diff options
author | Rusty Russell <rusty@rustcorp.com.au> | 2013-09-05 17:45:39 +0930 |
---|---|---|
committer | Rusty Russell <rusty@rustcorp.com.au> | 2013-09-06 08:09:26 +0930 |
commit | 4623c28e222d82f87537ef66db61ebcfbd8306db (patch) | |
tree | 7a117043008ff4bd15b5cf8b7baf7e074c1dccba /drivers/lguest | |
parent | 3b868a4073cdedf395f26d843874414e0e0e9cfd (diff) | |
download | op-kernel-dev-4623c28e222d82f87537ef66db61ebcfbd8306db.zip op-kernel-dev-4623c28e222d82f87537ef66db61ebcfbd8306db.tar.gz |
lguest: fix BUG_ON() in invalid guest page table.
If we discover the entry is invalid, we kill the guest, but we must
avoid calling gpte_addr() on the invalid pmd, otherwise:
kernel BUG at drivers/lguest/page_tables.c:157!
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Diffstat (limited to 'drivers/lguest')
-rw-r--r-- | drivers/lguest/page_tables.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/drivers/lguest/page_tables.c b/drivers/lguest/page_tables.c index a35d8d1..bfb39bb 100644 --- a/drivers/lguest/page_tables.c +++ b/drivers/lguest/page_tables.c @@ -669,8 +669,10 @@ unsigned long guest_pa(struct lg_cpu *cpu, unsigned long vaddr) #ifdef CONFIG_X86_PAE gpmd = lgread(cpu, gpmd_addr(gpgd, vaddr), pmd_t); - if (!(pmd_flags(gpmd) & _PAGE_PRESENT)) + if (!(pmd_flags(gpmd) & _PAGE_PRESENT)) { kill_guest(cpu, "Bad address %#lx", vaddr); + return -1UL; + } gpte = lgread(cpu, gpte_addr(cpu, gpmd, vaddr), pte_t); #else gpte = lgread(cpu, gpte_addr(cpu, gpgd, vaddr), pte_t); |