search for: kill_guest

...==== --- linux-2.6.21-rc5-mm2.orig/drivers/lguest/core.c +++ linux-2.6.21-rc5-mm2/drivers/lguest/core.c @@ -220,7 +220,7 @@ u8 lgread_u8(struct lguest *lg, u32 addr /* Don't let them access lguest binary */ if (!lguest_address_ok(lg, addr) || get_user(val, (u32 __user *)addr) != 0) - kill_guest(lg, "bad read address %u", addr); + kill_guest(lg, "bad read address %x", addr); return val; } @@ -231,7 +231,7 @@ u16 lgread_u16(struct lguest *lg, u32 ad /* Don't let them access lguest binary */ if (!lguest_address_ok(lg, addr) || get_user(val, (u32 __user...

...==== --- linux-2.6.21-rc5-mm2.orig/drivers/lguest/core.c +++ linux-2.6.21-rc5-mm2/drivers/lguest/core.c @@ -220,7 +220,7 @@ u8 lgread_u8(struct lguest *lg, u32 addr /* Don't let them access lguest binary */ if (!lguest_address_ok(lg, addr) || get_user(val, (u32 __user *)addr) != 0) - kill_guest(lg, "bad read address %u", addr); + kill_guest(lg, "bad read address %x", addr); return val; } @@ -231,7 +231,7 @@ u16 lgread_u16(struct lguest *lg, u32 ad /* Don't let them access lguest binary */ if (!lguest_address_ok(lg, addr) || get_user(val, (u32 __user...

...guest access lguest binary. */ -u32 lgread_u32(struct lguest *lg, u32 addr) +u32 lgread_u32(struct lguest *lg, unsigned long addr) { u32 val = 0; /* Don't let them access lguest binary */ if (!lguest_address_ok(lg, addr, sizeof(val)) || get_user(val, (u32 __user *)addr) != 0) - kill_guest(lg, "bad read address %u", addr); + kill_guest(lg, "bad read address %#lx", addr); return val; } -void lgwrite_u32(struct lguest *lg, u32 addr, u32 val) +void lgwrite_u32(struct lguest *lg, unsigned long addr, u32 val) { if (!lguest_address_ok(lg, addr, sizeof(val))...

...guest access lguest binary. */ -u32 lgread_u32(struct lguest *lg, u32 addr) +u32 lgread_u32(struct lguest *lg, unsigned long addr) { u32 val = 0; /* Don't let them access lguest binary */ if (!lguest_address_ok(lg, addr, sizeof(val)) || get_user(val, (u32 __user *)addr) != 0) - kill_guest(lg, "bad read address %u", addr); + kill_guest(lg, "bad read address %#lx", addr); return val; } -void lgwrite_u32(struct lguest *lg, u32 addr, u32 val) +void lgwrite_u32(struct lguest *lg, unsigned long addr, u32 val) { if (!lguest_address_ok(lg, addr, sizeof(val))...

1) Example code: old libc headers don't have SIOCBRADDIF, and old zlibs don't have gzdirect() -- it's a sanity check anyway. 2) Some people don't build in their source directories, so .config isn't there (thanks to Tony Breeds <tony@bakeyournoodle.com>). 3) Point out that guest and host kernel are usually the same. 4) Set the "no checksum" option on the

1) Example code: old libc headers don't have SIOCBRADDIF, and old zlibs don't have gzdirect() -- it's a sanity check anyway. 2) Some people don't build in their source directories, so .config isn't there (thanks to Tony Breeds <tony@bakeyournoodle.com>). 3) Point out that guest and host kernel are usually the same. 4) Set the "no checksum" option on the

...= addr); +} + +/* Just like get_user, but don't let guest access lguest binary. */ +u32 lgread_u32(struct lguest *lg, u32 addr) +{ + u32 val = 0; + + /* Don't let them access lguest binary */ + if (!lguest_address_ok(lg, addr, sizeof(val)) + || get_user(val, (u32 __user *)addr) != 0) + kill_guest(lg, "bad read address %u", addr); + return val; +} + +void lgwrite_u32(struct lguest *lg, u32 addr, u32 val) +{ + if (!lguest_address_ok(lg, addr, sizeof(val)) + || put_user(val, (u32 __user *)addr) != 0) + kill_guest(lg, "bad write address %u", addr); +} + +void lgread(str...

