This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-ia64-devel] [PATCH][Linux] fix vulnerability of privcmd_mmap

To: Kouya Shimura <kouya@xxxxxxxxxxxxxx>
Subject: Re: [Xen-ia64-devel] [PATCH][Linux] fix vulnerability of privcmd_mmap
From: Alex Williamson <alex.williamson@xxxxxx>
Date: Fri, 22 Feb 2008 10:03:37 -0700
Cc: xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 22 Feb 2008 09:19:54 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <7kmypuu2d7.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-ia64-devel-request@lists.xensource.com?subject=help>
List-id: Discussion of the ia64 port of Xen <xen-ia64-devel.lists.xensource.com>
List-post: <mailto:xen-ia64-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-ia64-devel>, <mailto:xen-ia64-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-ia64-devel>, <mailto:xen-ia64-devel-request@lists.xensource.com?subject=unsubscribe>
Organization: OSLO R&D
References: <7kmypuu2d7.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-ia64-devel-bounces@xxxxxxxxxxxxxxxxxxx
On Thu, 2008-02-21 at 17:42 +0900, Kouya Shimura wrote:
> Hi,
> empty_zero_page can be polluted by writing to a page
> through privcmd_mmap(). 
> i.e. a user program can hang a privileged domain (dom0),
> although root privilege is required.
> An attached patch fixes it. resetting the VM_PFNMAP flag
> is a little bit kludge. Is there any better solution?
> After this patch is applied, other patches to Qemu become
> necessary to create a HVM domain. I'll post them later.

   Applied.  Thanks,


Alex Williamson                             HP Open Source & Linux Org.

Xen-ia64-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>