);
    1.25 -        if ( copy_to_guest(map.buffer, &d->arch.e820[0], map.nr_entries) ||
    1.26 +        if ( copy_to_guest(map.buffer, d->arch.e820, map.nr_entries) ||
    1.27               copy_to_guest(arg, &map, 1) )
    1.28              return -EFAULT;
    1.29  
    1.30 @@ -3168,7 +3168,7 @@ long arch_memory_op(int op, XEN_GUEST_HA
    1.31          buffer = guest_handle_cast(memmap.buffer, e820entry_t);
    1.32  
    1.33          count = min((unsigned int)e820.nr_map, memmap.nr_entries);
    1.34 -        if ( copy_to_guest(buffer, &e820.map[0], count) < 0 )
    1.35 +        if ( copy_to_guest(buffer, e820.map, count) < 0 )
    1.36              return -EFAULT;
    1.37  
    1.38          memmap.nr_entries = count;
    1.39 @@ -3181,7 +3181,7 @@ long arch_memory_op(int op, XEN_GUEST_HA
    1.40  
    1.41      case XENMEM_machphys_mapping:
    1.42      {
    1.43 -        struct xen_machphys_mapping mapping = {
    1.44 +        static const struct xen_machphys_mapping mapping = {
    1.45              .v_start = MACH2PHYS_VIRT_START,
    1.46              .v_end   = MACH2PHYS_VIRT_END,
    1.47              .max_mfn = MACH2PHYS_NR_ENTRIES - 1
     2.1 --- a/xen/arch/x86/traps.c	Wed Jun 20 15:08:32 2007 +0100
     2.2 +++ b/xen/arch/x86/traps.c	Wed Jun 20 15:29:53 2007 +0100
     2.3 @@ -1140,7 +1140,7 @@ static inline int guest_io_okay(
     2.4           * read as 0xff (no access allowed).
     2.5           */
     2.6          TOGGLE_MODE();
     2.7 -        switch ( __copy_from_guest_offset(&x.bytes[0], v->arch.iobmp,
     2.8 +        switch ( __copy_from_guest_offset(x.bytes, v->arch.iobmp,
     2.9                                            port>>3, 2) )
    2.10          {
    2.11          default: x.bytes[0] = ~0;
     3.1 --- a/xen/common/domctl.c	Wed Jun 20 15:08:32 2007 +0100
     3.2 +++ b/xen/common/domctl.c	Wed Jun 20 15:29:53 2007 +0100
     3.3 @@ -43,7 +43,7 @@ void cpumask_to_xenctl_cpumap(
     3.4  
     3.5      bitmap_long_to_byte(bytemap, cpus_addr(*cpumask), NR_CPUS);
     3.6  
     3.7 -    copy_to_guest(xenctl_cpumap->bitmap, &bytemap[0], copy_bytes);
     3.8 +    copy_to_guest(xenctl_cpumap->bitmap, bytemap, copy_bytes);
     3.9  
    3.10      for ( i = copy_bytes; i < guest_bytes; i++ )
    3.11          copy_to_guest_offset(xenctl_cpumap->bitmap, i, &zero, 1);
    3.12 @@ -63,7 +63,7 @@ void xenctl_cpumap_to_cpumask(
    3.13      if ( guest_handle_is_null(xenctl_cpumap->bitmap) )
    3.14          return;
    3.15  
    3.16 -    copy_from_guest(&bytemap[0], xenctl_cpumap->bitmap, copy_bytes);
    3.17 +    copy_from_guest(bytemap, xenctl_cpumap->bitmap, copy_bytes);
    3.18  
    3.19      bitmap_byte_to_long(cpus_addr(*cpumask), bytemap, NR_CPUS);
    3.20  }
     4.1 --- a/xen/common/kernel.c	Wed Jun 20 15:08:32 2007 +0100
     4.2 +++ b/xen/common/kernel.c	Wed Jun 20 15:29:53 2007 +0100
     4.3 @@ -142,7 +142,7 @@ DO(xen_version)(int cmd, XEN_GUEST_HANDL
     4.4      {
     4.5          xen_extraversion_t extraversion;
     4.6          safe_strcpy(extraversion, xen_extra_version());
     4.7 -        if ( copy_to_guest(arg, (char *)extraversion, sizeof(extraversion)) )
     4.8 +        if ( copy_to_guest(arg, extraversion, ARRAY_SIZE(extraversion)) )
     4.9              return -EFAULT;
    4.10          return 0;
