|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen-unstable] [XEN] Off-by one error in range checks translating gfns to mfns
# HG changeset patch
# User tdeegan@xxxxxxxxxxxxxxxxxxxxx
# Node ID 9956c3a3bd8411eeb6c19bb7442d0b33db09d2c9
# Parent 2097de87c920a4c81dfd994c53960cd9af162538
[XEN] Off-by one error in range checks translating gfns to mfns
Signed-off-by: Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>
---
xen/arch/x86/mm/shadow/common.c | 2 +-
xen/arch/x86/mm/shadow/private.h | 2 +-
xen/include/asm-x86/mm.h | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff -r 2097de87c920 -r 9956c3a3bd84 xen/arch/x86/mm/shadow/common.c
--- a/xen/arch/x86/mm/shadow/common.c Mon Aug 28 17:50:21 2006 +0100
+++ b/xen/arch/x86/mm/shadow/common.c Tue Aug 29 09:37:30 2006 +0100
@@ -1121,7 +1121,7 @@ sh_gfn_to_mfn_foreign(struct domain *d,
#if CONFIG_PAGING_LEVELS > 2
- if ( gpfn > (RO_MPT_VIRT_END - RO_MPT_VIRT_START) / sizeof(l1_pgentry_t) )
+ if ( gpfn >= (RO_MPT_VIRT_END-RO_MPT_VIRT_START) / sizeof(l1_pgentry_t) )
/* This pfn is higher than the p2m map can hold */
return _mfn(INVALID_MFN);
#endif
diff -r 2097de87c920 -r 9956c3a3bd84 xen/arch/x86/mm/shadow/private.h
--- a/xen/arch/x86/mm/shadow/private.h Mon Aug 28 17:50:21 2006 +0100
+++ b/xen/arch/x86/mm/shadow/private.h Tue Aug 29 09:37:30 2006 +0100
@@ -555,7 +555,7 @@ vcpu_gfn_to_mfn_nofault(struct vcpu *v,
return _mfn(gfn);
#if CONFIG_PAGING_LEVELS > 2
- if ( gfn > (RO_MPT_VIRT_END - RO_MPT_VIRT_START) / sizeof(l1_pgentry_t) )
+ if ( gfn >= (RO_MPT_VIRT_END - RO_MPT_VIRT_START) / sizeof(l1_pgentry_t) )
/* This pfn is higher than the p2m map can hold */
return _mfn(INVALID_MFN);
#endif
diff -r 2097de87c920 -r 9956c3a3bd84 xen/include/asm-x86/mm.h
--- a/xen/include/asm-x86/mm.h Mon Aug 28 17:50:21 2006 +0100
+++ b/xen/include/asm-x86/mm.h Tue Aug 29 09:37:30 2006 +0100
@@ -368,7 +368,7 @@ static inline unsigned long get_mfn_from
int ret;
#if CONFIG_PAGING_LEVELS > 2
- if ( pfn > (RO_MPT_VIRT_END - RO_MPT_VIRT_START) / sizeof (l1_pgentry_t) )
+ if ( pfn >= (RO_MPT_VIRT_END - RO_MPT_VIRT_START) / sizeof(l1_pgentry_t) )
/* This pfn is higher than the p2m map can hold */
return INVALID_MFN;
#endif
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |