WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-changelog

[Xen-changelog] [xen-3.2-testing] [IA64] Fix security vulnerability

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-3.2-testing] [IA64] Fix security vulnerability
From: "Xen patchbot-3.2-testing" <patchbot-3.2-testing@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 16 Jan 2008 09:50:40 -0800
Delivery-date: Wed, 16 Jan 2008 09:50:38 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1200408037 0
# Node ID d3744f8284da207e32795054e89f89423d3691ef
# Parent  6af8d29777a3a13375bd3ed967df616f7fc213e6
[IA64] Fix security vulnerability

DomU can map any other domain's memory.

Signed-off-by: Kouya Shimura <kouya@xxxxxxxxxxxxxx>
xen-unstable changeset:   16719:235bef53d5bd04b4ac3b0c443369fa09d5d99e48
xen-unstable date:        Tue Jan 15 07:07:01 2008 -0700
---
 xen/arch/ia64/xen/dom0_ops.c |    4 ++++
 1 files changed, 4 insertions(+)

diff -r 6af8d29777a3 -r d3744f8284da xen/arch/ia64/xen/dom0_ops.c
--- a/xen/arch/ia64/xen/dom0_ops.c      Tue Jan 15 11:33:05 2008 +0000
+++ b/xen/arch/ia64/xen/dom0_ops.c      Tue Jan 15 14:40:37 2008 +0000
@@ -522,10 +522,14 @@ do_dom0vp_op(unsigned long cmd,
         ret = dom0vp_zap_physmap(d, arg0, (unsigned int)arg1);
         break;
     case IA64_DOM0VP_add_physmap:
+        if (!IS_PRIV(d))
+            return -EPERM;
         ret = dom0vp_add_physmap(d, arg0, arg1, (unsigned int)arg2,
                                  (domid_t)arg3);
         break;
     case IA64_DOM0VP_add_physmap_with_gmfn:
+        if (!IS_PRIV(d))
+            return -EPERM;
         ret = dom0vp_add_physmap_with_gmfn(d, arg0, arg1, (unsigned int)arg2,
                                            (domid_t)arg3);
         break;

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-3.2-testing] [IA64] Fix security vulnerability, Xen patchbot-3.2-testing <=