From 62d866385e5039807cd32c70ad52c41f94b8b760 Mon Sep 17 00:00:00 2001
From: Andrew Boie <andrew.p.boie@intel.com>
Date: Tue, 12 Feb 2019 14:28:58 -0800
Subject: [PATCH] x86: fix crash in _arch_buffer_validate

The code wasn't checking if the memory address to check
corresponded to a non-present page directory pointer
table entry.

Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
---
 arch/x86/core/x86_mmu.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/arch/x86/core/x86_mmu.c b/arch/x86/core/x86_mmu.c
index ba1bcc3f4c5..8087289c943 100644
--- a/arch/x86/core/x86_mmu.c
+++ b/arch/x86/core/x86_mmu.c
@@ -88,6 +88,11 @@ int _arch_buffer_validate(void *addr, size_t size, int write)
 			end_pde_num = MMU_PDE_NUM((char *)addr + size - 1);
 		}
 
+		/* Ensure page directory pointer table entry is present */
+		if (X86_MMU_GET_PDPTE_INDEX(&USER_PDPT, pdpte)->p == 0) {
+			return -EPERM;
+		}
+
 		struct x86_mmu_pd *pd_address =
 			X86_MMU_GET_PD_ADDR_INDEX(&USER_PDPT, pdpte);