[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] out of bounds handling for get_mfn_from_gpfn()




On 26 Apr 2006, at 13:01, Jan Beulich wrote:

- add a bounds check to get_mfn_from_gpfn() (in which case I'd be uncertain what the correct boundary is, since on 64 bits (RO_MPT_VIRT_END - RO_MPT_VIRT_START) != (RDWR_MPT_VIRT_END - RDWR_MPT_VIRT_START), and only one of the two ranges
can be the correct one)

A range check is needed as the function can be passed unvalidated values from a guest.

The tables you mention above are not involved in get_mfn_from_gpfn() -- they translate the other way. The input gpfn either needs testing against, or masking with, (PADDR_MASK >> PAGE_SHIFT). We should always ensure that the m2p and p2m tables are big enough to be indexed by that value.

I don't think that the mfn-to-gpfn direction needs a check, but an assertion might be worthwhile.

 -- Keir


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.