[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] [XEN] Fix potential crash in grant-table code if



# HG changeset patch
# User kfraser@xxxxxxxxxxxxxxxxxxxxx
# Node ID 08007423788ab86753515756b8142b075162c336
# Parent  0747d0b1123259d36c3c5a09a28370fc0b2c4926
[XEN] Fix potential crash in grant-table code if
guest misbehaves and implicitly unmaps a PTE.
Signed-off-by: Keir Fraser <keir@xxxxxxxxxxxxx>
---
 xen/common/grant_table.c |   12 ++++++++----
 1 files changed, 8 insertions(+), 4 deletions(-)

diff -r 0747d0b11232 -r 08007423788a xen/common/grant_table.c
--- a/xen/common/grant_table.c  Tue Nov 21 15:03:09 2006 +0000
+++ b/xen/common/grant_table.c  Tue Nov 21 16:14:53 2006 +0000
@@ -371,10 +371,9 @@ __gnttab_unmap_grant_ref(
 
     if ( unlikely((rd = find_domain_by_id(dom)) == NULL) )
     {
-        if ( rd != NULL )
-            put_domain(rd);
+        /* This can happen when a grant is implicitly unmapped. */
         gdprintk(XENLOG_INFO, "Could not find domain %d\n", dom);
-        op->status = GNTST_bad_domain;
+        domain_crash(ld); /* naughty... */
         return;
     }
 
@@ -1130,7 +1129,12 @@ gnttab_release_mappings(
                 handle, ref, map->flags, map->domid);
 
         rd = find_domain_by_id(map->domid);
-        BUG_ON(rd == NULL);
+        if ( rd == NULL )
+        {
+            /* Nothing to clear up... */
+            map->flags = 0;
+            continue;
+        }
 
         spin_lock(&rd->grant_table->lock);
 

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.