Unlike for GNTTABOP_setup_table native and compat frame lists are arrays of the same type (uint64_t). Hence there's no need to translate the frame values. This then also renders unnecessary the limit_max parameter of gnttab_get_status_frames().
Signed-off-by: Jan Beulich <[email protected]> --- a/xen/common/compat/grant_table.c +++ b/xen/common/compat/grant_table.c @@ -271,10 +271,7 @@ int compat_grant_table_op(unsigned int c } break; - case GNTTABOP_get_status_frames: { - unsigned int max_frame_list_size_in_pages = - (COMPAT_ARG_XLAT_SIZE - sizeof(*nat.get_status)) / - sizeof(*nat.get_status->frame_list.p); + case GNTTABOP_get_status_frames: if ( count != 1) { rc = -EINVAL; @@ -289,38 +286,25 @@ int compat_grant_table_op(unsigned int c } #define XLAT_gnttab_get_status_frames_HNDL_frame_list(_d_, _s_) \ - set_xen_guest_handle((_d_)->frame_list, (uint64_t *)(nat.get_status + 1)) + guest_from_compat_handle((_d_)->frame_list, (_s_)->frame_list) XLAT_gnttab_get_status_frames(nat.get_status, &cmp.get_status); #undef XLAT_gnttab_get_status_frames_HNDL_frame_list rc = gnttab_get_status_frames( - guest_handle_cast(nat.uop, gnttab_get_status_frames_t), - count, max_frame_list_size_in_pages); + guest_handle_cast(nat.uop, gnttab_get_status_frames_t), count); if ( rc >= 0 ) { -#define XLAT_gnttab_get_status_frames_HNDL_frame_list(_d_, _s_) \ - do \ - { \ - if ( (_s_)->status == GNTST_okay ) \ - { \ - for ( i = 0; i < (_s_)->nr_frames; ++i ) \ - { \ - uint64_t frame = (_s_)->frame_list.p[i]; \ - if ( __copy_to_compat_offset((_d_)->frame_list, \ - i, &frame, 1) ) \ - (_s_)->status = GNTST_bad_virt_addr; \ - } \ - } \ - } while (0) - XLAT_gnttab_get_status_frames(&cmp.get_status, nat.get_status); -#undef XLAT_gnttab_get_status_frames_HNDL_frame_list - if ( unlikely(__copy_to_guest(cmp_uop, &cmp.get_status, 1)) ) + XEN_GUEST_HANDLE_PARAM(gnttab_get_status_frames_compat_t) get = + guest_handle_cast(cmp_uop, + gnttab_get_status_frames_compat_t); + + if ( unlikely(__copy_field_to_guest(get, nat.get_status, + status)) ) rc = -EFAULT; else i = 1; } break; - } default: domain_crash(current->domain); --- a/xen/common/grant_table.c +++ b/xen/common/grant_table.c @@ -3242,7 +3242,7 @@ gnttab_set_version(XEN_GUEST_HANDLE_PARA static long gnttab_get_status_frames(XEN_GUEST_HANDLE_PARAM(gnttab_get_status_frames_t) uop, - unsigned int count, unsigned int limit_max) + unsigned int count) { gnttab_get_status_frames_t op; struct domain *d; @@ -3292,15 +3292,6 @@ gnttab_get_status_frames(XEN_GUEST_HANDL goto unlock; } - if ( unlikely(limit_max < op.nr_frames) ) - { - gdprintk(XENLOG_WARNING, - "nr_status_frames for %pd is too large (%u,%u)\n", - d, op.nr_frames, limit_max); - op.status = GNTST_general_error; - goto unlock; - } - for ( i = 0; i < op.nr_frames; i++ ) { gmfn = gfn_x(gnttab_status_gfn(d, gt, i)); @@ -3664,8 +3655,7 @@ do_grant_table_op( case GNTTABOP_get_status_frames: rc = gnttab_get_status_frames( - guest_handle_cast(uop, gnttab_get_status_frames_t), count, - UINT_MAX); + guest_handle_cast(uop, gnttab_get_status_frames_t), count); break; case GNTTABOP_get_version:
