From ef92a9e2c6b95876016ca9cfd1614c1660c652f2 Mon Sep 17 00:00:00 2001 From: "arun.sharma@intel.com[kaf24]" Date: Thu, 30 Jun 2005 08:10:15 +0000 Subject: [PATCH] bitkeeper revision 1.1782 (42c3a8e76Lioy1FVEJFTaTkbYVBy7Q) [PATCH] Use copy_from_user when accessing guest_pt[] Use copy_from_user when accessing guest_pt[] Signed-off-by: Arun Sharma --- xen/arch/x86/shadow.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/xen/arch/x86/shadow.c b/xen/arch/x86/shadow.c index bac8f23ad6..7b53efcfc6 100644 --- a/xen/arch/x86/shadow.c +++ b/xen/arch/x86/shadow.c @@ -1906,7 +1906,7 @@ static int snapshot_entry_matches( unsigned long gpfn, unsigned index) { unsigned long smfn = __shadow_status(d, gpfn, PGT_snapshot); - l1_pgentry_t *snapshot; // could be L1s or L2s or ... + l1_pgentry_t *snapshot, gpte; // could be L1s or L2s or ... int entries_match; perfc_incrc(snapshot_entry_matches_calls); @@ -1916,10 +1916,14 @@ static int snapshot_entry_matches( snapshot = map_domain_page(smfn); + if (__copy_from_user(&gpte, &guest_pt[index], + sizeof(gpte))) + return 0; + // This could probably be smarter, but this is sufficent for // our current needs. // - entries_match = !l1e_has_changed(guest_pt[index], snapshot[index], + entries_match = !l1e_has_changed(gpte, snapshot[index], PAGE_FLAG_MASK); unmap_domain_page(snapshot); -- 2.30.2