From df30f28749d96bacb83ffca102ab505bd7df08b4 Mon Sep 17 00:00:00 2001 From: Keir Fraser Date: Thu, 6 Aug 2009 09:14:52 +0100 Subject: [PATCH] ept p2m: set rwx flags to 0 for invalid and mmio_dm types. Read/write/execute flags are set to 1 before calling the type_to_flags function which sets them to their appropriate values depending on the p2m type. However, in invalid, mmio_dm, and default/unknown cases in type_to_flags just falls through, unsafely leaving full access to these pages. Signed-off-by: Patrick Colp --- xen/arch/x86/mm/hap/p2m-ept.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/xen/arch/x86/mm/hap/p2m-ept.c b/xen/arch/x86/mm/hap/p2m-ept.c index 221e402cbf..8ffc0a5629 100644 --- a/xen/arch/x86/mm/hap/p2m-ept.c +++ b/xen/arch/x86/mm/hap/p2m-ept.c @@ -36,17 +36,18 @@ static void ept_p2m_type_to_flags(ept_entry_t *entry, p2m_type_t type) case p2m_invalid: case p2m_mmio_dm: default: + entry->r = entry->w = entry->x = 0; return; case p2m_ram_rw: case p2m_mmio_direct: case p2m_grant_map_rw: - entry->r = entry->w = entry->x = 1; + entry->r = entry->w = entry->x = 1; return; case p2m_ram_logdirty: case p2m_ram_ro: case p2m_grant_map_ro: - entry->r = entry->x = 1; - entry->w = 0; + entry->r = entry->x = 1; + entry->w = 0; return; } } @@ -196,7 +197,6 @@ ept_set_entry(struct domain *d, unsigned long gfn, mfn_t mfn, ept_entry->rsvd = 0; ept_entry->avail2 = 0; /* last step */ - ept_entry->r = ept_entry->w = ept_entry->x = 1; ept_p2m_type_to_flags(ept_entry, p2mt); } else @@ -242,7 +242,6 @@ ept_set_entry(struct domain *d, unsigned long gfn, mfn_t mfn, split_ept_entry->rsvd = 0; split_ept_entry->avail2 = 0; /* last step */ - split_ept_entry->r = split_ept_entry->w = split_ept_entry->x = 1; ept_p2m_type_to_flags(split_ept_entry, split_p2mt); } -- 2.30.2