From d95843ec181dc8370dc1839cd1ecc6bf5ff9a0af Mon Sep 17 00:00:00 2001
From: "kaf24@firebug.cl.cam.ac.uk" <kaf24@firebug.cl.cam.ac.uk>
Date: Mon, 6 Jun 2005 16:04:03 +0000
Subject: [PATCH] bitkeeper revision 1.1686 (42a473f3lFCz32vzD_NzxLZBkAfJ0A)

cpu_gdt_init() could allocate a frame array one element too small. Now
it is fixed size and guaranteed big enough. Spotted by George Dunlap.
Signed-off-by: Keir Fraser <keir@xensource.com>
---
 linux-2.6.11-xen-sparse/arch/xen/i386/kernel/cpu/common.c | 2 +-
 linux-2.6.11-xen-sparse/arch/xen/x86_64/kernel/setup64.c  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/linux-2.6.11-xen-sparse/arch/xen/i386/kernel/cpu/common.c b/linux-2.6.11-xen-sparse/arch/xen/i386/kernel/cpu/common.c
index c608ef099a..197225266d 100644
--- a/linux-2.6.11-xen-sparse/arch/xen/i386/kernel/cpu/common.c
+++ b/linux-2.6.11-xen-sparse/arch/xen/i386/kernel/cpu/common.c
@@ -554,7 +554,7 @@ void __init early_cpu_init(void)
 
 void __init cpu_gdt_init(struct Xgt_desc_struct *gdt_descr)
 {
-	unsigned long frames[gdt_descr->size >> PAGE_SHIFT];
+	unsigned long frames[16];
 	unsigned long va;
 	int f;
 
diff --git a/linux-2.6.11-xen-sparse/arch/xen/x86_64/kernel/setup64.c b/linux-2.6.11-xen-sparse/arch/xen/x86_64/kernel/setup64.c
index 9b9a974337..03452e1bf3 100644
--- a/linux-2.6.11-xen-sparse/arch/xen/x86_64/kernel/setup64.c
+++ b/linux-2.6.11-xen-sparse/arch/xen/x86_64/kernel/setup64.c
@@ -208,7 +208,7 @@ void __init check_efer(void)
 
 void __init cpu_gdt_init(struct desc_ptr *gdt_descr)
 {
-	unsigned long frames[gdt_descr->size >> PAGE_SHIFT];
+	unsigned long frames[16];
 	unsigned long va;
 	int f;
 
-- 
2.30.2