Bug fix for shadow_get_page_from_l1e(). Don't try to look for the
owner of an invalid mfn.
Signed-off-by: michael.fetterman@cl.cam.ac.uk
unsigned long opte = *ppte;
unsigned long npte = opte & ~_PAGE_RW;
- shadow_get_page_from_l1e(mk_l1_pgentry(npte), d);
+ if ( npte & _PAGE_PRESENT)
+ shadow_get_page_from_l1e(mk_l1_pgentry(npte), d);
*ppte = npte;
put_page_from_l1e(mk_l1_pgentry(opte), d);
shadow_get_page_from_l1e(l1_pgentry_t l1e, struct domain *d)
{
int res = get_page_from_l1e(l1e, d);
+ unsigned long mfn;
struct domain *owner;
+ ASSERT( l1_pgentry_val(l1e) & _PAGE_PRESENT );
+
if ( unlikely(!res) && IS_PRIV(d) && !shadow_mode_translate(d) &&
+ !(l1_pgentry_val(l1e) & L1_DISALLOW_MASK) &&
+ (mfn = l1_pgentry_to_pfn(l1e)) &&
+ pfn_is_ram(mfn) &&
(owner = page_get_owner(pfn_to_page(l1_pgentry_to_pfn(l1e)))) &&
(d != owner) )
{
projects / xen.git / commitdiff