ia64/xen-unstable

changeset 8799:b246f429f683

Prevent a guest from specifying its own domain id when
making a 'foreign' page mapping. It must use DOMID_SELF.

Signed-off-by: Keir Fraser <keir@xensource.com>
author kaf24@firebug.cl.cam.ac.uk
date Wed Feb 08 17:26:20 2006 +0100 (2006-02-08)
parents 6ba371536f5c
children 974ed9f73641
files xen/arch/x86/mm.c
line diff
     1.1 --- a/xen/arch/x86/mm.c	Wed Feb 08 17:25:14 2006 +0100
     1.2 +++ b/xen/arch/x86/mm.c	Wed Feb 08 17:26:20 2006 +0100
     1.3 @@ -1641,14 +1641,18 @@ static int set_foreigndom(unsigned int c
     1.4      struct domain *e, *d = current->domain;
     1.5      int okay = 1;
     1.6  
     1.7 -    if ( (e = percpu_info[cpu].foreign) != NULL )
     1.8 -        put_domain(e);
     1.9 -    percpu_info[cpu].foreign = NULL;
    1.10 -    
    1.11 -    if ( domid == DOMID_SELF )
    1.12 +    ASSERT(percpu_info[cpu].foreign == NULL);
    1.13 +
    1.14 +    if ( likely(domid == DOMID_SELF) )
    1.15          goto out;
    1.16  
    1.17 -    if ( !IS_PRIV(d) )
    1.18 +    if ( domid == d->domain_id )
    1.19 +    {
    1.20 +        MEM_LOG("Dom %u tried to specify itself as foreign domain",
    1.21 +                d->domain_id);
    1.22 +        okay = 0;
    1.23 +    }
    1.24 +    else if ( !IS_PRIV(d) )
    1.25      {
    1.26          switch ( domid )
    1.27          {
    1.28 @@ -1734,7 +1738,7 @@ int do_mmuext_op(
    1.29  
    1.30      if ( !set_foreigndom(cpu, foreigndom) )
    1.31      {
    1.32 -        rc = -EINVAL;
    1.33 +        rc = -ESRCH;
    1.34          goto out;
    1.35      }
    1.36  
    1.37 @@ -1993,7 +1997,7 @@ int do_mmu_update(
    1.38  
    1.39      if ( !set_foreigndom(cpu, foreigndom) )
    1.40      {
    1.41 -        rc = -EINVAL;
    1.42 +        rc = -ESRCH;
    1.43          goto out;
    1.44      }
    1.45  
    1.46 @@ -2580,18 +2584,13 @@ int do_update_va_mapping_otherdomain(uns
    1.47                                       domid_t domid)
    1.48  {
    1.49      unsigned int cpu = smp_processor_id();
    1.50 -    struct domain *d;
    1.51      int rc;
    1.52  
    1.53      if ( unlikely(!IS_PRIV(current->domain)) )
    1.54          return -EPERM;
    1.55  
    1.56 -    percpu_info[cpu].foreign = d = find_domain_by_id(domid);
    1.57 -    if ( unlikely(d == NULL) )
    1.58 -    {
    1.59 -        MEM_LOG("Unknown domain '%u'", domid);
    1.60 +    if ( !set_foreigndom(cpu, domid) )
    1.61          return -ESRCH;
    1.62 -    }
    1.63  
    1.64      rc = do_update_va_mapping(va, val64, flags);
    1.65