diff options
author | Eugene Teo <eugeneteo@kernel.sg> | 2008-02-09 10:53:17 -0500 |
---|---|---|
committer | Rusty Russell <rusty@rustcorp.com.au> | 2008-03-10 18:35:56 -0400 |
commit | f73d1e6ca6985b43a1871467463cba632fbc624d (patch) | |
tree | 84b01e87f41bf960c58b6934142da31f6d1638eb | |
parent | cdeeeae056a429e729ae9e914fa8142ee45bee93 (diff) |
lguest: make sure cpu is initialized before accessing it
If req is LHREQ_INITIALIZE, and the guest has been initialized before
(unlikely), it will attempt to access cpu->tsk even though cpu is not yet
initialized.
Signed-off-by: Eugene Teo <eugeneteo@kernel.sg>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-rw-r--r-- | drivers/lguest/lguest_user.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/drivers/lguest/lguest_user.c b/drivers/lguest/lguest_user.c index 85d42d3d01a9..2221485b0773 100644 --- a/drivers/lguest/lguest_user.c +++ b/drivers/lguest/lguest_user.c | |||
@@ -241,15 +241,16 @@ static ssize_t write(struct file *file, const char __user *in, | |||
241 | cpu = &lg->cpus[cpu_id]; | 241 | cpu = &lg->cpus[cpu_id]; |
242 | if (!cpu) | 242 | if (!cpu) |
243 | return -EINVAL; | 243 | return -EINVAL; |
244 | } | ||
245 | 244 | ||
246 | /* Once the Guest is dead, all you can do is read() why it died. */ | 245 | /* Once the Guest is dead, you can only read() why it died. */ |
247 | if (lg && lg->dead) | 246 | if (lg->dead) |
248 | return -ENOENT; | 247 | return -ENOENT; |
249 | 248 | ||
250 | /* If you're not the task which owns the Guest, you can only break */ | 249 | /* If you're not the task which owns the Guest, all you can do |
251 | if (lg && current != cpu->tsk && req != LHREQ_BREAK) | 250 | * is break the Launcher out of running the Guest. */ |
252 | return -EPERM; | 251 | if (current != cpu->tsk && req != LHREQ_BREAK) |
252 | return -EPERM; | ||
253 | } | ||
253 | 254 | ||
254 | switch (req) { | 255 | switch (req) { |
255 | case LHREQ_INITIALIZE: | 256 | case LHREQ_INITIALIZE: |