    4.11      }
    4.12 @@ -167,7 +167,7 @@ DO(xen_version)(int cmd, XEN_GUEST_HANDL
    4.13          memset(info, 0, sizeof(info));
    4.14          arch_get_xen_caps(&info);
    4.15  
    4.16 -        if ( copy_to_guest(arg, (char *)info, sizeof(info)) )
    4.17 +        if ( copy_to_guest(arg, info, ARRAY_SIZE(info)) )
    4.18              return -EFAULT;
    4.19          return 0;
    4.20      }
    4.21 @@ -187,7 +187,7 @@ DO(xen_version)(int cmd, XEN_GUEST_HANDL
    4.22      {
    4.23          xen_changeset_info_t chgset;
    4.24          safe_strcpy(chgset, xen_changeset());
    4.25 -        if ( copy_to_guest(arg, (char *)chgset, sizeof(chgset)) )
    4.26 +        if ( copy_to_guest(arg, chgset, ARRAY_SIZE(chgset)) )
    4.27              return -EFAULT;
    4.28          return 0;
    4.29      }
    4.30 @@ -229,8 +229,8 @@ DO(xen_version)(int cmd, XEN_GUEST_HANDL
    4.31  
    4.32      case XENVER_guest_handle:
    4.33      {
    4.34 -        if ( copy_to_guest(arg, (char *)current->domain->handle,
    4.35 -                           sizeof(current->domain->handle)) )
    4.36 +        if ( copy_to_guest(arg, current->domain->handle,
    4.37 +                           ARRAY_SIZE(current->domain->handle)) )
    4.38              return -EFAULT;
    4.39          return 0;
    4.40      }    
     5.1 --- a/xen/common/perfc.c	Wed Jun 20 15:08:32 2007 +0100
     5.2 +++ b/xen/common/perfc.c	Wed Jun 20 15:29:53 2007 +0100
     5.3 @@ -227,7 +227,7 @@ static int perfc_copy_info(XEN_GUEST_HAN
     5.4      }
     5.5      BUG_ON(v != perfc_nbr_vals);
     5.6  
     5.7 -    if ( copy_to_guest(desc, (xen_sysctl_perfc_desc_t *)perfc_d, NR_PERFCTRS) )
     5.8 +    if ( copy_to_guest(desc, perfc_d, NR_PERFCTRS) )
     5.9          return -EFAULT;
    5.10      if ( copy_to_guest(val, perfc_vals, perfc_nbr_vals) )
    5.11          return -EFAULT;
     6.1 --- a/xen/drivers/char/console.c	Wed Jun 20 15:08:32 2007 +0100
     6.2 +++ b/xen/drivers/char/console.c	Wed Jun 20 15:29:53 2007 +0100
     6.3 @@ -326,7 +326,7 @@ static long guest_console_write(XEN_GUES
     6.4                  CONSOLEIO_write, count, buffer);
     6.5  
     6.6          kcount = min_t(int, count, sizeof(kbuf)-1);
     6.7 -        if ( copy_from_guest((char *)kbuf, buffer, kcount) )
     6.8 +        if ( copy_from_guest(kbuf, buffer, kcount) )
     6.9              return -EFAULT;
    6.10          kbuf[kcount] = '\0';
    6.11  
     7.1 --- a/xen/include/asm-ia64/guest_access.h	Wed Jun 20 15:08:32 2007 +0100
     7.2 +++ b/xen/include/asm-ia64/guest_access.h	Wed Jun 20 15:29:53 2007 +0100
     7.3 @@ -76,28 +76,31 @@ extern int xencomm_handle_is_null(void *
     7.4      __copy_field_from_guest(ptr, hnd, field)
     7.5  
     7.6  #define __copy_to_guest_offset(hnd, idx, ptr, nr) ({                    \
     7.7 -    const typeof(ptr) _d = (hnd).p;                                     \
     7.8 -    const typeof(ptr) _s = (ptr);                                       \
     7.9 +    const typeof(*(ptr)) *_s = (ptr);                                   \
    7.10 +    void *_d = (hnd).p;                                                 \
    7.11 +    ((void)((hnd).p == (ptr)));                                         \
