From 7efab948acd1c1092b1a9e7b3be2a97389911bc5 Mon Sep 17 00:00:00 2001
From: Jan Beulich <JBeulich@suse.com>
Date: Thu, 28 Sep 2017 09:09:21 -0600
Subject: [PATCH] x86: mmio_ro_do_page_fault() must be unreachable for DomU

When combining PTWR and MMIO-R/O PV page fault handlers, the need for
a second hwdom check was overlooked.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Wei Liu <wei.liu2@citrix.com>
---
 xen/arch/x86/pv/ro-page-fault.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/xen/arch/x86/pv/ro-page-fault.c b/xen/arch/x86/pv/ro-page-fault.c
index 53a3c15a31..6b2976d3df 100644
--- a/xen/arch/x86/pv/ro-page-fault.c
+++ b/xen/arch/x86/pv/ro-page-fault.c
@@ -346,7 +346,8 @@ int pv_ro_page_fault(unsigned long addr, struct cpu_user_regs *regs)
     if ( ((l1e_get_flags(pte) & (_PAGE_PRESENT | _PAGE_RW)) != _PAGE_PRESENT) )
         return 0;
 
-    mmio_ro = rangeset_contains_singleton(mmio_ro_ranges, l1e_get_pfn(pte));
+    mmio_ro = is_hardware_domain(currd) &&
+              rangeset_contains_singleton(mmio_ro_ranges, l1e_get_pfn(pte));
     if ( mmio_ro )
         rc = mmio_ro_do_page_fault(&ctxt, addr, pte);
     else
-- 
2.30.2