Do not continue silently on a page fault for an INVALID_PAGE, and instead

report an EFAULT like Xen does.

This avoids bad situations where a domain calls privpgop_fault() in a loop
by trying to map an invalid MFN.

See also http://mail-index.netbsd.org/port-xen/2009/03/03/msg004803.html
This commit is contained in:
jym 2009-03-04 10:32:36 +00:00
parent 26c579d9c4
commit 369b7d3476

View File

@ -1,4 +1,4 @@
/* $NetBSD: privcmd.c,v 1.35 2008/12/04 20:56:57 jym Exp $ */
/* $NetBSD: privcmd.c,v 1.36 2009/03/04 10:32:36 jym Exp $ */
/*-
* Copyright (c) 2004 Christian Limpach.
@ -32,7 +32,7 @@
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: privcmd.c,v 1.35 2008/12/04 20:56:57 jym Exp $");
__KERNEL_RCSID(0, "$NetBSD: privcmd.c,v 1.36 2009/03/04 10:32:36 jym Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@ -526,8 +526,13 @@ privpgop_fault(struct uvm_faultinfo *ufi, vaddr_t vaddr, struct vm_page **pps,
continue;
if (pps[i] == PGO_DONTCARE)
continue;
if (pobj->maddr[maddr_i] == INVALID_PAGE)
continue; /* this has already been flagged as error */
if (pobj->maddr[maddr_i] == INVALID_PAGE) {
/* this has already been flagged as error */
uvmfault_unlockall(ufi, ufi->entry->aref.ar_amap,
uobj, NULL);
pmap_update(ufi->orig_map->pmap);
return EFAULT;
}
error = pmap_enter_ma(ufi->orig_map->pmap, vaddr,
pobj->maddr[maddr_i], 0, ufi->entry->protection,
PMAP_CANFAIL | ufi->entry->protection,