ia64/xen-unstable

changeset 17860:6e92603ed9f2

Introduce guest_handle_subrange_okay() for checking sub-sections of an
argument array. Needed where a compat shim is splitting up a 32-bit
guest's larger argument array, and only the currently-active part of
the translated array is contained within the compat_arg_xlat_area.

Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
author Keir Fraser <keir.fraser@citrix.com>
date Fri Jun 13 13:49:56 2008 +0100 (2008-06-13)
parents 08fb9a4489f7
children 2363cf4ab4cb
files xen/common/memory.c xen/include/asm-x86/guest_access.h xen/include/xen/xencomm.h
line diff
     1.1 --- a/xen/common/memory.c	Fri Jun 13 13:48:13 2008 +0100
     1.2 +++ b/xen/common/memory.c	Fri Jun 13 13:49:56 2008 +0100
     1.3 @@ -47,7 +47,8 @@ static void increase_reservation(struct 
     1.4      unsigned int node = domain_to_node(d);
     1.5  
     1.6      if ( !guest_handle_is_null(a->extent_list) &&
     1.7 -         !guest_handle_okay(a->extent_list, a->nr_extents) )
     1.8 +         !guest_handle_subrange_okay(a->extent_list, a->nr_done,
     1.9 +                                     a->nr_extents-1) )
    1.10          return;
    1.11  
    1.12      if ( (a->extent_order != 0) &&
    1.13 @@ -94,7 +95,8 @@ static void populate_physmap(struct memo
    1.14      struct domain *d = a->domain;
    1.15      unsigned int node = domain_to_node(d);
    1.16  
    1.17 -    if ( !guest_handle_okay(a->extent_list, a->nr_extents) )
    1.18 +    if ( !guest_handle_subrange_okay(a->extent_list, a->nr_done,
    1.19 +                                     a->nr_extents-1) )
    1.20          return;
    1.21  
    1.22      if ( (a->extent_order != 0) &&
    1.23 @@ -179,7 +181,8 @@ static void decrease_reservation(struct 
    1.24      unsigned long i, j;
    1.25      xen_pfn_t gmfn;
    1.26  
    1.27 -    if ( !guest_handle_okay(a->extent_list, a->nr_extents) )
    1.28 +    if ( !guest_handle_subrange_okay(a->extent_list, a->nr_done,
    1.29 +                                     a->nr_extents-1) )
    1.30          return;
    1.31  
    1.32      for ( i = a->nr_done; i < a->nr_extents; i++ )
    1.33 @@ -219,8 +222,8 @@ static long translate_gpfn_list(
    1.34      if ( op.nr_gpfns > (ULONG_MAX >> MEMOP_EXTENT_SHIFT) )
    1.35          return -EINVAL;
    1.36  
    1.37 -    if ( !guest_handle_okay(op.gpfn_list, op.nr_gpfns) ||
    1.38 -         !guest_handle_okay(op.mfn_list,  op.nr_gpfns) )
    1.39 +    if ( !guest_handle_subrange_okay(op.gpfn_list, *progress, op.nr_gpfns-1) ||
    1.40 +         !guest_handle_subrange_okay(op.mfn_list, *progress, op.nr_gpfns-1) )
    1.41          return -EFAULT;
    1.42  
    1.43      if ( op.domid == DOMID_SELF )
     2.1 --- a/xen/include/asm-x86/guest_access.h	Fri Jun 13 13:48:13 2008 +0100
     2.2 +++ b/xen/include/asm-x86/guest_access.h	Fri Jun 13 13:49:56 2008 +0100
     2.3 @@ -79,6 +79,11 @@
     2.4  #define guest_handle_okay(hnd, nr)                      \
     2.5      (shadow_mode_external(current->domain) ||           \
     2.6       array_access_ok((hnd).p, (nr), sizeof(*(hnd).p)))
     2.7 +#define guest_handle_subrange_okay(hnd, first, last)    \
     2.8 +    (shadow_mode_external(current->domain) ||           \
     2.9 +     array_access_ok((hnd).p + (first),                 \
    2.10 +                     (last)-(first)+1,                  \
    2.11 +                     sizeof(*(hnd).p)))
    2.12  
    2.13  #define __copy_to_guest_offset(hnd, off, ptr, nr) ({    \
    2.14      const typeof(*(ptr)) *_s = (ptr);                   \
     3.1 --- a/xen/include/xen/xencomm.h	Fri Jun 13 13:48:13 2008 +0100
     3.2 +++ b/xen/include/xen/xencomm.h	Fri Jun 13 13:49:56 2008 +0100
     3.3 @@ -62,6 +62,7 @@ static inline unsigned long xencomm_inli
     3.4  /* Since we run in real mode, we can safely access all addresses. That also
     3.5   * means our __routines are identical to our "normal" routines. */
     3.6  #define guest_handle_okay(hnd, nr) 1
     3.7 +#define guest_handle_subrange_okay(hnd, first, last) 1
     3.8  
     3.9  /*
    3.10   * Copy an array of objects to guest context via a guest handle.