diff options
author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2011-12-02 13:46:24 -0800 |
---|---|---|
committer | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2011-12-02 13:46:24 -0800 |
commit | 65d744c6d56f92401b9d279c9cf8fe618397be0e (patch) | |
tree | fe650d3e1f1b5cedf9c39487526750c943e0b6e3 /xen/xsm | |
parent | f21c69c577345e1529a446fd87f4f6f449fdca47 (diff) | |
download | xen-65d744c6d56f92401b9d279c9cf8fe618397be0e.tar.gz xen-65d744c6d56f92401b9d279c9cf8fe618397be0e.tar.bz2 xen-65d744c6d56f92401b9d279c9cf8fe618397be0e.zip |
xsm: always allow setting non-present PTEs
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Diffstat (limited to 'xen/xsm')
-rw-r--r-- | xen/xsm/flask/hooks.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index 2cb3e169c0..80c1f7017f 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1016,6 +1016,9 @@ static int flask_mmu_normal_update(struct domain *d, struct domain *f, struct domain_security_struct *dsec; u32 fsid; + if ( !(l1e_get_flags(l1e_from_intpte(fpte)) & _PAGE_PRESENT) ) + return 0; + dsec = d->ssid; if ( l1e_get_flags(l1e_from_intpte(fpte)) & _PAGE_RW ) @@ -1053,6 +1056,12 @@ static int flask_update_va_mapping(struct domain *d, struct domain *f, unsigned long mfn; struct domain_security_struct *dsec; + if ( !(l1e_get_flags(pte) & _PAGE_PRESENT) ) + return 0; + + if ( l1e_get_flags(pte) & _PAGE_RW ) + map_perms |= MMU__MAP_WRITE; + dsec = d->ssid; mfn = get_gfn_untyped(f, l1e_get_pfn(pte)); @@ -1060,9 +1069,6 @@ static int flask_update_va_mapping(struct domain *d, struct domain *f, if ( rc ) return rc; - if ( l1e_get_flags(pte) & _PAGE_RW ) - map_perms |= MMU__MAP_WRITE; - return avc_has_perm(dsec->sid, psid, SECCLASS_MMU, map_perms, NULL); } |