diff options
Diffstat (limited to 'drivers/lguest')
| -rw-r--r-- | drivers/lguest/core.c | 15 | ||||
| -rw-r--r-- | drivers/lguest/lguest_user.c | 15 | ||||
| -rw-r--r-- | drivers/lguest/page_tables.c | 2 |
3 files changed, 22 insertions, 10 deletions
diff --git a/drivers/lguest/core.c b/drivers/lguest/core.c index 7743d73768df..c632c08cbbdc 100644 --- a/drivers/lguest/core.c +++ b/drivers/lguest/core.c | |||
| @@ -69,11 +69,22 @@ static __init int map_switcher(void) | |||
| 69 | switcher_page[i] = virt_to_page(addr); | 69 | switcher_page[i] = virt_to_page(addr); |
| 70 | } | 70 | } |
| 71 | 71 | ||
| 72 | /* First we check that the Switcher won't overlap the fixmap area at | ||
| 73 | * the top of memory. It's currently nowhere near, but it could have | ||
| 74 | * very strange effects if it ever happened. */ | ||
| 75 | if (SWITCHER_ADDR + (TOTAL_SWITCHER_PAGES+1)*PAGE_SIZE > FIXADDR_START){ | ||
| 76 | err = -ENOMEM; | ||
| 77 | printk("lguest: mapping switcher would thwack fixmap\n"); | ||
| 78 | goto free_pages; | ||
| 79 | } | ||
| 80 | |||
| 72 | /* Now we reserve the "virtual memory area" we want: 0xFFC00000 | 81 | /* Now we reserve the "virtual memory area" we want: 0xFFC00000 |
| 73 | * (SWITCHER_ADDR). We might not get it in theory, but in practice | 82 | * (SWITCHER_ADDR). We might not get it in theory, but in practice |
| 74 | * it's worked so far. */ | 83 | * it's worked so far. The end address needs +1 because __get_vm_area |
| 84 | * allocates an extra guard page, so we need space for that. */ | ||
| 75 | switcher_vma = __get_vm_area(TOTAL_SWITCHER_PAGES * PAGE_SIZE, | 85 | switcher_vma = __get_vm_area(TOTAL_SWITCHER_PAGES * PAGE_SIZE, |
| 76 | VM_ALLOC, SWITCHER_ADDR, VMALLOC_END); | 86 | VM_ALLOC, SWITCHER_ADDR, SWITCHER_ADDR |
| 87 | + (TOTAL_SWITCHER_PAGES+1) * PAGE_SIZE); | ||
| 77 | if (!switcher_vma) { | 88 | if (!switcher_vma) { |
| 78 | err = -ENOMEM; | 89 | err = -ENOMEM; |
| 79 | printk("lguest: could not map switcher pages high\n"); | 90 | printk("lguest: could not map switcher pages high\n"); |
diff --git a/drivers/lguest/lguest_user.c b/drivers/lguest/lguest_user.c index 85d42d3d01a9..2221485b0773 100644 --- a/drivers/lguest/lguest_user.c +++ b/drivers/lguest/lguest_user.c | |||
| @@ -241,15 +241,16 @@ static ssize_t write(struct file *file, const char __user *in, | |||
| 241 | cpu = &lg->cpus[cpu_id]; | 241 | cpu = &lg->cpus[cpu_id]; |
| 242 | if (!cpu) | 242 | if (!cpu) |
| 243 | return -EINVAL; | 243 | return -EINVAL; |
| 244 | } | ||
| 245 | 244 | ||
| 246 | /* Once the Guest is dead, all you can do is read() why it died. */ | 245 | /* Once the Guest is dead, you can only read() why it died. */ |
| 247 | if (lg && lg->dead) | 246 | if (lg->dead) |
| 248 | return -ENOENT; | 247 | return -ENOENT; |
| 249 | 248 | ||
| 250 | /* If you're not the task which owns the Guest, you can only break */ | 249 | /* If you're not the task which owns the Guest, all you can do |
| 251 | if (lg && current != cpu->tsk && req != LHREQ_BREAK) | 250 | * is break the Launcher out of running the Guest. */ |
| 252 | return -EPERM; | 251 | if (current != cpu->tsk && req != LHREQ_BREAK) |
| 252 | return -EPERM; | ||
| 253 | } | ||
| 253 | 254 | ||
| 254 | switch (req) { | 255 | switch (req) { |
| 255 | case LHREQ_INITIALIZE: | 256 | case LHREQ_INITIALIZE: |
diff --git a/drivers/lguest/page_tables.c b/drivers/lguest/page_tables.c index 275f23c2deb4..a7f64a9d67e0 100644 --- a/drivers/lguest/page_tables.c +++ b/drivers/lguest/page_tables.c | |||
| @@ -391,7 +391,7 @@ static unsigned int find_pgdir(struct lguest *lg, unsigned long pgtable) | |||
| 391 | { | 391 | { |
| 392 | unsigned int i; | 392 | unsigned int i; |
| 393 | for (i = 0; i < ARRAY_SIZE(lg->pgdirs); i++) | 393 | for (i = 0; i < ARRAY_SIZE(lg->pgdirs); i++) |
| 394 | if (lg->pgdirs[i].gpgdir == pgtable) | 394 | if (lg->pgdirs[i].pgdir && lg->pgdirs[i].gpgdir == pgtable) |
| 395 | break; | 395 | break; |
| 396 | return i; | 396 | return i; |
| 397 | } | 397 | } |