 Home |
Products |
Support |
Community |
News |
xen-changelog
[Xen-changelog] Fix writing to mmap'ed /dev/mem region mapped PROT_WRITE
| To: | xen-changelog@xxxxxxxxxxxxxxxxxxx |
|---|---|
| Subject: | [Xen-changelog] Fix writing to mmap'ed /dev/mem region mapped PROT_WRITE |
| From: | Xen patchbot -unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx> |
| Date: | Fri, 02 Sep 2005 16:52:11 +0000 |
| Delivery-date: | Fri, 02 Sep 2005 16:50:36 +0000 |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxxx |
| List-help: | <mailto:xen-changelog-request@lists.xensource.com?subject=help> |
| List-id: | BK change log <xen-changelog.lists.xensource.com> |
| List-post: | <mailto:xen-changelog@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe> |
| Reply-to: | xen-devel@xxxxxxxxxxxxxxxxxxx |
| Sender: | xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx |
# HG changeset patch
# User kaf24@xxxxxxxxxxxxxxxxxxxx
# Node ID 7c2afbad0188ac64feb0f4122c7b262bc640c014
# Parent cac138ea92841a1ea7bcfbcfb1a845f66878bdbe
Fix writing to mmap'ed /dev/mem region mapped PROT_WRITE
and MAP_PRIVATE. This is in fact a generic Linux bug.
Signed-off-by: Keir Fraser <keir@xxxxxxxxxxxxx>
diff -r cac138ea9284 -r 7c2afbad0188 linux-2.6-xen-sparse/mm/memory.c
--- a/linux-2.6-xen-sparse/mm/memory.c Fri Sep 2 14:20:12 2005
+++ b/linux-2.6-xen-sparse/mm/memory.c Fri Sep 2 16:51:55 2005
@@ -1367,20 +1367,15 @@
struct page *old_page, *new_page;
unsigned long pfn = pte_pfn(pte);
pte_t entry;
+ struct page invalid_page;
if (unlikely(!pfn_valid(pfn))) {
- /*
- * This should really halt the system so it can be debugged or
- * at least the kernel stops what it's doing before it corrupts
- * data, but for the moment just pretend this is OOM.
- */
- pte_unmap(page_table);
- printk(KERN_ERR "do_wp_page: bogus page at address %08lx\n",
- address);
- spin_unlock(&mm->page_table_lock);
- return VM_FAULT_OOM;
- }
- old_page = pfn_to_page(pfn);
+ /* This can happen with /dev/mem (PROT_WRITE, MAP_PRIVATE). */
+ invalid_page.flags = (1<<PG_reserved) | (1<<PG_locked);
+ old_page = &invalid_page;
+ } else {
+ old_page = pfn_to_page(pfn);
+ }
if (!TestSetPageLocked(old_page)) {
int reuse = can_share_swap_page(old_page);
@@ -1416,7 +1411,13 @@
new_page = alloc_page_vma(GFP_HIGHUSER, vma, address);
if (!new_page)
goto no_new_page;
- copy_user_highpage(new_page, old_page, address);
+ if (old_page == &invalid_page) {
+ char *vto = kmap_atomic(new_page, KM_USER1);
+ copy_page(vto, (void *)(address & PAGE_MASK));
+ kunmap_atomic(vto, KM_USER1);
+ } else {
+ copy_user_highpage(new_page, old_page, address);
+ }
}
/*
* Re-check the pte - we dropped the lock
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [Xen-changelog] Install hotplug script(s) unconditionally., Xen patchbot -unstable |
|---|---|
| Next by Date: | [Xen-changelog] Fix preemption-check race in memory_op hypercall., Xen patchbot -unstable |
| Previous by Thread: | [Xen-changelog] Install hotplug script(s) unconditionally., Xen patchbot -unstable |
| Next by Thread: | [Xen-changelog] Fix preemption-check race in memory_op hypercall., Xen patchbot -unstable |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
