# HG changeset patch
# User Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>
# Node ID c3602d217110d08321e7f136620acdfa61baddc9
# Parent cb0d26d68adf6c66e59493c0dfd91155ff11a7f1
[HVM] Don't compare CR3 pfn to domain->max_pages
max_pages is the largest number of pages the domain can have
allocated, not the gpfn of the highest one.
Signed-off-by: Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>
---
xen/arch/x86/hvm/svm/svm.c | 15 ++++++---------
xen/arch/x86/hvm/vmx/vmx.c | 23 ++++++++++-------------
2 files changed, 16 insertions(+), 22 deletions(-)
diff -r cb0d26d68adf -r c3602d217110 xen/arch/x86/hvm/svm/svm.c
--- a/xen/arch/x86/hvm/svm/svm.c Fri Oct 20 16:06:53 2006 +0100
+++ b/xen/arch/x86/hvm/svm/svm.c Fri Oct 20 17:52:32 2006 +0100
@@ -1555,9 +1555,8 @@ static int svm_set_cr0(unsigned long val
if ((value & X86_CR0_PE) && (value & X86_CR0_PG) && !paging_enabled)
{
/* The guest CR3 must be pointing to the guest physical. */
- if (!VALID_MFN(mfn =
- get_mfn_from_gpfn(v->arch.hvm_svm.cpu_cr3 >>
PAGE_SHIFT))
- || !get_page(mfn_to_page(mfn), v->domain))
+ mfn = get_mfn_from_gpfn(v->arch.hvm_svm.cpu_cr3 >> PAGE_SHIFT);
+ if ( !VALID_MFN(mfn) || !get_page(mfn_to_page(mfn), v->domain))
{
printk("Invalid CR3 value = %lx\n", v->arch.hvm_svm.cpu_cr3);
domain_crash_synchronous(); /* need to take a clean path */
@@ -1741,9 +1740,8 @@ static int mov_to_cr(int gpreg, int cr,
* first.
*/
HVM_DBG_LOG(DBG_LEVEL_VMMU, "CR3 value = %lx", value);
- if (((value >> PAGE_SHIFT) > v->domain->max_pages)
- || !VALID_MFN(mfn = get_mfn_from_gpfn(value >> PAGE_SHIFT))
- || !get_page(mfn_to_page(mfn), v->domain))
+ mfn = get_mfn_from_gpfn(value >> PAGE_SHIFT);
+ if ( !VALID_MFN(mfn) || !get_page(mfn_to_page(mfn), v->domain))
{
printk("Invalid CR3 value=%lx\n", value);
domain_crash_synchronous(); /* need to take a clean path */
@@ -1777,9 +1775,8 @@ static int mov_to_cr(int gpreg, int cr,
/* The guest is a 32-bit PAE guest. */
#if CONFIG_PAGING_LEVELS >= 3
unsigned long mfn, old_base_mfn;
-
- if ( !VALID_MFN(mfn = get_mfn_from_gpfn(
- v->arch.hvm_svm.cpu_cr3 >> PAGE_SHIFT)) ||
+ mfn = get_mfn_from_gpfn(v->arch.hvm_svm.cpu_cr3 >> PAGE_SHIFT);
+ if ( !VALID_MFN(mfn) ||
!get_page(mfn_to_page(mfn), v->domain) )
{
printk("Invalid CR3 value = %lx", v->arch.hvm_svm.cpu_cr3);
diff -r cb0d26d68adf -r c3602d217110 xen/arch/x86/hvm/vmx/vmx.c
--- a/xen/arch/x86/hvm/vmx/vmx.c Fri Oct 20 16:06:53 2006 +0100
+++ b/xen/arch/x86/hvm/vmx/vmx.c Fri Oct 20 17:52:32 2006 +0100
@@ -1323,12 +1323,13 @@ static int vmx_world_restore(struct vcpu
* first.
*/
HVM_DBG_LOG(DBG_LEVEL_VMMU, "CR3 c->cr3 = %x", c->cr3);
- if ((c->cr3 >> PAGE_SHIFT) > v->domain->max_pages) {
+ mfn = get_mfn_from_gpfn(c->cr3 >> PAGE_SHIFT);
+ if ( !VALID_MFN(mfn) )
+ {
printk("Invalid CR3 value=%x", c->cr3);
domain_crash_synchronous();
return 0;
}
- mfn = get_mfn_from_gpfn(c->cr3 >> PAGE_SHIFT);
if(!get_page(mfn_to_page(mfn), v->domain))
return 0;
old_base_mfn = pagetable_get_pfn(v->arch.guest_table);
@@ -1508,9 +1509,8 @@ static int vmx_set_cr0(unsigned long val
* Trying to enable guest paging.
* The guest CR3 must be pointing to the guest physical.
*/
- if ( !VALID_MFN(mfn = get_mfn_from_gpfn(
- v->arch.hvm_vmx.cpu_cr3 >> PAGE_SHIFT)) ||
- !get_page(mfn_to_page(mfn), v->domain) )
+ mfn = get_mfn_from_gpfn(v->arch.hvm_vmx.cpu_cr3 >> PAGE_SHIFT);
+ if ( !VALID_MFN(mfn) || !get_page(mfn_to_page(mfn), v->domain) )
{
printk("Invalid CR3 value = %lx (mfn=%lx)\n",
v->arch.hvm_vmx.cpu_cr3, mfn);
@@ -1712,11 +1712,10 @@ static int mov_to_cr(int gp, int cr, str
* first.
*/
HVM_DBG_LOG(DBG_LEVEL_VMMU, "CR3 value = %lx", value);
- if ( ((value >> PAGE_SHIFT) > v->domain->max_pages ) ||
- !VALID_MFN(mfn = get_mfn_from_gpfn(value >> PAGE_SHIFT)) ||
- !get_page(mfn_to_page(mfn), v->domain) )
+ mfn = get_mfn_from_gpfn(value >> PAGE_SHIFT);
+ if ( !VALID_MFN(mfn) || !get_page(mfn_to_page(mfn), v->domain) )
{
- printk("Invalid CR3 value=%lx", value);
+ printk("Invalid CR3 value=%lx\n", value);
domain_crash_synchronous(); /* need to take a clean path */
}
old_base_mfn = pagetable_get_pfn(v->arch.guest_table);
@@ -1745,15 +1744,13 @@ static int mov_to_cr(int gp, int cr, str
/* The guest is a 32-bit PAE guest. */
#if CONFIG_PAGING_LEVELS >= 3
unsigned long mfn, old_base_mfn;
-
- if ( !VALID_MFN(mfn = get_mfn_from_gpfn(
- v->arch.hvm_vmx.cpu_cr3 >> PAGE_SHIFT)) ||
+ mfn = get_mfn_from_gpfn(v->arch.hvm_vmx.cpu_cr3 >> PAGE_SHIFT);
+ if ( !VALID_MFN(mfn) ||
!get_page(mfn_to_page(mfn), v->domain) )
{
printk("Invalid CR3 value = %lx", v->arch.hvm_vmx.cpu_cr3);
domain_crash_synchronous(); /* need to take a clean path */
}
-
/*
* Now arch.guest_table points to machine physical.
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
Home