[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] domctl: Fix handling of size parameter in ext_vcpucontext domctl commands.

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 28 Nov 2007 17:20:12 -0800
Delivery-date: Wed, 28 Nov 2007 17:20:53 -0800
List-id: BK change log <xen-changelog.lists.xensource.com>

# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1196257016 0
# Node ID c555a5f97982f16f35a43269991de76ebd0aebb5
# Parent  71bfeeb0b321b6db72f2ad05362731a2fd4408f3
domctl: Fix handling of size parameter in ext_vcpucontext domctl commands.
Original patch by Stefan Berger.
Signed-off-by: Keir Fraser <keir.fraser@xxxxxxxxxx>
---
 xen/arch/x86/domctl.c |   13 ++++++-------
 1 files changed, 6 insertions(+), 7 deletions(-)

diff -r 71bfeeb0b321 -r c555a5f97982 xen/arch/x86/domctl.c
--- a/xen/arch/x86/domctl.c     Wed Nov 28 13:28:49 2007 +0000
+++ b/xen/arch/x86/domctl.c     Wed Nov 28 13:36:56 2007 +0000
@@ -709,11 +709,6 @@ long arch_do_domctl(
 
         evc = &domctl->u.ext_vcpucontext;
 
-        ret = (evc->size < sizeof(*evc)) ? -EINVAL : 0;
-        evc->size = sizeof(*evc);
-        if ( ret != 0 )
-            break;
-
         ret = -ESRCH;
         d = rcu_lock_domain_by_id(domctl->domain);
         if ( d == NULL )
@@ -726,6 +721,7 @@ long arch_do_domctl(
 
         if ( domctl->cmd == XEN_DOMCTL_get_ext_vcpucontext )
         {
+            evc->size = sizeof(*evc);
 #ifdef __x86_64__
             evc->sysenter_callback_cs      = v->arch.sysenter_callback_cs;
             evc->sysenter_callback_eip     = v->arch.sysenter_callback_eip;
@@ -744,6 +740,9 @@ long arch_do_domctl(
         }
         else
         {
+            ret = -EINVAL;
+            if ( evc->size != sizeof(*evc) )
+                goto ext_vcpucontext_out;
 #ifdef __x86_64__
             fixup_guest_code_selector(d, evc->sysenter_callback_cs);
             v->arch.sysenter_callback_cs      = evc->sysenter_callback_cs;
@@ -755,7 +754,6 @@ long arch_do_domctl(
             v->arch.syscall32_disables_events = evc->syscall32_disables_events;
 #else
             /* We do not support syscall/syscall32/sysenter on 32-bit Xen. */
-            ret = -EINVAL;
             if ( (evc->sysenter_callback_cs & ~3) ||
                  evc->sysenter_callback_eip ||
                  (evc->syscall32_callback_cs & ~3) ||
@@ -768,7 +766,8 @@ long arch_do_domctl(
 
     ext_vcpucontext_out:
         rcu_unlock_domain(d);
-        if ( copy_to_guest(u_domctl, domctl, 1) )
+        if ( (domctl->cmd == XEN_DOMCTL_get_ext_vcpucontext) &&
+             copy_to_guest(u_domctl, domctl, 1) )
             ret = -EFAULT;
     }
     break;

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

Prev by Date: [Xen-changelog] [xen-unstable] hvm: Fix 2 type mismatches in vlapic.h and hpet.c for 32-bit build Xen
Next by Date: [Xen-changelog] [xen-unstable] xsm: Fix linker script integration for xsm initcall list.
Previous by thread: [Xen-changelog] [xen-unstable] hvm: Fix 2 type mismatches in vlapic.h and hpet.c for 32-bit build Xen
Next by thread: [Xen-changelog] [xen-unstable] xsm: Fix linker script integration for xsm initcall list.
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.