diff options
author | Jan Beulich <jbeulich@suse.com> | 2012-12-06 14:20:15 +0100 |
---|---|---|
committer | Jan Beulich <jbeulich@suse.com> | 2012-12-06 14:20:15 +0100 |
commit | 519b2f205a6e85927816b66e1096d6802ee47f1b (patch) | |
tree | 9c050cb3dad6ad5d7051fe8459ad004acd8e7964 /xen/common/grant_table.c | |
parent | 8e4addea279da7430d80514828f49013979117e6 (diff) | |
download | xen-519b2f205a6e85927816b66e1096d6802ee47f1b.tar.gz xen-519b2f205a6e85927816b66e1096d6802ee47f1b.tar.bz2 xen-519b2f205a6e85927816b66e1096d6802ee47f1b.zip |
tighten guest memory accesses
Failure should always be detected and handled.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
Diffstat (limited to 'xen/common/grant_table.c')
-rw-r--r-- | xen/common/grant_table.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c index 716a8ceee6..6b10b6686b 100644 --- a/xen/common/grant_table.c +++ b/xen/common/grant_table.c @@ -1347,6 +1347,9 @@ gnttab_setup_table( goto out1; } + if ( !guest_handle_okay(op.frame_list, op.nr_frames) ) + return -EFAULT; + d = gt_lock_target_domain_by_id(op.dom); if ( IS_ERR(d) ) { @@ -1384,7 +1387,8 @@ gnttab_setup_table( gmfn = gnttab_shared_gmfn(d, gt, i); /* Grant tables cannot be shared */ BUG_ON(SHARED_M2P(gmfn)); - (void)copy_to_guest_offset(op.frame_list, i, &gmfn, 1); + if ( __copy_to_guest_offset(op.frame_list, i, &gmfn, 1) ) + op.status = GNTST_bad_virt_addr; } out3: |