    7.12      xencomm_copy_to_guest(_d, _s, sizeof(*_s)*(nr), sizeof(*_s)*(idx)); \
    7.13  })
    7.14  
    7.15  #define __copy_field_to_guest(hnd, ptr, field) ({                   \
    7.16 -    const int _off = offsetof(typeof(*ptr), field);                 \
    7.17 -    const typeof(ptr) _d = (hnd).p;                                 \
    7.18 +    unsigned int _off = offsetof(typeof(*(hnd).p), field);          \
    7.19      const typeof(&(ptr)->field) _s = &(ptr)->field;                 \
    7.20 +    void *_d = (hnd).p;                                             \
    7.21 +    ((void)(&(hnd).p->field == &(ptr)->field));                     \
    7.22      xencomm_copy_to_guest(_d, _s, sizeof(*_s), _off);               \
    7.23  })
    7.24  
    7.25 -#define __copy_from_guest_offset(ptr, hnd, idx, nr) ({                     \
    7.26 -    const typeof(ptr) _s = (hnd).p;                                        \
    7.27 -    const typeof(ptr) _d = (ptr);                                          \
    7.28 -    xencomm_copy_from_guest(_d, _s, sizeof(*_s)*(nr), sizeof(*_s)*(idx));  \
    7.29 +#define __copy_from_guest_offset(ptr, hnd, idx, nr) ({                    \
    7.30 +    const typeof(*(ptr)) *_s = (hnd).p;                                   \
    7.31 +    typeof(*(ptr)) *_d = (ptr);                                           \
    7.32 +    xencomm_copy_from_guest(_d, _s, sizeof(*_d)*(nr), sizeof(*_d)*(idx)); \
    7.33  })
    7.34  
    7.35  #define __copy_field_from_guest(ptr, hnd, field) ({                 \
    7.36 -    const int _off = offsetof(typeof(*ptr), field);                 \
    7.37 -    const typeof(ptr) _s = (hnd).p;                                 \
    7.38 -    const typeof(&(ptr)->field) _d = &(ptr)->field;                 \
    7.39 +    unsigned int _off = offsetof(typeof(*(hnd).p), field);          \
    7.40 +    const void *_s = (hnd).p;                                       \
    7.41 +    typeof(&(ptr)->field) _d = &(ptr)->field;                       \
    7.42 +    ((void)(&(hnd).p->field == &(ptr)->field));                     \
    7.43      xencomm_copy_from_guest(_d, _s, sizeof(*_d), _off);             \
    7.44  })
    7.45  
     8.1 --- a/xen/include/asm-x86/guest_access.h	Wed Jun 20 15:08:32 2007 +0100
     8.2 +++ b/xen/include/asm-x86/guest_access.h	Wed Jun 20 15:29:53 2007 +0100
     8.3 @@ -32,11 +32,12 @@
     8.4   * specifying an offset into the guest array.
     8.5   */
     8.6  #define copy_to_guest_offset(hnd, off, ptr, nr) ({      \
     8.7 -    typeof(ptr) _x = (hnd).p;                           \
     8.8 -    const typeof(ptr) _y = (ptr);                       \
     8.9 +    const typeof(*(ptr)) *_s = (ptr);                   \
    8.10 +    char (*_d)[sizeof(*_s)] = (void *)(hnd).p;          \
    8.11 +    ((void)((hnd).p == (ptr)));                         \
    8.12      is_hvm_vcpu(current) ?                              \
    8.13 -    copy_to_user_hvm(_x+(off), _y, sizeof(*_x)*(nr)) :  \
    8.14 -    copy_to_user(_x+(off), _y, sizeof(*_x)*(nr));       \
    8.15 +    copy_to_user_hvm(_d+(off), _s, sizeof(*_s)*(nr)) :  \
    8.16 +    copy_to_user(_d+(off), _s, sizeof(*_s)*(nr));       \
    8.17  })
    8.18  
    8.19  /*
    8.20 @@ -44,29 +45,30 @@
    8.21   * specifying an offset into the guest array.
