|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen-unstable] tools/ocaml: oxenstored: correctly handle a full ring.
# HG changeset patch
# User Ian Campbell <ian.campbell@xxxxxxxxxx>
# Date 1360920283 0
# Node ID 759574df84a6e61205e0c28b33243e08a4476045
# Parent 3565d957839fe7a2c16528b93db18f70ef14323b
tools/ocaml: oxenstored: correctly handle a full ring.
Change 26521:2c0fd406f02c (part of XSA-38 / CVE-2013-0215) incorrectly
caused us to ignore rather than process a completely full ring. Check if
producer and consumer are equal before masking to avoid this, since prod ==
cons + PAGE_SIZE after masking becomes prod == cons.
Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
Acked-by: Keir Fraser <keir@xxxxxxx>
Committed-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
---
diff -r 3565d957839f -r 759574df84a6 tools/ocaml/libs/xb/xs_ring_stubs.c
--- a/tools/ocaml/libs/xb/xs_ring_stubs.c Fri Feb 15 09:47:17 2013 +0100
+++ b/tools/ocaml/libs/xb/xs_ring_stubs.c Fri Feb 15 09:24:43 2013 +0000
@@ -45,10 +45,10 @@ static int xs_ring_read(struct mmap_inte
cons = *(volatile uint32*)&intf->req_cons;
prod = *(volatile uint32*)&intf->req_prod;
xen_mb();
+ if (prod == cons)
+ return 0;
cons = MASK_XENSTORE_IDX(cons);
prod = MASK_XENSTORE_IDX(prod);
- if (prod == cons)
- return 0;
if (prod > cons)
to_read = prod - cons;
else
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |