Along the line with observations in the context of XSA-448, no field in struct gnttab_copy_ptr is relevant when no data is to be copied, much like e.g. the pointers passed to memcpy() are irrelevant (and would never be "validated") when the passed length is zero.
Signed-off-by: Jan Beulich <[email protected]> --- a/xen/common/grant_table.c +++ b/xen/common/grant_table.c @@ -3061,6 +3061,9 @@ static int gnttab_copy_one(const struct { int rc; + if ( unlikely(!op->len) ) + return GNTST_okay; + if ( !src->domain || op->source.domid != src->ptr.domid || !dest->domain || op->dest.domid != dest->ptr.domid ) {
