diff options
| author | Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> | 2011-12-20 17:01:18 -0500 |
|---|---|---|
| committer | Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> | 2011-12-20 17:01:18 -0500 |
| commit | cb85f123cd2393581bcffad335bfc6bcdd58569c (patch) | |
| tree | 7b0de48b2a13ca96251c02245ab906f7efa3ac18 /arch/s390/kvm/priv.c | |
| parent | b79d2ff98caee60c07a7598aba3b26acd1655a99 (diff) | |
| parent | caca6a03d365883564885f2c1da3e88dcf65d139 (diff) | |
Merge commit 'v3.2-rc3' into stable/for-linus-3.3
* commit 'v3.2-rc3': (412 commits)
Linux 3.2-rc3
virtio-pci: make reset operation safer
virtio-mmio: Correct the name of the guest features selector
virtio: add HAS_IOMEM dependency to MMIO platform bus driver
eCryptfs: Extend array bounds for all filename chars
eCryptfs: Flush file in vma close
eCryptfs: Prevent file create race condition
regulator: TPS65910: Fix VDD1/2 voltage selector count
i2c: Make i2cdev_notifier_call static
i2c: Delete ANY_I2C_BUS
i2c: Fix device name for 10-bit slave address
i2c-algo-bit: Generate correct i2c address sequence for 10-bit target
drm: integer overflow in drm_mode_dirtyfb_ioctl()
Revert "of/irq: of_irq_find_parent: check for parent equal to child"
drivers/gpu/vga/vgaarb.c: add missing kfree
drm/radeon/kms/atom: unify i2c gpio table handling
drm/radeon/kms: fix up gpio i2c mask bits for r4xx for real
ttm: Don't return the bo reserved on error path
mount_subtree() pointless use-after-free
iio: fix a leak due to improper use of anon_inode_getfd()
...
Diffstat (limited to 'arch/s390/kvm/priv.c')
| -rw-r--r-- | arch/s390/kvm/priv.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/arch/s390/kvm/priv.c b/arch/s390/kvm/priv.c index 391626361084..d02638959922 100644 --- a/arch/s390/kvm/priv.c +++ b/arch/s390/kvm/priv.c | |||
| @@ -336,6 +336,7 @@ static int handle_tprot(struct kvm_vcpu *vcpu) | |||
| 336 | u64 address1 = disp1 + base1 ? vcpu->arch.guest_gprs[base1] : 0; | 336 | u64 address1 = disp1 + base1 ? vcpu->arch.guest_gprs[base1] : 0; |
| 337 | u64 address2 = disp2 + base2 ? vcpu->arch.guest_gprs[base2] : 0; | 337 | u64 address2 = disp2 + base2 ? vcpu->arch.guest_gprs[base2] : 0; |
| 338 | struct vm_area_struct *vma; | 338 | struct vm_area_struct *vma; |
| 339 | unsigned long user_address; | ||
| 339 | 340 | ||
| 340 | vcpu->stat.instruction_tprot++; | 341 | vcpu->stat.instruction_tprot++; |
| 341 | 342 | ||
| @@ -349,9 +350,14 @@ static int handle_tprot(struct kvm_vcpu *vcpu) | |||
| 349 | return -EOPNOTSUPP; | 350 | return -EOPNOTSUPP; |
| 350 | 351 | ||
| 351 | 352 | ||
| 353 | /* we must resolve the address without holding the mmap semaphore. | ||
| 354 | * This is ok since the userspace hypervisor is not supposed to change | ||
| 355 | * the mapping while the guest queries the memory. Otherwise the guest | ||
| 356 | * might crash or get wrong info anyway. */ | ||
| 357 | user_address = (unsigned long) __guestaddr_to_user(vcpu, address1); | ||
| 358 | |||
| 352 | down_read(¤t->mm->mmap_sem); | 359 | down_read(¤t->mm->mmap_sem); |
| 353 | vma = find_vma(current->mm, | 360 | vma = find_vma(current->mm, user_address); |
| 354 | (unsigned long) __guestaddr_to_user(vcpu, address1)); | ||
| 355 | if (!vma) { | 361 | if (!vma) { |
| 356 | up_read(¤t->mm->mmap_sem); | 362 | up_read(¤t->mm->mmap_sem); |
| 357 | return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING); | 363 | return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING); |