From: Jan Beulich <jbeulich@suse.com>
Date: Tue, 7 Feb 2023 15:59:54 +0000 (+0100)
Subject: x86/shadow: fix PAE check for top-level table unshadowing
X-Git-Tag: archive/raspbian/4.17.1+2-gb773c48e36-1+rpi1~1^2~36^2~16
X-Git-Url: https://dgit.raspbian.org/%22http:/www.example.com/cgi/%22https://%22%22/%22http:/www.example.com/cgi/%22https:/%22%22?a=commitdiff_plain;h=2d74e7035bd060d662f1c4f8522377be8021be92;p=xen.git

x86/shadow: fix PAE check for top-level table unshadowing

Clearly within the for_each_vcpu() the vCPU of this loop is meant, not
the (loop invariant) one the fault occurred on.

Fixes: 3d5e6a3ff383 ("x86 hvm: implement HVMOP_pagetable_dying")
Fixes: ef3b0d8d2c39 ("x86/shadow: shadow_table[] needs only one entry for PV-only configs")
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
master commit: f8fdceefbb1193ec81667eb40b83bc525cb71204
master date: 2023-01-20 09:23:42 +0100
---

diff --git a/xen/arch/x86/mm/shadow/multi.c b/xen/arch/x86/mm/shadow/multi.c
index 2370b30602..671bf8c228 100644
--- a/xen/arch/x86/mm/shadow/multi.c
+++ b/xen/arch/x86/mm/shadow/multi.c
@@ -2672,10 +2672,10 @@ static int cf_check sh_page_fault(
 #if GUEST_PAGING_LEVELS == 3
             unsigned int i;
 
-            for_each_shadow_table(v, i)
+            for_each_shadow_table(tmp, i)
             {
                 mfn_t smfn = pagetable_get_mfn(
-                                 v->arch.paging.shadow.shadow_table[i]);
+                                 tmp->arch.paging.shadow.shadow_table[i]);
 
                 if ( mfn_valid(smfn) && (mfn_x(smfn) != 0) )
                 {