diff options
author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2012-07-09 10:10:27 +0100 |
---|---|---|
committer | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2012-07-09 10:10:27 +0100 |
commit | ed6c09a78ea9050d1d640b7d7a41c287162d22d7 (patch) | |
tree | b2155cac26e95d3c58bd1d0bd56aa724e96a27ae /xen/xsm | |
parent | cbadda9f1b47eb2449fa8a825f03cef1ef484a34 (diff) | |
download | xen-ed6c09a78ea9050d1d640b7d7a41c287162d22d7.tar.gz xen-ed6c09a78ea9050d1d640b7d7a41c287162d22d7.tar.bz2 xen-ed6c09a78ea9050d1d640b7d7a41c287162d22d7.zip |
xsm/flask: avoid struct page lookup in mmu_normal_update
Since the mmu_normal_update hook is called even when mapping MFNs
without an associated struct page, attempting to use the struct page
to map between GFN and MFN will cause crashes. Use get_gfn_query
instead.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Committed-by: Keir Fraser <keir@xen.org>
Diffstat (limited to 'xen/xsm')
-rw-r--r-- | xen/xsm/flask/hooks.c | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index 16904ffa08..23b84f3e00 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1314,11 +1314,11 @@ static int flask_mmu_normal_update(struct domain *d, struct domain *t, { int rc = 0; u32 map_perms = MMU__MAP_READ; - unsigned long fmfn; + unsigned long fgfn, fmfn; struct domain_security_struct *dsec; u32 fsid; struct avc_audit_data ad; - struct page_info *page = NULL; + p2m_type_t p2mt; if (d != t) rc = domain_has_perm(d, t, SECCLASS_MMU, MMU__REMOTE_REMAP); @@ -1334,9 +1334,9 @@ static int flask_mmu_normal_update(struct domain *d, struct domain *t, map_perms |= MMU__MAP_WRITE; AVC_AUDIT_DATA_INIT(&ad, MEMORY); - page = get_page_from_gfn(f, l1e_get_pfn(l1e_from_intpte(fpte)), - NULL, P2M_ALLOC); - fmfn = page ? page_to_mfn(page) : INVALID_MFN; + fgfn = l1e_get_pfn(l1e_from_intpte(fpte)); + fmfn = mfn_x(get_gfn_query(f, fgfn, &p2mt)); + ad.sdom = d; ad.tdom = f; ad.memory.pte = fpte; @@ -1344,8 +1344,7 @@ static int flask_mmu_normal_update(struct domain *d, struct domain *t, rc = get_mfn_sid(fmfn, &fsid); - if ( page ) - put_page(page); + put_gfn(f, fgfn); if ( rc ) return rc; |