ia64/xen-unstable

changeset 16543:46776e65e679

[XEN, 32on64]: Correct continuation translation for large
compat_mmuext hypercalls.

At the point where we translate the continuation "nat_ops" points to
the beginning of the batch of "i" entries, therefore it must be
incremented by the number of entries processed "i - left". At the same
point "cmp_uops" points to the end of the batch of entries and must
therefore be decremented by "left".

The new count value has already been set by do_mmuext_op to "left" and
therefore it is correct to add "count - i" since that is the number of
entries that remain after this batch.

Signed-off-by: Ian Campbell <ian.campbell@xensource.com>
author Keir Fraser <keir.fraser@citrix.com>
date Thu Dec 06 11:24:02 2007 +0000 (2007-12-06)
parents 1936e6a79f85
children d7a0a73e5dca
files xen/arch/x86/x86_64/compat/mm.c xen/include/asm-x86/guest_access.h
line diff
     1.1 --- a/xen/arch/x86/x86_64/compat/mm.c	Thu Dec 06 11:23:04 2007 +0000
     1.2 +++ b/xen/arch/x86/x86_64/compat/mm.c	Thu Dec 06 11:24:02 2007 +0000
     1.3 @@ -298,9 +298,8 @@ int compat_mmuext_op(XEN_GUEST_HANDLE(mm
     1.4  
     1.5                  BUG_ON(left == arg1);
     1.6                  BUG_ON(left > count);
     1.7 -                guest_handle_add_offset(nat_ops, count - left);
     1.8 -                BUG_ON(left + i < count);
     1.9 -                guest_handle_add_offset(cmp_uops, (signed int)(count - left - i));
    1.10 +                guest_handle_add_offset(nat_ops, i - left);
    1.11 +                guest_handle_subtract_offset(cmp_uops, left);
    1.12                  left = 1;
    1.13                  BUG_ON(!hypercall_xlat_continuation(&left, 0x01, nat_ops, cmp_uops));
    1.14                  BUG_ON(left != arg1);
     2.1 --- a/xen/include/asm-x86/guest_access.h	Thu Dec 06 11:23:04 2007 +0000
     2.2 +++ b/xen/include/asm-x86/guest_access.h	Thu Dec 06 11:24:02 2007 +0000
     2.3 @@ -17,6 +17,7 @@
     2.4  
     2.5  /* Offset the given guest handle into the array it refers to. */
     2.6  #define guest_handle_add_offset(hnd, nr) ((hnd).p += (nr))
     2.7 +#define guest_handle_subtract_offset(hnd, nr) ((hnd).p -= (nr))
     2.8  
     2.9  /* Cast a guest handle to the specified type of handle. */
    2.10  #define guest_handle_cast(hnd, type) ({         \