ia64/xen-unstable

changeset 16714:235bef53d5bd

[IA64] Fix security vulnerability

DomU can map any other domain's memory.

Signed-off-by: Kouya Shimura <kouya@jp.fujitsu.com>
author Alex Williamson <alex.williamson@hp.com>
date Tue Jan 15 07:07:01 2008 -0700 (2008-01-15)
parents 973221f4d9c7
children d13c4d2836a8
files xen/arch/ia64/xen/dom0_ops.c
line diff
     1.1 --- a/xen/arch/ia64/xen/dom0_ops.c	Tue Jan 15 11:29:15 2008 +0000
     1.2 +++ b/xen/arch/ia64/xen/dom0_ops.c	Tue Jan 15 07:07:01 2008 -0700
     1.3 @@ -522,10 +522,14 @@ do_dom0vp_op(unsigned long cmd,
     1.4          ret = dom0vp_zap_physmap(d, arg0, (unsigned int)arg1);
     1.5          break;
     1.6      case IA64_DOM0VP_add_physmap:
     1.7 +        if (!IS_PRIV(d))
     1.8 +            return -EPERM;
     1.9          ret = dom0vp_add_physmap(d, arg0, arg1, (unsigned int)arg2,
    1.10                                   (domid_t)arg3);
    1.11          break;
    1.12      case IA64_DOM0VP_add_physmap_with_gmfn:
    1.13 +        if (!IS_PRIV(d))
    1.14 +            return -EPERM;
    1.15          ret = dom0vp_add_physmap_with_gmfn(d, arg0, arg1, (unsigned int)arg2,
    1.16                                             (domid_t)arg3);
    1.17          break;