|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen stable-4.2] forbid PV guest console reads
commit 29de283bdb3f547030012c4a4486e59e3d53fa27
Author: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
AuthorDate: Tue Oct 22 12:04:43 2013 +0200
Commit: Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Tue Oct 22 12:04:43 2013 +0200
forbid PV guest console reads
The CONSOLEIO_read operation was incorrectly allowed to PV guests if the
hypervisor was compiled in debug mode (with VERBOSE defined).
Reported-by: Jan Beulich <jbeulich@xxxxxxxx>
Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
master commit: 65ba631bcb62c79eb33ebfde8a0471fd012c37a8
master date: 2013-10-04 12:51:44 +0200
---
xen/drivers/char/console.c | 9 ++++++---
1 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/xen/drivers/char/console.c b/xen/drivers/char/console.c
index e10bed5..ef24f63 100644
--- a/xen/drivers/char/console.c
+++ b/xen/drivers/char/console.c
@@ -363,11 +363,14 @@ long do_console_io(int cmd, int count,
XEN_GUEST_HANDLE(char) buffer)
long rc;
unsigned int idx, len;
-#ifndef VERBOSE
- /* Only domain 0 may access the emergency console. */
if ( current->domain->domain_id != 0 )
- return -EPERM;
+#ifndef VERBOSE
+ /* Only domain 0 may access the emergency console. */
+#else
+ /* Only console writes are permitted for other than Dom0. */
+ if ( cmd != CONSOLEIO_write )
#endif
+ return -EPERM;
rc = xsm_console_io(current->domain, cmd);
if ( rc )
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.2
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |