ia64/xen-unstable

changeset 16497:c555a5f97982

domctl: Fix handling of size parameter in ext_vcpucontext domctl commands.
Original patch by Stefan Berger.
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
author Keir Fraser <keir.fraser@citrix.com>
date Wed Nov 28 13:36:56 2007 +0000 (2007-11-28)
parents 71bfeeb0b321
children 0b9048f7f257
files xen/arch/x86/domctl.c
line diff
     1.1 --- a/xen/arch/x86/domctl.c	Wed Nov 28 13:28:49 2007 +0000
     1.2 +++ b/xen/arch/x86/domctl.c	Wed Nov 28 13:36:56 2007 +0000
     1.3 @@ -709,11 +709,6 @@ long arch_do_domctl(
     1.4  
     1.5          evc = &domctl->u.ext_vcpucontext;
     1.6  
     1.7 -        ret = (evc->size < sizeof(*evc)) ? -EINVAL : 0;
     1.8 -        evc->size = sizeof(*evc);
     1.9 -        if ( ret != 0 )
    1.10 -            break;
    1.11 -
    1.12          ret = -ESRCH;
    1.13          d = rcu_lock_domain_by_id(domctl->domain);
    1.14          if ( d == NULL )
    1.15 @@ -726,6 +721,7 @@ long arch_do_domctl(
    1.16  
    1.17          if ( domctl->cmd == XEN_DOMCTL_get_ext_vcpucontext )
    1.18          {
    1.19 +            evc->size = sizeof(*evc);
    1.20  #ifdef __x86_64__
    1.21              evc->sysenter_callback_cs      = v->arch.sysenter_callback_cs;
    1.22              evc->sysenter_callback_eip     = v->arch.sysenter_callback_eip;
    1.23 @@ -744,6 +740,9 @@ long arch_do_domctl(
    1.24          }
    1.25          else
    1.26          {
    1.27 +            ret = -EINVAL;
    1.28 +            if ( evc->size != sizeof(*evc) )
    1.29 +                goto ext_vcpucontext_out;
    1.30  #ifdef __x86_64__
    1.31              fixup_guest_code_selector(d, evc->sysenter_callback_cs);
    1.32              v->arch.sysenter_callback_cs      = evc->sysenter_callback_cs;
    1.33 @@ -755,7 +754,6 @@ long arch_do_domctl(
    1.34              v->arch.syscall32_disables_events = evc->syscall32_disables_events;
    1.35  #else
    1.36              /* We do not support syscall/syscall32/sysenter on 32-bit Xen. */
    1.37 -            ret = -EINVAL;
    1.38              if ( (evc->sysenter_callback_cs & ~3) ||
    1.39                   evc->sysenter_callback_eip ||
    1.40                   (evc->syscall32_callback_cs & ~3) ||
    1.41 @@ -768,7 +766,8 @@ long arch_do_domctl(
    1.42  
    1.43      ext_vcpucontext_out:
    1.44          rcu_unlock_domain(d);
    1.45 -        if ( copy_to_guest(u_domctl, domctl, 1) )
    1.46 +        if ( (domctl->cmd == XEN_DOMCTL_get_ext_vcpucontext) &&
    1.47 +             copy_to_guest(u_domctl, domctl, 1) )
    1.48              ret = -EFAULT;
    1.49      }
    1.50      break;