ia64/xen-unstable

changeset 2409:7ed44d755dda

bitkeeper revision 1.1159.1.121 (4137d43394yNc9HkT8Aj5R2yv-YSWQ)

Merge labyrinth.cl.cam.ac.uk:/auto/groups/xeno/BK/xeno.bk
into labyrinth.cl.cam.ac.uk:/auto/anfs/scratch/labyrinth/iap10/xeno-clone/xeno.bk
author iap10@labyrinth.cl.cam.ac.uk
date Fri Sep 03 02:17:23 2004 +0000 (2004-09-03)
parents 9b8c52072a43 952b9b06fc86
children 46161d047e25 ccdb04941d97 24dd2dc4a142
files xen/arch/x86/x86_32/entry.S
line diff
     1.1 --- a/xen/arch/x86/x86_32/entry.S	Thu Sep 02 14:26:01 2004 +0000
     1.2 +++ b/xen/arch/x86/x86_32/entry.S	Fri Sep 03 02:17:23 2004 +0000
     1.3 @@ -148,6 +148,7 @@ ENTRY(continue_nonidle_task)
     1.4   *   2. We cannot recursively call HYPERVISOR_multicall, or a malicious
     1.5   *      caller could cause our stack to blow up.
     1.6   */
     1.7 +#define MULTICALL_ENTRY_ORDER 5
     1.8  do_multicall:
     1.9          popl  %eax
    1.10          cmpl  $SYMBOL_NAME(multicall_return_from_call),%eax
    1.11 @@ -155,6 +156,13 @@ do_multicall:
    1.12          pushl %ebx
    1.13          movl  4(%esp),%ebx   /* EBX == call_list */
    1.14          movl  8(%esp),%ecx   /* ECX == nr_calls  */
    1.15 +        /* Ensure the entire multicall list is below HYPERVISOR_VIRT_START. */
    1.16 +        movl  %ecx,%eax
    1.17 +        shll  $MULTICALL_ENTRY_ORDER,%eax
    1.18 +        addl  %ebx,%eax      /* EAX == end of multicall list */
    1.19 +        jc    bad_multicall_address
    1.20 +        cmpl  $__HYPERVISOR_VIRT_START,%eax
    1.21 +        jnc   bad_multicall_address
    1.22  multicall_loop:
    1.23          pushl %ecx
    1.24  multicall_fault1: 
    1.25 @@ -176,12 +184,17 @@ multicall_fault7:
    1.26          movl  %eax,24(%ebx) # args[5] == result
    1.27          addl  $20,%esp
    1.28          popl  %ecx
    1.29 -        addl  $(ARGS_PER_MULTICALL_ENTRY*4),%ebx
    1.30 +        addl  $(1<<MULTICALL_ENTRY_ORDER),%ebx
    1.31          loop  multicall_loop
    1.32          popl  %ebx
    1.33          xorl  %eax,%eax
    1.34          jmp   ret_from_hypercall
    1.35  
    1.36 +bad_multicall_address:
    1.37 +        popl  %ebx
    1.38 +        movl  $-EFAULT,%eax
    1.39 +        jmp   ret_from_hypercall        
    1.40 +                
    1.41  .section __ex_table,"a"
    1.42          .align 4
    1.43          .long multicall_fault1, multicall_fixup1