diff options
author | Ian Campbell <Ian.Campbell@citrix.com> | 2013-01-11 12:22:27 +0000 |
---|---|---|
committer | Ian Campbell <Ian.Campbell@citrix.com> | 2013-01-11 12:22:27 +0000 |
commit | 5bb2be127bb4ee2fa6fa4545ad68f084d3bc09b0 (patch) | |
tree | 85bbd2451aa2c5c30936b65841e3c096e56b417c /tools/libxc/xc_dom_core.c | |
parent | 5420f26507fc5c9853eb1076401a8658d72669da (diff) | |
download | xen-5bb2be127bb4ee2fa6fa4545ad68f084d3bc09b0.tar.gz xen-5bb2be127bb4ee2fa6fa4545ad68f084d3bc09b0.tar.bz2 xen-5bb2be127bb4ee2fa6fa4545ad68f084d3bc09b0.zip |
libxc: x86: ensure that the initial mapping fits into the guest's memory
In particular we need to check that adding 512KB of slack and
rounding up to a 4MB boundary do not overflow the guest's memory
allocation. Otherwise we run off the end of the p2m when building the
guest's initial page tables and populate them with garbage.
Wei noticed this when build tiny (2MB) mini-os domains.
Reported-by: Wei Liu <Wei.Liu2@citrix.com>
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
Diffstat (limited to 'tools/libxc/xc_dom_core.c')
-rw-r--r-- | tools/libxc/xc_dom_core.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/tools/libxc/xc_dom_core.c b/tools/libxc/xc_dom_core.c index 99f90dd45e..c8062d8773 100644 --- a/tools/libxc/xc_dom_core.c +++ b/tools/libxc/xc_dom_core.c @@ -873,7 +873,8 @@ int xc_dom_build_image(struct xc_dom_image *dom) goto err; if ( dom->arch_hooks->count_pgtables ) { - dom->arch_hooks->count_pgtables(dom); + if ( dom->arch_hooks->count_pgtables(dom) != 0 ) + goto err; if ( (dom->pgtables > 0) && (xc_dom_alloc_segment(dom, &dom->pgtables_seg, "page tables", 0, dom->pgtables * page_size) != 0) ) |