Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
---
xen/xsm/flask/hooks.c | 12 +++++++++---
1 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 2cb3e16..80c1f70 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1016,6 +1016,9 @@ static int flask_mmu_normal_update(struct domain *d, struct domain *f,
struct domain_security_struct *dsec;
u32 fsid;
+ if ( !(l1e_get_flags(l1e_from_intpte(fpte)) & _PAGE_PRESENT) )
+ return 0;
+
dsec = d->ssid;
if ( l1e_get_flags(l1e_from_intpte(fpte)) & _PAGE_RW )
@@ -1053,6 +1056,12 @@ static int flask_update_va_mapping(struct domain *d, struct domain *f,
unsigned long mfn;
struct domain_security_struct *dsec;
+ if ( !(l1e_get_flags(pte) & _PAGE_PRESENT) )
+ return 0;
+
+ if ( l1e_get_flags(pte) & _PAGE_RW )
+ map_perms |= MMU__MAP_WRITE;
+
dsec = d->ssid;
mfn = get_gfn_untyped(f, l1e_get_pfn(pte));
@@ -1060,9 +1069,6 @@ static int flask_update_va_mapping(struct domain *d, struct domain *f,
if ( rc )
return rc;
- if ( l1e_get_flags(pte) & _PAGE_RW )
- map_perms |= MMU__MAP_WRITE;
-
return avc_has_perm(dsec->sid, psid, SECCLASS_MMU, map_perms, NULL);
}
--
1.7.7.3
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
---
xen/xsm/flask/hooks.c | 12 +++++++++---
1 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 2cb3e16..80c1f70 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1016,6 +1016,9 @@ static int flask_mmu_normal_update(struct domain *d, struct domain *f,
struct domain_security_struct *dsec;
u32 fsid;
+ if ( !(l1e_get_flags(l1e_from_intpte(fpte)) & _PAGE_PRESENT) )
+ return 0;
+
dsec = d->ssid;
if ( l1e_get_flags(l1e_from_intpte(fpte)) & _PAGE_RW )
@@ -1053,6 +1056,12 @@ static int flask_update_va_mapping(struct domain *d, struct domain *f,
unsigned long mfn;
struct domain_security_struct *dsec;
+ if ( !(l1e_get_flags(pte) & _PAGE_PRESENT) )
+ return 0;
+
+ if ( l1e_get_flags(pte) & _PAGE_RW )
+ map_perms |= MMU__MAP_WRITE;
+
dsec = d->ssid;
mfn = get_gfn_untyped(f, l1e_get_pfn(pte));
@@ -1060,9 +1069,6 @@ static int flask_update_va_mapping(struct domain *d, struct domain *f,
if ( rc )
return rc;
- if ( l1e_get_flags(pte) & _PAGE_RW )
- map_perms |= MMU__MAP_WRITE;
-
return avc_has_perm(dsec->sid, psid, SECCLASS_MMU, map_perms, NULL);
}
--
1.7.7.3
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel