debuggers.hg
changeset 16757:235bef53d5bd
[IA64] Fix security vulnerability
DomU can map any other domain's memory.
Signed-off-by: Kouya Shimura <kouya@jp.fujitsu.com>
DomU can map any other domain's memory.
Signed-off-by: Kouya Shimura <kouya@jp.fujitsu.com>
| author | Alex Williamson <alex.williamson@hp.com> |
|---|---|
| date | Tue Jan 15 07:07:01 2008 -0700 (2008-01-15) |
| parents | 973221f4d9c7 |
| children | d13c4d2836a8 |
| files | xen/arch/ia64/xen/dom0_ops.c |
line diff
1.1 --- a/xen/arch/ia64/xen/dom0_ops.c Tue Jan 15 11:29:15 2008 +0000 1.2 +++ b/xen/arch/ia64/xen/dom0_ops.c Tue Jan 15 07:07:01 2008 -0700 1.3 @@ -522,10 +522,14 @@ do_dom0vp_op(unsigned long cmd, 1.4 ret = dom0vp_zap_physmap(d, arg0, (unsigned int)arg1); 1.5 break; 1.6 case IA64_DOM0VP_add_physmap: 1.7 + if (!IS_PRIV(d)) 1.8 + return -EPERM; 1.9 ret = dom0vp_add_physmap(d, arg0, arg1, (unsigned int)arg2, 1.10 (domid_t)arg3); 1.11 break; 1.12 case IA64_DOM0VP_add_physmap_with_gmfn: 1.13 + if (!IS_PRIV(d)) 1.14 + return -EPERM; 1.15 ret = dom0vp_add_physmap_with_gmfn(d, arg0, arg1, (unsigned int)arg2, 1.16 (domid_t)arg3); 1.17 break;