From 812256dc98202450942e0b4bb395d4e699c59de5 Mon Sep 17 00:00:00 2001
From: Keir Fraser <keir.fraser@citrix.com>
Date: Tue, 19 May 2009 23:44:28 +0100
Subject: [PATCH] gnttab: for sanity's sake, don't access the active grant
 table structure when we don't hold the lock.

Signed-off-by: Steven Smith <steven.smith@citrix.com>
---
 xen/common/grant_table.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c
index 613caed877..530635469d 100644
--- a/xen/common/grant_table.c
+++ b/xen/common/grant_table.c
@@ -199,6 +199,7 @@ __gnttab_map_grant_ref(
     unsigned long  frame = 0, nr_gets = 0;
     int            rc = GNTST_okay;
     u32            old_pin;
+    u32            act_pin;
     unsigned int   cache_flags;
     struct active_grant_entry *act;
     struct grant_mapping *mt;
@@ -329,6 +330,7 @@ __gnttab_map_grant_ref(
             GNTPIN_hstr_inc : GNTPIN_hstw_inc;
 
     frame = act->frame;
+    act_pin = act->pin;
 
     cache_flags = (sha->flags & (GTF_PAT | GTF_PWT | GTF_PCD) );
 
@@ -391,7 +393,7 @@ __gnttab_map_grant_ref(
 
     if ( need_iommu(ld) &&
          !(old_pin & (GNTPIN_hstw_mask|GNTPIN_devw_mask)) &&
-         (act->pin & (GNTPIN_hstw_mask|GNTPIN_devw_mask)) )
+         (act_pin & (GNTPIN_hstw_mask|GNTPIN_devw_mask)) )
     {
         if ( iommu_map_page(ld, mfn_to_gmfn(ld, frame), frame) )
         {
-- 
2.30.2