On Tue, Oct 05, 2010 at 03:43:01PM +0200, Gleb Natapov wrote:
> > --- kvm.orig/arch/x86/kvm/mmu.c
> > +++ kvm/arch/x86/kvm/mmu.c
> > @@ -2273,6 +2273,7 @@ static int nonpaging_map(struct kvm_vcpu
> > {
> > int r;
> > int level;
> > + int writable;
> > pfn_t pfn;
> > unsigned long mmu_seq;
> >
> > @@ -2289,10 +2290,10 @@ static int nonpaging_map(struct kvm_vcpu
> >
> > mmu_seq = vcpu->kvm->mmu_notifier_seq;
> > smp_rmb();
> > - pfn = gfn_to_pfn(vcpu->kvm, gfn);
> > + pfn = gfn_to_pfn(vcpu->kvm, gfn, &writable);
> >
> > /* mmio */
> > - if (is_error_pfn(pfn))
> > + if (is_error_pfn(pfn) || !writable)
> > return kvm_handle_bad_page(vcpu->kvm, gfn, pfn);
> >
> > spin_lock(&vcpu->kvm->mmu_lock);
> > @@ -2581,6 +2582,8 @@ static int tdp_page_fault(struct kvm_vcp
> > pfn_t pfn;
> > int r;
> > int level;
> > + int writable;
> > + int write = error_code & PFERR_WRITE_MASK;
> > gfn_t gfn = gpa >> PAGE_SHIFT;
> > unsigned long mmu_seq;
> >
> > @@ -2597,15 +2600,14 @@ static int tdp_page_fault(struct kvm_vcp
> >
> > mmu_seq = vcpu->kvm->mmu_notifier_seq;
> > smp_rmb();
> > - pfn = gfn_to_pfn(vcpu->kvm, gfn);
> > - if (is_error_pfn(pfn))
> > + pfn = gfn_to_pfn(vcpu->kvm, gfn, &writable);
> > + if (is_error_pfn(pfn) || !writable)
> Why would we fail read only access to read only memory? Shouldn't we
> check access type here?
>
> --
> Gleb.
Next patch does that.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
