From 66e1fbb30aed306f612d909fd5281b280164d9ed Mon Sep 17 00:00:00 2001 From: Keir Fraser Date: Mon, 21 Dec 2009 10:40:51 +0000 Subject: [PATCH] xenpaging: Add checks for p2m_is_valid() after calls to gfn_to_mfn() that replace calls to gmfn_to_mfn(), which does the check internally. Signed-off-by: Patrick Colp --- xen/arch/x86/mm.c | 2 ++ xen/common/grant_table.c | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c index 107454118f..9eec698ae4 100644 --- a/xen/arch/x86/mm.c +++ b/xen/arch/x86/mm.c @@ -3105,6 +3105,8 @@ int do_mmu_update( req.ptr -= cmd; gmfn = req.ptr >> PAGE_SHIFT; mfn = mfn_x(gfn_to_mfn(pt_owner, gmfn, &p2mt)); + if ( !p2m_is_valid(p2mt) ) + mfn = INVALID_MFN; if ( p2m_is_paged(p2mt) ) { diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c index 9992017864..4c6bd63321 100644 --- a/xen/common/grant_table.c +++ b/xen/common/grant_table.c @@ -1888,6 +1888,8 @@ __gnttab_copy( { p2m_type_t p2mt; s_frame = mfn_x(gfn_to_mfn(sd, op->source.u.gmfn, &p2mt)); + if ( !p2m_is_valid(p2mt) ) + s_frame = INVALID_MFN; if ( p2m_is_paging(p2mt) ) { p2m_mem_paging_populate(sd, op->source.u.gmfn); @@ -1929,6 +1931,8 @@ __gnttab_copy( { p2m_type_t p2mt; d_frame = gfn_to_mfn_private(dd, op->dest.u.gmfn, &p2mt); + if ( !p2m_is_valid(p2mt) ) + d_frame = INVALID_MFN; if ( p2m_is_paging(p2mt) ) { p2m_mem_paging_populate(dd, op->dest.u.gmfn); -- 2.30.2