diff options
author | Keir Fraser <keir.fraser@citrix.com> | 2008-08-14 10:18:08 +0100 |
---|---|---|
committer | Keir Fraser <keir.fraser@citrix.com> | 2008-08-14 10:18:08 +0100 |
commit | f6c2c609f7ca5109c3871798ebb9966d0b08cdc0 (patch) | |
tree | 39f1d1518760288909e4328af9b8ec616f4e96dc /tools/libxc/xc_domain_restore.c | |
parent | 32b397b0b4b18f4a723b730e94777af129b0d807 (diff) | |
download | xen-f6c2c609f7ca5109c3871798ebb9966d0b08cdc0.tar.gz xen-f6c2c609f7ca5109c3871798ebb9966d0b08cdc0.tar.bz2 xen-f6c2c609f7ca5109c3871798ebb9966d0b08cdc0.zip |
Fix restore crash with certain guest memory sizes
This fixes a crash when restoring guests with certain memory sizes (eg
223MB). The ROUNDUP in the call to memcpy, was the main offender, but
I didn't care for the inplace resizing of the p2m entries either.
Signed-off-by: Bruce Rogers <brogers@novell.com>
Diffstat (limited to 'tools/libxc/xc_domain_restore.c')
-rw-r--r-- | tools/libxc/xc_domain_restore.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/tools/libxc/xc_domain_restore.c b/tools/libxc/xc_domain_restore.c index b69a15c785..1916728495 100644 --- a/tools/libxc/xc_domain_restore.c +++ b/tools/libxc/xc_domain_restore.c @@ -372,7 +372,7 @@ int xc_domain_restore(int xc_handle, int io_fd, uint32_t dom, } /* We want zeroed memory so use calloc rather than malloc. */ - p2m = calloc(p2m_size, MAX(guest_width, sizeof (xen_pfn_t))); + p2m = calloc(p2m_size, sizeof(xen_pfn_t)); pfn_type = calloc(p2m_size, sizeof(unsigned long)); region_mfn = xg_memalign(PAGE_SIZE, ROUNDUP( @@ -1178,16 +1178,16 @@ int xc_domain_restore(int xc_handle, int io_fd, uint32_t dom, } /* If the domain we're restoring has a different word size to ours, - * we need to repack the p2m appropriately */ + * we need to adjust the live_p2m assignment appropriately */ if ( guest_width > sizeof (xen_pfn_t) ) for ( i = p2m_size - 1; i >= 0; i-- ) - ((uint64_t *)p2m)[i] = p2m[i]; + ((uint64_t *)live_p2m)[i] = p2m[i]; else if ( guest_width < sizeof (xen_pfn_t) ) for ( i = 0; i < p2m_size; i++ ) - ((uint32_t *)p2m)[i] = p2m[i]; - - memcpy(live_p2m, p2m, ROUNDUP(p2m_size * guest_width, PAGE_SHIFT)); - munmap(live_p2m, ROUNDUP(p2m_size * guest_width, PAGE_SHIFT)); + ((uint32_t *)live_p2m)[i] = p2m[i]; + else + memcpy(live_p2m, p2m, p2m_size * sizeof(xen_pfn_t)); + munmap(live_p2m, P2M_FL_ENTRIES * PAGE_SIZE); DPRINTF("Domain ready to be built.\n"); rc = 0; |