[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen master] x86: remove IS_PRIV bypass on IRQ check

commit abd10cf98fed1f8eb01b7826a171873a3b75c396
Author:     Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
AuthorDate: Fri Apr 19 10:50:08 2013 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Fri Apr 19 10:50:08 2013 +0200

    x86: remove IS_PRIV bypass on IRQ check
    
    This prevents a process in dom0 from granting a domU access to an IRQ 
without
    adding the IRQ to the domU's list of permitted IRQs. This operation 
currently
    succeeds in dom0 but would fail if the device model were running in a 
stubdom,
    so making the failure consistent should ease debugging of the device-model
    stubdoms.
    
    Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
---
 xen/arch/x86/domctl.c |   29 +++++++++--------------------
 1 files changed, 9 insertions(+), 20 deletions(-)

diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c
index 9580390..1f16ad2 100644
--- a/xen/arch/x86/domctl.c
+++ b/xen/arch/x86/domctl.c
@@ -565,9 +565,8 @@ long arch_do_domctl(
 
     case XEN_DOMCTL_bind_pt_irq:
     {
-        xen_domctl_bind_pt_irq_t * bind;
-
-        bind = &(domctl->u.bind_pt_irq);
+        xen_domctl_bind_pt_irq_t *bind = &domctl->u.bind_pt_irq;
+        int irq;
 
         ret = -EINVAL;
         if ( !is_hvm_domain(d) )
@@ -577,14 +576,10 @@ long arch_do_domctl(
         if ( ret )
             break;
 
+        irq = domain_pirq_to_irq(d, bind->machine_irq);
         ret = -EPERM;
-        if ( !IS_PRIV(current->domain) )
-        {
-            int irq = domain_pirq_to_irq(d, bind->machine_irq);
-
-            if ( irq <= 0 || !irq_access_permitted(current->domain, irq) )
-                break;
-        }
+        if ( irq <= 0 || !irq_access_permitted(current->domain, irq) )
+            break;
 
         ret = -ESRCH;
         if ( iommu_enabled )
@@ -601,18 +596,12 @@ long arch_do_domctl(
 
     case XEN_DOMCTL_unbind_pt_irq:
     {
-        xen_domctl_bind_pt_irq_t * bind;
-
-        bind = &(domctl->u.bind_pt_irq);
+        xen_domctl_bind_pt_irq_t *bind = &domctl->u.bind_pt_irq;
+        int irq = domain_pirq_to_irq(d, bind->machine_irq);
 
         ret = -EPERM;
-        if ( !IS_PRIV(current->domain) )
-        {
-            int irq = domain_pirq_to_irq(d, bind->machine_irq);
-
-            if ( irq <= 0 || !irq_access_permitted(current->domain, irq) )
-                break;
-        }
+        if ( irq <= 0 || !irq_access_permitted(current->domain, irq) )
+            break;
 
         ret = xsm_unbind_pt_irq(XSM_HOOK, d, bind);
         if ( ret )
--
generated by git-patchbot for /home/xen/git/xen.git#master

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.