# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1200408037 0
# Node ID d3744f8284da207e32795054e89f89423d3691ef
# Parent 6af8d29777a3a13375bd3ed967df616f7fc213e6
[IA64] Fix security vulnerability
DomU can map any other domain's memory.
Signed-off-by: Kouya Shimura <kouya@xxxxxxxxxxxxxx>
xen-unstable changeset: 16719:235bef53d5bd04b4ac3b0c443369fa09d5d99e48
xen-unstable date: Tue Jan 15 07:07:01 2008 -0700
---
xen/arch/ia64/xen/dom0_ops.c | 4 ++++
1 files changed, 4 insertions(+)
diff -r 6af8d29777a3 -r d3744f8284da xen/arch/ia64/xen/dom0_ops.c
--- a/xen/arch/ia64/xen/dom0_ops.c Tue Jan 15 11:33:05 2008 +0000
+++ b/xen/arch/ia64/xen/dom0_ops.c Tue Jan 15 14:40:37 2008 +0000
@@ -522,10 +522,14 @@ do_dom0vp_op(unsigned long cmd,
ret = dom0vp_zap_physmap(d, arg0, (unsigned int)arg1);
break;
case IA64_DOM0VP_add_physmap:
+ if (!IS_PRIV(d))
+ return -EPERM;
ret = dom0vp_add_physmap(d, arg0, arg1, (unsigned int)arg2,
(domid_t)arg3);
break;
case IA64_DOM0VP_add_physmap_with_gmfn:
+ if (!IS_PRIV(d))
+ return -EPERM;
ret = dom0vp_add_physmap_with_gmfn(d, arg0, arg1, (unsigned int)arg2,
(domid_t)arg3);
break;
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|