[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen master] x86: remove IS_PRIV access check bypasses

commit 764012376a096a45bced88ee2ec1a6c17c6c22c7
Author:     Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
AuthorDate: Thu Apr 18 17:01:45 2013 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Thu Apr 18 17:01:45 2013 +0200

    x86: remove IS_PRIV access check bypasses
    
    Several domctl functions dealing with rangesets contain a short-circuit
    bypass if the domain is privileged. Since the construction of domain 0
    permits access to all I/O ranges, the call to irq_access_permitted will
    normally return true even without the IS_PRIV check, and the presence of
    the IS_PRIV check prevents the creation of a privileged domain without
    access to specific devices or IO memory ranges.
    
    Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
---
 xen/arch/x86/domctl.c |    6 ++----
 xen/arch/x86/irq.c    |    3 +--
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c
index 8fb4fa9..9580390 100644
--- a/xen/arch/x86/domctl.c
+++ b/xen/arch/x86/domctl.c
@@ -645,8 +645,7 @@ long arch_do_domctl(
             break;
 
         ret = -EPERM;
-        if ( !IS_PRIV(current->domain) &&
-             !iomem_access_permitted(current->domain, mfn, mfn + nr_mfns - 1) )
+        if ( !iomem_access_permitted(current->domain, mfn, mfn + nr_mfns - 1) )
             break;
 
         ret = xsm_iomem_mapping(XSM_HOOK, d, mfn, mfn + nr_mfns - 1, add);
@@ -723,8 +722,7 @@ long arch_do_domctl(
         }
 
         ret = -EPERM;
-        if ( !IS_PRIV(current->domain) &&
-             !ioports_access_permitted(current->domain, fmp, fmp + np - 1) )
+        if ( !ioports_access_permitted(current->domain, fmp, fmp + np - 1) )
             break;
 
         ret = xsm_ioport_mapping(XSM_HOOK, d, fmp, fmp + np - 1, add);
diff --git a/xen/arch/x86/irq.c b/xen/arch/x86/irq.c
index bbf4130..b0b0c65 100644
--- a/xen/arch/x86/irq.c
+++ b/xen/arch/x86/irq.c
@@ -1891,8 +1891,7 @@ int map_domain_pirq(
 
     ASSERT(spin_is_locked(&d->event_lock));
 
-    if ( !IS_PRIV(current->domain) &&
-         !irq_access_permitted(current->domain, irq))
+    if ( !irq_access_permitted(current->domain, irq))
         return -EPERM;
 
     if ( pirq < 0 || pirq >= d->nr_pirqs || irq < 0 || irq >= nr_irqs )
--
generated by git-patchbot for /home/xen/git/xen.git#master

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.