From 16bae237b197bc925a60c5c783004e609e9b43c1 Mon Sep 17 00:00:00 2001
From: Ian Campbell <ian.campbell@citrix.com>
Date: Tue, 25 Sep 2012 12:24:06 +0200
Subject: [PATCH] tmem: only allow tmem control operations from privileged
 domains

This is part of XSA-15 / CVE-2012-3497.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Dan Magenheimer <dan.magenheimer@oracle.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
xen-unstable changeset: 25850:0dba5a888655
xen-unstable date: Tue Sep 11 12:06:30 UTC 2012
---
 xen/common/tmem.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/xen/common/tmem.c b/xen/common/tmem.c
index 1c155db690..06c9e0eaed 100644
--- a/xen/common/tmem.c
+++ b/xen/common/tmem.c
@@ -2544,10 +2544,8 @@ static NOINLINE int do_tmem_control(struct tmem_op *op)
     OID *oidp = (OID *)(&op->u.ctrl.oid[0]);
 
     if (!tmh_current_is_privileged())
-    {
-        /* don't fail... mystery: sometimes dom0 fails here */
-        /* return -EPERM; */
-    }
+        return -EPERM;
+
     switch(subop)
     {
     case TMEMC_THAW:
-- 
2.39.5