    8.22   */
    8.23  #define copy_from_guest_offset(ptr, hnd, off, nr) ({    \
    8.24 -    const typeof(ptr) _x = (hnd).p;                     \
    8.25 -    typeof(ptr) _y = (ptr);                             \
    8.26 +    const typeof(*(ptr)) *_s = (hnd).p;                 \
    8.27 +    typeof(*(ptr)) *_d = (ptr);                         \
    8.28      is_hvm_vcpu(current) ?                              \
    8.29 -    copy_from_user_hvm(_y, _x+(off), sizeof(*_x)*(nr)) :\
    8.30 -    copy_from_user(_y, _x+(off), sizeof(*_x)*(nr));     \
    8.31 +    copy_from_user_hvm(_d, _s+(off), sizeof(*_d)*(nr)) :\
    8.32 +    copy_from_user(_d, _s+(off), sizeof(*_d)*(nr));     \
    8.33  })
    8.34  
    8.35  /* Copy sub-field of a structure to guest context via a guest handle. */
    8.36  #define copy_field_to_guest(hnd, ptr, field) ({         \
    8.37 -    typeof(&(ptr)->field) _x = &(hnd).p->field;         \
    8.38 -    const typeof(&(ptr)->field) _y = &(ptr)->field;     \
    8.39 +    const typeof(&(ptr)->field) _s = &(ptr)->field;     \
    8.40 +    void *_d = &(hnd).p->field;                         \
    8.41 +    ((void)(&(hnd).p->field == &(ptr)->field));         \
    8.42      is_hvm_vcpu(current) ?                              \
    8.43 -    copy_to_user_hvm(_x, _y, sizeof(*_x)) :             \
    8.44 -    copy_to_user(_x, _y, sizeof(*_x));                  \
    8.45 +    copy_to_user_hvm(_d, _s, sizeof(*_s)) :             \
    8.46 +    copy_to_user(_d, _s, sizeof(*_s));                  \
    8.47  })
    8.48  
    8.49  /* Copy sub-field of a structure from guest context via a guest handle. */
    8.50  #define copy_field_from_guest(ptr, hnd, field) ({       \
    8.51 -    const typeof(&(ptr)->field) _x = &(hnd).p->field;   \
    8.52 -    typeof(&(ptr)->field) _y = &(ptr)->field;           \
    8.53 +    const typeof(&(ptr)->field) _s = &(hnd).p->field;   \
    8.54 +    typeof(&(ptr)->field) _d = &(ptr)->field;           \
    8.55      is_hvm_vcpu(current) ?                              \
    8.56 -    copy_from_user_hvm(_y, _x, sizeof(*_x)) :           \
    8.57 -    copy_from_user(_y, _x, sizeof(*_x));                \
    8.58 +    copy_from_user_hvm(_d, _s, sizeof(*_d)) :           \
    8.59 +    copy_from_user(_d, _s, sizeof(*_d));                \
    8.60  })
    8.61  
    8.62  /*
    8.63 @@ -78,35 +80,37 @@
    8.64       array_access_ok((hnd).p, (nr), sizeof(*(hnd).p)))
    8.65  
    8.66  #define __copy_to_guest_offset(hnd, off, ptr, nr) ({    \
    8.67 -    typeof(ptr) _x = (hnd).p;                           \
    8.68 -    const typeof(ptr) _y = (ptr);                       \
    8.69 +    const typeof(*(ptr)) *_s = (ptr);                   \
    8.70 +    char (*_d)[sizeof(*_s)] = (void *)(hnd).p;          \
    8.71 +    ((void)((hnd).p == (ptr)));                         \
    8.72      is_hvm_vcpu(current) ?                              \
    8.73 -    copy_to_user_hvm(_x+(off), _y, sizeof(*_x)*(nr)) :  \
    8.74 -    __copy_to_user(_x+(off), _y, sizeof(*_x)*(nr));     \
    8.75 +    copy_to_user_hvm(_d+(off), _s, sizeof(*_s)*(nr)) :  \
    8.76 +    __copy_to_user(_d+(off), _s, sizeof(*_s)*(nr));     \
    8.77  })
