[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] tmem: only allow tmem control operations from privileged domains

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
From: Xen patchbot-unstable <patchbot@xxxxxxx>
Date: Fri, 14 Sep 2012 10:55:15 +0000
Delivery-date: Fri, 14 Sep 2012 10:55:23 +0000
List-id: "Change log for Mercurial \(receive only\)" <xen-changelog.lists.xen.org>

# HG changeset patch
# User Ian Campbell <ian.campbell@xxxxxxxxxx>
# Date 1347365190 -7200
# Node ID 0dba5a8886556f1b92e59eb19c570ad1704037f6
# Parent  90533f3b6babfda56edbbefda47c46b391204132
tmem: only allow tmem control operations from privileged domains

This is part of XSA-15 / CVE-2012-3497.

Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
Committed-by: Jan Beulich <jbeulich@xxxxxxxx>
---


diff -r 90533f3b6bab -r 0dba5a888655 xen/common/tmem.c
--- a/xen/common/tmem.c Tue Sep 11 14:03:12 2012 +0200
+++ b/xen/common/tmem.c Tue Sep 11 14:06:30 2012 +0200
@@ -2541,10 +2541,8 @@ static NOINLINE int do_tmem_control(stru
     OID *oidp = (OID *)(&op->u.ctrl.oid[0]);
 
     if (!tmh_current_is_privileged())
-    {
-        /* don't fail... mystery: sometimes dom0 fails here */
-        /* return -EPERM; */
-    }
+        return -EPERM;
+
     switch(subop)
     {
     case TMEMC_THAW:

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

Prev by Date: [Xen-changelog] [xen-unstable] amd iommu: remove unnecessary map/unmap for l1 page tables
Next by Date: [Xen-changelog] [xen-unstable] tmem: consistently make pool_id a uint32_t
Previous by thread: [Xen-changelog] [xen-unstable] amd iommu: remove unnecessary map/unmap for l1 page tables
Next by thread: [Xen-changelog] [xen-unstable] tmem: consistently make pool_id a uint32_t
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.