[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] linux: validate type and value of the dtor argument of SetPageForeign()

To: <xen-devel@xxxxxxxxxxxxxxxxxxx>
From: "Jan Beulich" <jbeulich@xxxxxxxxxx>
Date: Thu, 13 Mar 2008 16:10:10 +0000
Delivery-date: Thu, 13 Mar 2008 09:09:53 -0700
List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Linux 2.6.25 changes the protoype of pte_free() etc., resulting in
those functions no longer be suitable as a PageForeign destructor. I
had to find out by way of analysing a crash, but for the future it'd
be much better if the build would already indicate a problem with this.

At once, also check the destructor supplied is not NULL.

As usual, written and tested on 2.6.25-rc5 and made apply to the 2.6.18
tree without further testing.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx>

Index: head-2008-03-06/include/linux/page-flags.h
===================================================================
--- head-2008-03-06.orig/include/linux/page-flags.h     2008-03-07 
10:08:24.000000000 +0100
+++ head-2008-03-06/include/linux/page-flags.h  2008-03-07 10:12:47.000000000 
+0100
@@ -305,16 +305,17 @@ static inline void __ClearPageTail(struc
 #define ClearPageUncached(page)        clear_bit(PG_uncached, &(page)->flags)
 
 #define PageForeign(page)      test_bit(PG_foreign, &(page)->flags)
-#define SetPageForeign(page, dtor) do {                \
-       set_bit(PG_foreign, &(page)->flags);    \
-       (page)->index = (long)(dtor);           \
+#define SetPageForeign(_page, dtor) do {               \
+       set_bit(PG_foreign, &(_page)->flags);           \
+       BUG_ON((dtor) == (void (*)(struct page *))0);   \
+       (_page)->index = (long)(dtor);                  \
 } while (0)
-#define ClearPageForeign(page) do {            \
-       clear_bit(PG_foreign, &(page)->flags);  \
-       (page)->index = 0;                      \
+#define ClearPageForeign(page) do {                    \
+       clear_bit(PG_foreign, &(page)->flags);          \
+       (page)->index = 0;                              \
 } while (0)
-#define PageForeignDestructor(page)            \
-       ( (void (*) (struct page *)) (page)->index )(page)
+#define PageForeignDestructor(_page)                   \
+       ((void (*)(struct page *))(_page)->index)(_page)
 
 struct page;   /* forward declaration */
 




_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

Prev by Date: [Xen-devel] [PATCH] linux/x86-64: make original definition of VGCF_IN_SYSCALL usable in assembly
Next by Date: [Xen-devel] [PATCH] linux/x86: put trap initialization code/data into cpuinit space
Previous by thread: [Xen-devel] [PATCH] linux/x86-64: make original definition of VGCF_IN_SYSCALL usable in assembly
Next by thread: [Xen-devel] [PATCH] linux/x86: put trap initialization code/data into cpuinit space
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.