This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] [PATCH] Fix bugs in xc_exchange_page

To: Keir Fraser <keir.fraser@xxxxxxxxxxxxx>
Subject: [Xen-devel] [PATCH] Fix bugs in xc_exchange_page
From: "Jiang, Yunhong" <yunhong.jiang@xxxxxxxxx>
Date: Thu, 2 Jul 2009 14:48:01 +0800
Accept-language: en-US
Acceptlanguage: en-US
Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Wed, 01 Jul 2009 23:49:34 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Acn64Qqx36L1Z4K8QcCUUDk+FVoQAw==
Thread-topic: [PATCH] Fix bugs in xc_exchange_page
Followed patch fix wrong usage for pfn_type. Otherwise xc_exchange_page is sure 
to seg fault.

Yunhong, Jiang

The pfn_type is indexed by gpfn, not mfn.

Signed-off-by: Jiang, Yunhong <yunhong.jiang@xxxxxxxxx>

diff -r 02003bee3e80 tools/libxc/xc_offline_page.c
--- a/tools/libxc/xc_offline_page.c     Thu Jun 25 18:31:10 2009 +0100
+++ b/tools/libxc/xc_offline_page.c     Thu Jul 02 00:55:41 2009 +0800
@@ -583,7 +583,7 @@ int xc_exchange_page(int xc_handle, int 
     /* Don't exchange CR3 for PAE guest in PAE host environment */
     if (minfo.guest_width > sizeof(long))
-        if ( (minfo.pfn_type[mfn] & XEN_DOMCTL_PFINFO_LTABTYPE_MASK) ==
+        if ( (minfo.pfn_type[gpfn] & XEN_DOMCTL_PFINFO_LTABTYPE_MASK) ==
                     XEN_DOMCTL_PFINFO_L3TAB )
             goto failed;
@@ -621,7 +621,7 @@ int xc_exchange_page(int xc_handle, int 
     old_ptes.cur = 0;
     /* Unpin the page if it is pined */
-    if (minfo.pfn_type[mfn] & XEN_DOMCTL_PFINFO_LPINTAB)
+    if (minfo.pfn_type[gpfn] & XEN_DOMCTL_PFINFO_LPINTAB)
         mops.cmd = MMUEXT_UNPIN_TABLE;
         mops.arg1.mfn = mfn;

Attachment: xc_exchange.patch
Description: xc_exchange.patch

Xen-devel mailing list
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] [PATCH] Fix bugs in xc_exchange_page, Jiang, Yunhong <=