[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH for-4.8 2/2] libxl: disallow enabling PoD and ALTP2M at the same time



> From: Wei Liu [mailto:wei.liu2@xxxxxxxxxx]
> Sent: Friday, November 04, 2016 12:42 AM
> 
> That combination would cause Xen to crash.
> 
> Note that although this is a security issue, is not XSA-worthy because
> ALTP2M is experimental.
> 
> Signed-off-by: Wei Liu <wei.liu2@xxxxxxxxxx>
> ---
> Move the snippet to the correct location after altp2m is correctly
> initialised. Also correctly set ret before exiting.
> 
> Cc: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
> Cc: Jan Beulich <JBeulich@xxxxxxxx>
> Cc: George Dunlap <george.dunlap@xxxxxxxxxxxxx>,
> Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> Cc: Kevin Tian <kevin.tian@xxxxxxxxx>
> Cc: Jun Nakajima <jun.nakajima@xxxxxxxxx>
> ---
>  tools/libxl/libxl_create.c | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 
> diff --git a/tools/libxl/libxl_create.c b/tools/libxl/libxl_create.c
> index abd2272..7c1695a 100644
> --- a/tools/libxl/libxl_create.c
> +++ b/tools/libxl/libxl_create.c
> @@ -915,6 +915,14 @@ static void initiate_domain_create(libxl__egc *egc,
>          goto error_out;
>      }
> 
> +    if (d_config->c_info.type == LIBXL_DOMAIN_TYPE_HVM &&
> +        libxl_defbool_val(d_config->b_info.u.hvm.altp2m) &&
> +        pod_enabled) {
> +        ret = ERROR_INVAL;
> +        LOG(ERROR, "Cannot enable PoD and ALTP2M at the same time");
> +        goto error_out;
> +    }
> +
>      ret = libxl__domain_make(gc, d_config, &domid, &state->config);
>      if (ret) {
>          LOG(ERROR, "cannot make domain: %d", ret);
> --
> 2.1.4

Reviewed-by: Kevin Tian <kevin.tian@xxxxxxxxx>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.