From: Rusty Russell Date: Thu, 5 Sep 2013 08:15:39 +0000 (+0930) Subject: lguest: fix BUG_ON() in invalid guest page table. X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=4623c28e222d82f87537ef66db61ebcfbd8306db;p=GitHub%2FLineageOS%2FG12%2Fandroid_kernel_amlogic_linux-4.9.git lguest: fix BUG_ON() in invalid guest page table. If we discover the entry is invalid, we kill the guest, but we must avoid calling gpte_addr() on the invalid pmd, otherwise: kernel BUG at drivers/lguest/page_tables.c:157! Signed-off-by: Rusty Russell --- diff --git a/drivers/lguest/page_tables.c b/drivers/lguest/page_tables.c index a35d8d100165..bfb39bb56ef1 100644 --- a/drivers/lguest/page_tables.c +++ b/drivers/lguest/page_tables.c @@ -669,8 +669,10 @@ unsigned long guest_pa(struct lg_cpu *cpu, unsigned long vaddr) #ifdef CONFIG_X86_PAE gpmd = lgread(cpu, gpmd_addr(gpgd, vaddr), pmd_t); - if (!(pmd_flags(gpmd) & _PAGE_PRESENT)) + if (!(pmd_flags(gpmd) & _PAGE_PRESENT)) { kill_guest(cpu, "Bad address %#lx", vaddr); + return -1UL; + } gpte = lgread(cpu, gpte_addr(cpu, gpmd, vaddr), pte_t); #else gpte = lgread(cpu, gpte_addr(cpu, gpgd, vaddr), pte_t);