[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 21/22] libxc: range checks in xc_dom_p2m_host and _guest

On Tue, Jun 11, 2013 at 7:21 PM, Ian Jackson <ian.jackson@xxxxxxxxxxxxx> wrote:
> These functions take guest pfns and look them up in the p2m.  They did
> no range checking.
>
> However, some callers, notably xc_dom_boot.c:setup_hypercall_page want
> to pass untrusted guest-supplied value(s).  It is most convenient to
> detect this here and return INVALID_MFN.
>
> This is part of the fix to a security issue, XSA-55.
>
> Signed-off-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
> Cc: Tim Deegan <tim@xxxxxxx>

I've taken a look at where things get returned here, and it seems like
they should all be OK with INVALID_MFN.

Reviewed-by: George Dunlap <george.dunlap@xxxxxxxxxxxxx>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.