...= addr); +} + +/* Just like get_user, but don't let guest access lguest binary. */ +u32 lgread_u32(struct lguest *lg, u32 addr) +{ + u32 val = 0; + + /* Don't let them access lguest binary */ + if (!lguest_address_ok(lg, addr, sizeof(val)) + || get_user(val, (u32 __user *)addr) != 0) + kill_guest(lg, "bad read address %u", addr); + return val; +} + +void lgwrite_u32(struct lguest *lg, u32 addr, u32 val) +{ + if (!lguest_address_ok(lg, addr, sizeof(val)) + || put_user(val, (u32 __user *)addr) != 0) + kill_guest(lg, "bad write address %u", addr); +} + +void lgread(str...

...e pages of any other CPU. */ @@ -73,39 +81,90 @@ static pgd_t *spgd_addr(struct lg_cpu *cpu, u32 i, unsigned long vaddr) { unsigned int index = pgd_index(vaddr); +#ifndef CONFIG_X86_PAE /* We kill any Guest trying to touch the Switcher addresses. */ if (index >= SWITCHER_PGD_INDEX) { kill_guest(cpu, "attempt to access switcher pages"); index = 0; } +#endif /* Return a pointer index'th pgd entry for the i'th page table. */ return &cpu->lg->pgdirs[i].pgdir[index]; } +#ifdef CONFIG_X86_PAE +/* This routine then takes the PGD entry given above, which co...

...e pages of any other CPU. */ @@ -73,39 +81,90 @@ static pgd_t *spgd_addr(struct lg_cpu *cpu, u32 i, unsigned long vaddr) { unsigned int index = pgd_index(vaddr); +#ifndef CONFIG_X86_PAE /* We kill any Guest trying to touch the Switcher addresses. */ if (index >= SWITCHER_PGD_INDEX) { kill_guest(cpu, "attempt to access switcher pages"); index = 0; } +#endif /* Return a pointer index'th pgd entry for the i'th page table. */ return &cpu->lg->pgdirs[i].pgdir[index]; } +#ifdef CONFIG_X86_PAE +/* This routine then takes the PGD entry given above, which co...

...e pages of any other CPU. */ @@ -73,23 +84,58 @@ static pgd_t *spgd_addr(struct lg_cpu *cpu, u32 i, unsigned long vaddr) { unsigned int index = pgd_index(vaddr); +#ifndef CONFIG_X86_PAE /* We kill any Guest trying to touch the Switcher addresses. */ if (index >= SWITCHER_PGD_INDEX) { kill_guest(cpu, "attempt to access switcher pages"); index = 0; } +#endif /* Return a pointer index'th pgd entry for the i'th page table. */ return &cpu->lg->pgdirs[i].pgdir[index]; } +#ifdef CONFIG_X86_PAE +/* This routine then takes the PGD entry given above, which co...

...e pages of any other CPU. */ @@ -73,23 +84,58 @@ static pgd_t *spgd_addr(struct lg_cpu *cpu, u32 i, unsigned long vaddr) { unsigned int index = pgd_index(vaddr); +#ifndef CONFIG_X86_PAE /* We kill any Guest trying to touch the Switcher addresses. */ if (index >= SWITCHER_PGD_INDEX) { kill_guest(cpu, "attempt to access switcher pages"); index = 0; } +#endif /* Return a pointer index'th pgd entry for the i'th page table. */ return &cpu->lg->pgdirs[i].pgdir[index]; } +#ifdef CONFIG_X86_PAE +/* This routine then takes the PGD entry given above, which co...

...+ return 1; + if (!lguest_address_ok(linfo, dma->addr[i])) + goto kill; + if (dma->len[i] > PAGE_SIZE) + goto kill; + /* We could do over a page, but is it worth it? */ + if ((dma->addr[i] % PAGE_SIZE) + dma->len[i] > PAGE_SIZE) + goto kill; + } + return 1; + +kill: + kill_guest(linfo, "bad DMA entry: %u@%#llx", dma->len[i], dma->addr[i]); + return 0; +} + +static unsigned int hash(const union futex_key *key) +{ + return jhash2((u32*)&key->both.word, + (sizeof(key->both.word)+sizeof(key->both.ptr))/4, + key->both.offset) + % A...

