authorRusty Russell <>2013-09-05 17:45:39 +0930
committerRusty Russell <>2013-09-06 08:09:26 +0930
lguest: fix BUG_ON() in invalid guest page table.
If we discover the entry is invalid, we kill the guest, but we must avoid calling gpte_addr() on the invalid pmd, otherwise: kernel BUG at drivers/lguest/page_tables.c:157! Signed-off-by: Rusty Russell <>
diff --git a/drivers/lguest/page_tables.c b/drivers/lguest/page_tables.c
--- a/drivers/lguest/page_tables.c
+++ b/drivers/lguest/page_tables.c
@@ -669,8 +669,10 @@ unsigned long guest_pa(struct lg_cpu *cpu, unsigned long vaddr)
#ifdef CONFIG_X86_PAE
gpmd = lgread(cpu, gpmd_addr(gpgd, vaddr), pmd_t);
- if (!(pmd_flags(gpmd) & _PAGE_PRESENT))
+ if (!(pmd_flags(gpmd) & _PAGE_PRESENT)) {
kill_guest(cpu, "Bad address %#lx", vaddr);
+ return -1UL;
+ }
gpte = lgread(cpu, gpte_addr(cpu, gpmd, vaddr), pte_t);
gpte = lgread(cpu, gpte_addr(cpu, gpgd, vaddr), pte_t);