    8.78  
    8.79  #define __copy_from_guest_offset(ptr, hnd, off, nr) ({  \
    8.80 -    const typeof(ptr) _x = (hnd).p;                     \
    8.81 -    typeof(ptr) _y = (ptr);                             \
    8.82 +    const typeof(*(ptr)) *_s = (hnd).p;                 \
    8.83 +    typeof(*(ptr)) *_d = (ptr);                         \
    8.84      is_hvm_vcpu(current) ?                              \
    8.85 -    copy_from_user_hvm(_y, _x+(off),sizeof(*_x)*(nr)) : \
    8.86 -    __copy_from_user(_y, _x+(off), sizeof(*_x)*(nr));   \
    8.87 +    copy_from_user_hvm(_d, _s+(off), sizeof(*_d)*(nr)) :\
    8.88 +    __copy_from_user(_d, _s+(off), sizeof(*_d)*(nr));   \
    8.89  })
    8.90  
    8.91  #define __copy_field_to_guest(hnd, ptr, field) ({       \
    8.92 -    typeof(&(ptr)->field) _x = &(hnd).p->field;         \
    8.93 -    const typeof(&(ptr)->field) _y = &(ptr)->field;     \
    8.94 +    const typeof(&(ptr)->field) _s = &(ptr)->field;     \
    8.95 +    void *_d = &(hnd).p->field;                         \
    8.96 +    ((void)(&(hnd).p->field == &(ptr)->field));         \
    8.97      is_hvm_vcpu(current) ?                              \
    8.98 -    copy_to_user_hvm(_x, _y, sizeof(*_x)) :             \
    8.99 -    __copy_to_user(_x, _y, sizeof(*_x));                \
   8.100 +    copy_to_user_hvm(_d, _s, sizeof(*_s)) :             \
   8.101 +    __copy_to_user(_d, _s, sizeof(*_s));                \
   8.102  })
   8.103  
   8.104  #define __copy_field_from_guest(ptr, hnd, field) ({     \
   8.105 -    const typeof(&(ptr)->field) _x = &(hnd).p->field;   \
   8.106 -    typeof(&(ptr)->field) _y = &(ptr)->field;           \
   8.107 +    const typeof(&(ptr)->field) _s = &(hnd).p->field;   \
   8.108 +    typeof(&(ptr)->field) _d = &(ptr)->field;           \
   8.109      is_hvm_vcpu(current) ?                              \
   8.110 -    copy_from_user_hvm(_y, _x, sizeof(*_x)) :           \
   8.111 -    __copy_from_user(_y, _x, sizeof(*_x));              \
   8.112 +    copy_from_user_hvm(_d, _s, sizeof(*_d)) :           \
   8.113 +    __copy_from_user(_d, _s, sizeof(*_d));              \
   8.114  })
   8.115  
   8.116  #endif /* __ASM_X86_GUEST_ACCESS_H__ */
     9.1 --- a/xen/include/xen/compat.h	Wed Jun 20 15:08:32 2007 +0100
     9.2 +++ b/xen/include/xen/compat.h	Wed Jun 20 15:29:53 2007 +0100
     9.3 @@ -44,9 +44,10 @@
     9.4   * specifying an offset into the guest array.
     9.5   */
     9.6  #define copy_to_compat_offset(hnd, off, ptr, nr) ({                  \
     9.7 -    const typeof(ptr) _x = (typeof(**(hnd)._) *)(full_ptr_t)(hnd).c; \
     9.8 -    const typeof(*(ptr)) *const _y = (ptr);                          \
     9.9 -    copy_to_user(_x + (off), _y, sizeof(*_x) * (nr));                \
    9.10 +    const typeof(*(ptr)) *_s = (ptr);                                \
    9.11 +    char (*_d)[sizeof(*_s)] = (void *)(full_ptr_t)(hnd).c;           \
    9.12 +    ((void)((typeof(**(hnd)._) *)(full_ptr_t)(hnd).c == (ptr)));     \
    9.13 +    copy_to_user(_d + (off), _s, sizeof(*_s) * (nr));                \
    9.14  })
    9.15  
    9.16  /*
    9.17 @@ -54,9 +55,9 @@
    9.18   * specifying an offset into the guest array.
    9.19   */
    9.20  #define copy_from_compat_offset(ptr, hnd, off, nr) ({                \
    9.21 -    const typeof(ptr) _x = (typeof(**(hnd)._) *)(full_ptr_t)(hnd).c; \
    9.22 -    const typeof(ptr) _y = (ptr);                                    \
    9.23 -    copy_from_user(_y, _x + (off), sizeof(*_x) * (nr));              \
    9.24 +    const typeof(*(ptr)) *_s = (typeof(**(hnd)._) *)(full_ptr_t)(hnd).c; \
    9.25 +    typeof(*(ptr)) *_d = (ptr);                                      \
    9.26 +    copy_from_user(_d, _s + (off), sizeof(*_d) * (nr));              \
    9.27  })
    9.28  
    9.29  #define copy_to_compat(hnd, ptr, nr)                                 \
    9.30 @@ -67,16 +68,19 @@
    9.31  
    9.32  /* Copy sub-field of a structure to guest context via a compat handle. */
    9.33  #define copy_field_to_compat(hnd, ptr, field) ({                     \
    9.34 -    typeof((ptr)->field) *const _x = &((typeof(**(hnd)._) *)(full_ptr_t)(hnd).c)->field; \
    9.35 -    const typeof((ptr)->field) *const _y = &(ptr)->field;            \
    9.36 -    copy_to_user(_x, _y, sizeof(*_x));                               \
    9.37 +    const typeof(&(ptr)->field) _s = &(ptr)->field;                  \
    9.38 +    void *_d = &((typeof(**(hnd)._) *)(full_ptr_t)(hnd).c)->field;   \
    9.39 +    ((void)(&((typeof(**(hnd)._) *)(full_ptr_t)(hnd).c)->field ==    \
    9.40 +            &(ptr)->field));                                         \
    9.41 +    copy_to_user(_d, _s, sizeof(*_s));                               \
    9.42  })
    9.43  
    9.44  /* Copy sub-field of a structure from guest context via a compat handle. */
    9.45  #define copy_field_from_compat(ptr, hnd, field) ({                   \
    9.46 -    typeof((ptr)->field) *const _x = &((typeof(**(hnd)._) *)(full_ptr_t)(hnd).c)->field; \
    9.47 -    typeof((ptr)->field) *const _y = &(ptr)->field;                  \
    9.48 -    copy_from_user(_y, _x, sizeof(*_x));                             \
    9.49 +    const typeof(&(ptr)->field) _s =                                 \
    9.50 +        &((typeof(**(hnd)._) *)(full_ptr_t)(hnd).c)->field;          \
    9.51 +    typeof(&(ptr)->field) _d = &(ptr)->field;                        \
    9.52 +    copy_from_user(_d, _s, sizeof(*_d));                             \
    9.53  })
    9.54  
    9.55  /*
    9.56 @@ -84,18 +88,20 @@
    9.57   * Allows use of faster __copy_* functions.
    9.58   */
    9.59  #define compat_handle_okay(hnd, nr)                                  \
    9.60 -    compat_array_access_ok((void *)(full_ptr_t)(hnd).c, (nr), sizeof(**(hnd)._))
    9.61 +    compat_array_access_ok((void *)(full_ptr_t)(hnd).c, (nr),        \
    9.62 +                           sizeof(**(hnd)._))
    9.63  
    9.64  #define __copy_to_compat_offset(hnd, off, ptr, nr) ({                \
    9.65 -    const typeof(ptr) _x = (typeof(**(hnd)._) *)(full_ptr_t)(hnd).c; \
    9.66 -    const typeof(*(ptr)) *const _y = (ptr);                          \
    9.67 -    __copy_to_user(_x + (off), _y, sizeof(*_x) * (nr));              \
    9.68 +    const typeof(*(ptr)) *_s = (ptr);                                \
    9.69 +    char (*_d)[sizeof(*_s)] = (void *)(full_ptr_t)(hnd).c;           \
    9.70 +    ((void)((typeof(**(hnd)._) *)(full_ptr_t)(hnd).c == (ptr)));     \
    9.71 +    __copy_to_user(_d + (off), _s, sizeof(*_s) * (nr));              \
    9.72  })
    9.73  
    9.74  #define __copy_from_compat_offset(ptr, hnd, off, nr) ({              \
