From: Keir Fraser <keir.fraser@citrix.com>
Date: Mon, 12 May 2008 09:01:01 +0000 (+0100)
Subject: x86: Fix fatal page fault when vram dirty logic handles MMIO of passthrough devices.
X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~14215^2~39
X-Git-Url: https://dgit.raspbian.org/%22http://www.example.com/cgi/success/%22http:/www.example.com/cgi/success?a=commitdiff_plain;h=038d22a4c7db95a204be13083eb08b74a2c9f8e0;p=xen.git

x86: Fix fatal page fault when vram dirty logic handles MMIO of passthrough devices.

Signed-off-by: Qing He <qing.he@intel.com>
---

diff --git a/xen/arch/x86/mm/shadow/multi.c b/xen/arch/x86/mm/shadow/multi.c
index f9f88d6ad4..d8fdf1c816 100644
--- a/xen/arch/x86/mm/shadow/multi.c
+++ b/xen/arch/x86/mm/shadow/multi.c
@@ -1268,6 +1268,9 @@ static inline void shadow_vram_get_l1e(shadow_l1e_t new_sl1e,
     if ( !d->dirty_vram ) return;
 
     mfn = shadow_l1e_get_mfn(new_sl1e);
+
+    if ( !mfn_valid(mfn) ) return; /* m2p for mmio_direct may not exist */
+
     gfn = mfn_to_gfn(d, mfn);
 
     if ( (gfn >= d->dirty_vram->begin_pfn) && (gfn < d->dirty_vram->end_pfn) ) {
@@ -1293,6 +1296,9 @@ static inline void shadow_vram_put_l1e(shadow_l1e_t old_sl1e,
     if ( !d->dirty_vram ) return;
 
     mfn = shadow_l1e_get_mfn(old_sl1e);
+
+    if ( !mfn_valid(mfn) ) return;
+
     gfn = mfn_to_gfn(d, mfn);
 
     if ( (gfn >= d->dirty_vram->begin_pfn) && (gfn < d->dirty_vram->end_pfn) ) {