...+ return 1; + if (!lguest_address_ok(linfo, dma->addr[i])) + goto kill; + if (dma->len[i] > PAGE_SIZE) + goto kill; + /* We could do over a page, but is it worth it? */ + if ((dma->addr[i] % PAGE_SIZE) + dma->len[i] > PAGE_SIZE) + goto kill; + } + return 1; + +kill: + kill_guest(linfo, "bad DMA entry: %u@%#llx", dma->len[i], dma->addr[i]); + return 0; +} + +static unsigned int hash(const union futex_key *key) +{ + return jhash2((u32*)&key->both.word, + (sizeof(key->both.word)+sizeof(key->both.ptr))/4, + key->both.offset) + % A...

..._sec; - break; - } case LHCALL_BIND_DMA: regs->eax = bind_dma(lg, regs->edx, regs->ebx, regs->ecx >> 8, regs->ecx & 0xFF); @@ -160,6 +154,8 @@ static void initialize(struct lguest *lg || put_user(lg->guestid, &lg->lguest_data->guestid)) kill_guest(lg, "bad guest page %p", lg->lguest_data); + write_timestamp(lg); + /* This is the one case where the above accesses might have * been the first write to a Guest page. This may have caused * a copy-on-write fault, but the Guest might be referring to @@ -190,3 +186,11 @@ void...

..._sec; - break; - } case LHCALL_BIND_DMA: regs->eax = bind_dma(lg, regs->edx, regs->ebx, regs->ecx >> 8, regs->ecx & 0xFF); @@ -160,6 +154,8 @@ static void initialize(struct lguest *lg || put_user(lg->guestid, &lg->lguest_data->guestid)) kill_guest(lg, "bad guest page %p", lg->lguest_data); + write_timestamp(lg); + /* This is the one case where the above accesses might have * been the first write to a Guest page. This may have caused * a copy-on-write fault, but the Guest might be referring to @@ -190,3 +186,11 @@ void...

Hi all, Gratefully-received recent feedback from CC'd was applied to excellent effect (and the advice from Matt Mackall about my personal appearance is best unrequited). The patch is split in 5 parts to correspond with the 9 parts Andrew sent out before, but here's the summary: 1) Sparse (thanks Christoph Hellwig): - lguest_const can be static now - lguest.c should include

Hi all, Gratefully-received recent feedback from CC'd was applied to excellent effect (and the advice from Matt Mackall about my personal appearance is best unrequited). The patch is split in 5 parts to correspond with the 9 parts Andrew sent out before, but here's the summary: 1) Sparse (thanks Christoph Hellwig): - lguest_const can be static now - lguest.c should include

...==================================== --- a/drivers/lguest/page_tables.c +++ b/drivers/lguest/page_tables.c @@ -186,7 +186,7 @@ void pin_page(struct lguest *lg, unsigne void pin_page(struct lguest *lg, unsigned long vaddr) { if (!page_writable(lg, vaddr) && !demand_page(lg, vaddr, 0)) - kill_guest(lg, "bad trap page %#lx", vaddr); + kill_guest(lg, "bad stack page %#lx", vaddr); } static void release_pgd(struct lguest *lg, spgd_t *spgd) @@ -253,7 +253,7 @@ void guest_new_pagetable(struct lguest * newpgdir = new_pgdir(lg, pgtable, &repin); lg->pgdidx = newp...

...==================================== --- a/drivers/lguest/page_tables.c +++ b/drivers/lguest/page_tables.c @@ -186,7 +186,7 @@ void pin_page(struct lguest *lg, unsigne void pin_page(struct lguest *lg, unsigned long vaddr) { if (!page_writable(lg, vaddr) && !demand_page(lg, vaddr, 0)) - kill_guest(lg, "bad trap page %#lx", vaddr); + kill_guest(lg, "bad stack page %#lx", vaddr); } static void release_pgd(struct lguest *lg, spgd_t *spgd) @@ -253,7 +253,7 @@ void guest_new_pagetable(struct lguest * newpgdir = new_pgdir(lg, pgtable, &repin); lg->pgdidx = newp...