    9.75 -    const typeof(ptr) _x = (typeof(**(hnd)._) *)(full_ptr_t)(hnd).c; \
    9.76 -    const typeof(ptr) _y = (ptr);                                    \
    9.77 -    __copy_from_user(_y, _x + (off), sizeof(*_x) * (nr));            \
    9.78 +    const typeof(*(ptr)) *_s = (typeof(**(hnd)._) *)(full_ptr_t)(hnd).c; \
    9.79 +    typeof(*(ptr)) *_d = (ptr);                                      \
    9.80 +    __copy_from_user(_d, _s + (off), sizeof(*_d) * (nr));            \
    9.81  })
    9.82  
    9.83  #define __copy_to_compat(hnd, ptr, nr)                               \
    9.84 @@ -105,15 +111,18 @@
    9.85      __copy_from_compat_offset(ptr, hnd, 0, nr)
    9.86  
    9.87  #define __copy_field_to_compat(hnd, ptr, field) ({                   \
    9.88 -    typeof((ptr)->field) *const _x = &((typeof(**(hnd)._) *)(full_ptr_t)(hnd).c)->field; \
    9.89 -    const typeof((ptr)->field) *const _y = &(ptr)->field;            \
    9.90 -    __copy_to_user(_x, _y, sizeof(*_x));                             \
    9.91 +    const typeof(&(ptr)->field) _s = &(ptr)->field;                  \
    9.92 +    void *_d = &((typeof(**(hnd)._) *)(full_ptr_t)(hnd).c)->field;   \
    9.93 +    ((void)(&((typeof(**(hnd)._) *)(full_ptr_t)(hnd).c)->field ==    \
    9.94 +            &(ptr)->field));                                         \
    9.95 +    __copy_to_user(_d, _s, sizeof(*_s));                             \
    9.96  })
    9.97  
    9.98  #define __copy_field_from_compat(ptr, hnd, field) ({                 \
    9.99 -    typeof((ptr)->field) *const _x = &((typeof(**(hnd)._) *)(full_ptr_t)(hnd).c)->field; \
   9.100 -    typeof((ptr)->field) *const _y = &(ptr)->field;                  \
   9.101 -    __copy_from_user(_y, _x, sizeof(*_x));                           \
   9.102 +    const typeof(&(ptr)->field) _s =                                 \
   9.103 +        &((typeof(**(hnd)._) *)(full_ptr_t)(hnd).c)->field;          \
   9.104 +    typeof(&(ptr)->field) _d = &(ptr)->field;                        \
   9.105 +    __copy_from_user(_d, _s, sizeof(*_d));                           \
   9.106  })
   9.107  
   9.108  
   9.109 @@ -169,7 +178,8 @@ void xlat_vcpu_runstate_info(struct vcpu
   9.110  int switch_compat(struct domain *);
   9.111  int switch_native(struct domain *);
   9.112  
   9.113 -#define BITS_PER_GUEST_LONG(d) (!IS_COMPAT(d) ? BITS_PER_LONG : COMPAT_BITS_PER_LONG)
   9.114 +#define BITS_PER_GUEST_LONG(d) \
   9.115 +    (!IS_COMPAT(d) ? BITS_PER_LONG : COMPAT_BITS_PER_LONG)
   9.116  
   9.117  #else
   9.118  
    10.1 --- a/xen/include/xen/xencomm.h	Wed Jun 20 15:08:32 2007 +0100
    10.2 +++ b/xen/include/xen/xencomm.h	Wed Jun 20 15:29:53 2007 +0100
    10.3 @@ -47,17 +47,17 @@ static inline unsigned long xencomm_inli
    10.4      ((hnd).p == NULL || xencomm_handle_is_null((hnd).p))
    10.5  
    10.6  /* Offset the given guest handle into the array it refers to. */
    10.7 -#define guest_handle_add_offset(hnd, nr) ({         \
    10.8 -    const typeof((hnd).p) _ptr;                     \
    10.9 -    xencomm_add_offset((void **)&((hnd).p), nr * sizeof(*_ptr));   \
   10.10 +#define guest_handle_add_offset(hnd, nr) ({                             \
   10.11 +    const typeof((hnd).p) _ptr;                                         \
   10.12 +    xencomm_add_offset((void **)&((hnd).p), nr * sizeof(*_ptr));        \
   10.13  })
   10.14  
   10.15  /* Cast a guest handle to the specified type of handle. */
   10.16  #define guest_handle_cast(hnd, type) ({         \
