[IA64] Fix security vulnerability

DomU can map any other domain's memory.

Signed-off-by: Kouya Shimura <kouya@jp.fujitsu.com>
xen-unstable changeset:   16719:235bef53d5bd04b4ac3b0c443369fa09d5d99e48
xen-unstable date:        Tue Jan 15 07:07:01 2008 -0700

diff --git a/xen/arch/ia64/xen/dom0_ops.c b/xen/arch/ia64/xen/dom0_ops.c
index 4671ccd38cd6ec18c5136fdb15bacaa86510eeb9..d11136f08417657f348b3173bbf019e69363ba0b 100644 (file)
--- a/xen/arch/ia64/xen/dom0_ops.c
+++ b/xen/arch/ia64/xen/dom0_ops.c
@@ -420,10 +420,14 @@ do_dom0vp_op(unsigned long cmd,
         ret = dom0vp_zap_physmap(d, arg0, (unsigned int)arg1);
         break;
     case IA64_DOM0VP_add_physmap:
+        if (!IS_PRIV(d))
+            return -EPERM;
         ret = dom0vp_add_physmap(d, arg0, arg1, (unsigned int)arg2,
                                  (domid_t)arg3);
         break;
     case IA64_DOM0VP_add_physmap_with_gmfn:
+        if (!IS_PRIV(d))
+            return -EPERM;
         ret = dom0vp_add_physmap_with_gmfn(d, arg0, arg1, (unsigned int)arg2,
                                            (domid_t)arg3);
         break;