From 16d1b5e9db9ef32de5677959a6639d94ce4c07fc Mon Sep 17 00:00:00 2001
From: "kaf24@firebug.cl.cam.ac.uk" <kaf24@firebug.cl.cam.ac.uk>
Date: Sat, 15 Apr 2006 09:47:55 +0100
Subject: [PATCH] Currently, it is possible to set the mem-max value to value
 lower than what has been currently allocated to the domain causing the kernel
 to crash. This patch validates the value passed in and prevents setting the
 value below the current allocation level.

Signed-off-by: ksrinivasan@novell.com
---
 xen/common/dom0_ops.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/xen/common/dom0_ops.c b/xen/common/dom0_ops.c
index 74b2d660f5..3c5358663b 100644
--- a/xen/common/dom0_ops.c
+++ b/xen/common/dom0_ops.c
@@ -585,9 +585,16 @@ long do_dom0_op(GUEST_HANDLE(dom0_op_t) u_dom0_op)
         d = find_domain_by_id(op->u.setdomainmaxmem.domain);
         if ( d != NULL )
         {
-            d->max_pages = op->u.setdomainmaxmem.max_memkb >> (PAGE_SHIFT-10);
+            unsigned long new_max;
+            new_max = op->u.setdomainmaxmem.max_memkb >> (PAGE_SHIFT-10);
+            if (new_max < d->tot_pages) 
+                ret = -EINVAL;
+            else 
+            {  
+                d->max_pages = new_max;
+                ret = 0;
+            }
             put_domain(d);
-            ret = 0;
         }
     }
     break;
-- 
2.30.2