   10.17      type *_x = (hnd).p;                         \
   10.18 -    XEN_GUEST_HANDLE(type) _y; \
   10.19 -    set_xen_guest_handle(_y, _x); \
   10.20 -    _y; \
   10.21 +    XEN_GUEST_HANDLE(type) _y;                  \
   10.22 +    set_xen_guest_handle(_y, _x);               \
   10.23 +    _y;                                         \
   10.24  })
   10.25  
   10.26  /* Since we run in real mode, we can safely access all addresses. That also
   10.27 @@ -87,29 +87,32 @@ static inline unsigned long xencomm_inli
   10.28      __copy_field_from_guest(ptr, hnd, field)
   10.29  
   10.30  #define __copy_to_guest_offset(hnd, idx, ptr, nr) ({                \
   10.31 -    const typeof(ptr) _x = (hnd).p;                                 \
   10.32 -    const typeof(ptr) _y = (ptr);                                   \
   10.33 -    xencomm_copy_to_guest(_x, _y, sizeof(*_x)*(nr), sizeof(*_x)*(idx)); \
   10.34 +    const typeof(*(ptr)) *_s = (ptr);                               \
   10.35 +    void *_d = (hnd).p;                                             \
   10.36 +    ((void)((hnd).p == (ptr)));                                     \
   10.37 +    xencomm_copy_to_guest(_d, _s, sizeof(*_s)*(nr), sizeof(*_s)*(idx)); \
   10.38  })
   10.39  
   10.40  #define __copy_field_to_guest(hnd, ptr, field) ({                   \
   10.41 -    const int _off = offsetof(typeof(*ptr), field);                  \
   10.42 -    const typeof(&(ptr)->field) _x = &(hnd).p->field;               \
   10.43 -    const typeof(&(ptr)->field) _y = &(ptr)->field;                 \
   10.44 -    xencomm_copy_to_guest(_x, _y, sizeof(*_x), sizeof(*_x)*(_off)); \
   10.45 +    unsigned int _off = offsetof(typeof(*(hnd).p), field);          \
   10.46 +    const typeof(&(ptr)->field) _s = &(ptr)->field;                 \
   10.47 +    void *_d = (hnd).p;                                             \
   10.48 +    ((void)(&(hnd).p->field == &(ptr)->field));                     \
   10.49 +    xencomm_copy_to_guest(_d, _s, sizeof(*_s), _off);               \
   10.50  })
   10.51  
   10.52  #define __copy_from_guest_offset(ptr, hnd, idx, nr) ({              \
   10.53 -    const typeof(ptr) _x = (hnd).p;                                 \
   10.54 -    const typeof(ptr) _y = (ptr);                                   \
   10.55 -    xencomm_copy_from_guest(_y, _x, sizeof(*_x)*(nr), sizeof(*_x)*(idx));  \
   10.56 +    const typeof(*(ptr)) *_s = (hnd).p;                             \
   10.57 +    typeof(*(ptr)) *_d = (ptr);                                     \
   10.58 +    xencomm_copy_from_guest(_d, _s, sizeof(*_d)*(nr), sizeof(*_d)*(idx)); \
   10.59  })
   10.60  
   10.61  #define __copy_field_from_guest(ptr, hnd, field) ({                 \
   10.62 -    const int _off = offsetof(typeof(*ptr), field);                 \
   10.63 -    const typeof(&(ptr)->field) _x = &(hnd).p->field;               \
   10.64 -    const typeof(&(ptr)->field) _y = &(ptr)->field;                 \
   10.65 -    xencomm_copy_to_guest(_y, _x, sizeof(*_x), sizeof(*_x)*(_off)); \
   10.66 +    unsigned int _off = offsetof(typeof(*(hnd).p), field);          \
   10.67 +    const void *_s = (hnd).p;                                       \
   10.68 +    typeof(&(ptr)->field) _d = &(ptr)->field;                       \
   10.69 +    ((void)(&(hnd).p->field == &(ptr)->field));                     \
   10.70 +    xencomm_copy_from_guest(_d, _s, sizeof(*_d), _off);             \
   10.71  })
   10.72  
   10.73  #endif /* __XENCOMM_H__ */