From: Philip Sanderson <philip.k.sanderson@gmail.com>
Date: Fri, 21 Jan 2011 03:37:28 +0000 (-0600)
Subject: lguest: example launcher to use guard pages, drop PROT_EXEC, fix limit logic
X-Git-Tag: v2.6.38-rc2~24^2~5
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5230ff0cccb0611830bb02b097535868df02752a;p=pandora-kernel.git

lguest: example launcher to use guard pages, drop PROT_EXEC, fix limit logic

PROT_EXEC seems to be completely unnecessary (as the lguest binary
never executes there), and will allow it to work with SELinux (and
more importantly, PaX :-) as they can/do forbid writable and
executable mappings.

Also, map PROT_NONE guard pages at start and end of guest memory for extra
paranoia.

I changed the length check to addr + size > guest_limit because >= is wrong
(addr of 0, size of getpagesize() with a guest_limit of getpagesize() would
false positive).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
---

Reading git-diff-tree failed