|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen-unstable] [IA64] don't allow non-dom0 domains to set pte memory attributes
# HG changeset patch
# User awilliam@xxxxxxxxxxx
# Node ID be0a536b70cc4071a14b807d2aee643f92fba6ba
# Parent 9031316e52030ef5065cd424d117f88abb0106b9
[IA64] don't allow non-dom0 domains to set pte memory attributes
domUs shouldn't be allowed to set arbitrary memory attributes.
This could allow accessing system memory with uncached attributes,
leading to address aliasing, unsupported transactions, or worse.
Signed-off-by: Alex Williamson <alex.williamson@xxxxxx>
---
xen/arch/ia64/xen/mm.c | 8 ++++++++
1 files changed, 8 insertions(+)
diff -r 9031316e5203 -r be0a536b70cc xen/arch/ia64/xen/mm.c
--- a/xen/arch/ia64/xen/mm.c Wed Jun 21 10:15:46 2006 -0600
+++ b/xen/arch/ia64/xen/mm.c Wed Jun 21 10:25:00 2006 -0600
@@ -471,6 +471,14 @@ u64 translate_domain_pte(u64 pteval, u64
pteval2 |= (pteval & _PAGE_ED);
pteval2 |= _PAGE_PL_2; // force PL0->2 (PL3 is unaffected)
pteval2 = (pteval & ~_PAGE_PPN_MASK) | pteval2;
+ /*
+ * Don't let non-dom0 domains map uncached addresses. This can
+ * happen when domU tries to touch i/o port space. Also prevents
+ * possible address aliasing issues.
+ */
+ if (d != dom0)
+ pteval2 &= ~_PAGE_MA_MASK;
+
return pteval2;
}
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |