From 26a6bd3700a0afb61484debb430730a7662abe2a Mon Sep 17 00:00:00 2001
From: "djm@kirby.fc.hp.com" <djm@kirby.fc.hp.com>
Date: Thu, 9 Jun 2005 20:21:50 +0000
Subject: [PATCH] bitkeeper revision 1.1668.1.7
 (42a8a4de9UsUPhyAknlQBRJ3xbTHtw)

Zero out newly allocated xenheap pages for page tables,
also newly allocated domheap pages.
Signed-off by: Dan Magenheimer <dan.magenheimer@hp.com>
---
 xen/arch/ia64/domain.c                     |  5 ++++-
 xen/arch/ia64/patch/linux-2.6.11/pgalloc.h | 16 ++++++++++------
 xen/arch/ia64/process.c                    |  4 ----
 3 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/xen/arch/ia64/domain.c b/xen/arch/ia64/domain.c
index c6e622c8d7..f44b886461 100644
--- a/xen/arch/ia64/domain.c
+++ b/xen/arch/ia64/domain.c
@@ -453,7 +453,11 @@ extern unsigned long vhpt_paddr, vhpt_pend;
 		if (d == dom0) p = map_new_domain0_page(mpaddr);
 		else
 #endif
+		{
 			p = alloc_domheap_page(d);
+			// zero out pages for security reasons
+			memset(__va(page_to_phys(p)),0,PAGE_SIZE);
+		}
 		if (unlikely(!p)) {
 printf("map_new_domain_page: Can't alloc!!!! Aaaargh!\n");
 			return(p);
@@ -512,7 +516,6 @@ tryagain:
 	}
 	/* if lookup fails and mpaddr is "legal", "create" the page */
 	if ((mpaddr >> PAGE_SHIFT) < d->max_pages) {
-		// FIXME: should zero out pages for security reasons
 		if (map_new_domain_page(d,mpaddr)) goto tryagain;
 	}
 	printk("lookup_domain_mpa: bad mpa %p (> %p\n",
diff --git a/xen/arch/ia64/patch/linux-2.6.11/pgalloc.h b/xen/arch/ia64/patch/linux-2.6.11/pgalloc.h
index be8e0bdd42..64ea618a6d 100644
--- a/xen/arch/ia64/patch/linux-2.6.11/pgalloc.h
+++ b/xen/arch/ia64/patch/linux-2.6.11/pgalloc.h
@@ -1,54 +1,58 @@
 --- ../../linux-2.6.11/include/asm-ia64/pgalloc.h	2005-03-02 00:37:31.000000000 -0700
-+++ include/asm-ia64/pgalloc.h	2005-04-29 17:09:20.000000000 -0600
-@@ -61,7 +61,11 @@
++++ include/asm-ia64/pgalloc.h	2005-06-09 13:40:48.000000000 -0600
+@@ -61,7 +61,12 @@
  	pgd_t *pgd = pgd_alloc_one_fast(mm);
  
  	if (unlikely(pgd == NULL)) {
 +#ifdef XEN
 +		pgd = (pgd_t *)alloc_xenheap_page();
++		memset(pgd,0,PAGE_SIZE);
 +#else
  		pgd = (pgd_t *)__get_free_page(GFP_KERNEL|__GFP_ZERO);
 +#endif
  	}
  	return pgd;
  }
-@@ -104,7 +108,11 @@
+@@ -104,7 +109,12 @@
  static inline pmd_t*
  pmd_alloc_one (struct mm_struct *mm, unsigned long addr)
  {
 +#ifdef XEN
 +	pmd_t *pmd = (pmd_t *)alloc_xenheap_page();
++	memset(pmd,0,PAGE_SIZE);
 +#else
  	pmd_t *pmd = (pmd_t *)__get_free_page(GFP_KERNEL|__GFP_REPEAT|__GFP_ZERO);
 +#endif
  
  	return pmd;
  }
-@@ -136,7 +144,11 @@
+@@ -136,7 +146,12 @@
  static inline struct page *
  pte_alloc_one (struct mm_struct *mm, unsigned long addr)
  {
 +#ifdef XEN
 +	struct page *pte = alloc_xenheap_page();
++	memset(pte,0,PAGE_SIZE);
 +#else
  	struct page *pte = alloc_pages(GFP_KERNEL|__GFP_REPEAT|__GFP_ZERO, 0);
 +#endif
  
  	return pte;
  }
-@@ -144,7 +156,11 @@
+@@ -144,7 +159,12 @@
  static inline pte_t *
  pte_alloc_one_kernel (struct mm_struct *mm, unsigned long addr)
  {
 +#ifdef XEN
 +	pte_t *pte = (pte_t *)alloc_xenheap_page();
++	memset(pte,0,PAGE_SIZE);
 +#else
  	pte_t *pte = (pte_t *)__get_free_page(GFP_KERNEL|__GFP_REPEAT|__GFP_ZERO);
 +#endif
  
  	return pte;
  }
-@@ -152,13 +168,21 @@
+@@ -152,13 +172,21 @@
  static inline void
  pte_free (struct page *pte)
  {
diff --git a/xen/arch/ia64/process.c b/xen/arch/ia64/process.c
index dfcba767ab..f664b74a42 100644
--- a/xen/arch/ia64/process.c
+++ b/xen/arch/ia64/process.c
@@ -822,8 +822,6 @@ ia64_handle_privop (unsigned long ifa, struct pt_regs *regs, unsigned long isr,
 #define INTR_TYPE_MAX	10
 UINT64 int_counts[INTR_TYPE_MAX];
 
-void dis_foo(void) { }
-
 void
 ia64_handle_reflection (unsigned long ifa, struct pt_regs *regs, unsigned long isr, unsigned long iim, unsigned long vector)
 {
@@ -858,8 +856,6 @@ ia64_handle_reflection (unsigned long ifa, struct pt_regs *regs, unsigned long i
 		vector = IA64_DATA_ACCESS_RIGHTS_VECTOR; break;
 	    case 25:
 		vector = IA64_DISABLED_FPREG_VECTOR;
-//printf("*** Attempting to handle disabled_fpreg\n");
-		dis_foo();
 		break;
 	    case 26:
 printf("*** NaT fault... attempting to handle as privop\n");
-- 
2.30.2