ia64/xen-unstable

changeset 16015:0416abdd0efd

xsm:acm: Fix nul dereference bug (take 2).
Signed-off-by: George Coker <gscoker@alpha.ncsc.mil>
author Keir Fraser <keir@xensource.com>
date Mon Oct 01 06:36:25 2007 +0100 (2007-10-01)
parents db075ecf29b2
children 5c7afb32df99
files xen/include/xsm/acm/acm_core.h xen/include/xsm/acm/acm_hooks.h xen/xsm/acm/acm_core.c
line diff
     1.1 --- a/xen/include/xsm/acm/acm_core.h	Mon Oct 01 06:35:40 2007 +0100
     1.2 +++ b/xen/include/xsm/acm/acm_core.h	Mon Oct 01 06:36:25 2007 +0100
     1.3 @@ -154,7 +154,7 @@ static inline int acm_array_append_tuple
     1.4  
     1.5  /* protos */
     1.6  int acm_init_domain_ssid(struct domain *, ssidref_t ssidref);
     1.7 -void acm_free_domain_ssid(struct acm_ssid_domain *ssid);
     1.8 +void acm_free_domain_ssid(struct domain *);
     1.9  int acm_init_binary_policy(u32 policy_code);
    1.10  int acm_set_policy(XEN_GUEST_HANDLE_64(void) buf, u32 buf_size);
    1.11  int do_acm_set_policy(void *buf, u32 buf_size, int is_bootpolicy,
     2.1 --- a/xen/include/xsm/acm/acm_hooks.h	Mon Oct 01 06:35:40 2007 +0100
     2.2 +++ b/xen/include/xsm/acm/acm_hooks.h	Mon Oct 01 06:36:25 2007 +0100
     2.3 @@ -258,7 +258,7 @@ static inline void acm_domain_destroy(st
     2.4              acm_secondary_ops->domain_destroy(ssid, d);
     2.5          /* free security ssid for the destroyed domain (also if null policy */
     2.6          acm_domain_ssid_off_list(ssid);
     2.7 -        acm_free_domain_ssid((struct acm_ssid_domain *)(ssid));
     2.8 +        acm_free_domain_ssid(d);
     2.9      }
    2.10  }
    2.11  
    2.12 @@ -294,7 +294,7 @@ static inline int acm_domain_create(stru
    2.13      {
    2.14          acm_domain_ssid_onto_list(d->ssid);
    2.15      } else {
    2.16 -        acm_free_domain_ssid(d->ssid);
    2.17 +        acm_free_domain_ssid(d);
    2.18      }
    2.19  
    2.20  error_out:
     3.1 --- a/xen/xsm/acm/acm_core.c	Mon Oct 01 06:35:40 2007 +0100
     3.2 +++ b/xen/xsm/acm/acm_core.c	Mon Oct 01 06:36:25 2007 +0100
     3.3 @@ -361,7 +361,7 @@ int acm_init_domain_ssid(struct domain *
     3.4      {
     3.5          printk("%s: ERROR instantiating individual ssids for domain 0x%02x.\n",
     3.6                 __func__, subj->domain_id);
     3.7 -        acm_free_domain_ssid(ssid);
     3.8 +        acm_free_domain_ssid(subj);
     3.9          return ACM_INIT_SSID_ERROR;
    3.10      }
    3.11  
    3.12 @@ -372,8 +372,10 @@ int acm_init_domain_ssid(struct domain *
    3.13  
    3.14  
    3.15  void
    3.16 -acm_free_domain_ssid(struct acm_ssid_domain *ssid)
    3.17 +acm_free_domain_ssid(struct domain *d)
    3.18  {
    3.19 +    struct acm_ssid_domain *ssid = d->ssid;
    3.20 +    
    3.21      /* domain is already gone, just ssid is left */
    3.22      if (ssid == NULL)
    3.23          return;
    3.24 @@ -387,6 +389,8 @@ acm_free_domain_ssid(struct acm_ssid_dom
    3.25      ssid->secondary_ssid = NULL;
    3.26  
    3.27      xfree(ssid);
    3.28 +    d->ssid = NULL;
    3.29 +    
    3.30      printkd("%s: Freed individual domain ssid (domain=%02x).\n",
    3.31              __func__, id);
    3.32  }