[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-ia64-devel] [PATCH] Fix security vulnerability

To: Isaku Yamahata <yamahata@xxxxxxxxxxxxx>
From: Kouya Shimura <kouya@xxxxxxxxxxxxxx>
Date: Tue, 15 Jan 2008 16:47:16 +0900
Cc: xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 14 Jan 2008 23:47:33 -0800
List-id: Discussion of the ia64 port of Xen <xen-ia64-devel.lists.xensource.com>

Isaku Yamahata writes:
> On Tue, Jan 15, 2008 at 03:52:45PM +0900, Kouya Shimura wrote:
> > DomU can map any other domain's memory.
> 
> What about add_io_space and un/expose_foreign_p2m?

I'm not sure they are breakable.
At first, I wrote the following patch. But domU never boot.
(do_dom0vp_op() is not only for dom0...)
Why don't you fix them?

===============================
unsigned long
do_dom0vp_op(unsigned long cmd,
             unsigned long arg0, unsigned long arg1, unsigned long arg2,
             unsigned long arg3)
{
    unsigned long ret = 0;
    struct domain *d = current->domain;

+   if ( !IS_PRIV(d) )
+       return -EPERM;
    switch (cmd) {
    case IA64_DOM0VP_ioremap:
===============================

Thanks,
Kouya

_______________________________________________
Xen-ia64-devel mailing list
Xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-ia64-devel

References:
- [Xen-ia64-devel] [PATCH] Fix security vulnerability
  - From: Kouya Shimura
- Re: [Xen-ia64-devel] [PATCH] Fix security vulnerability
  - From: Isaku Yamahata

Prev by Date: Re: [Xen-ia64-devel] [PATCH] Fix security vulnerability
Next by Date: [Xen-devel] Please pull ia64/xen-unstable.hg
Previous by thread: Re: [Xen-ia64-devel] [PATCH] Fix security vulnerability
Next by thread: [Xen-devel] Please pull ia64/xen-unstable.hg
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.