[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen stable-4.9] ARM: disable grant table v2
commit ab34a431135b09fcf0f626e535e322cc82174b9a Author: Stefano Stabellini <sstabellini@xxxxxxxxxx> AuthorDate: Tue Aug 14 11:20:53 2018 +0100 Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> CommitDate: Tue Aug 14 17:01:56 2018 +0100 ARM: disable grant table v2 It was never expected to work, the implementation is incomplete. As a side effect, it also prevents guests from triggering a "BUG_ON(page_get_owner(pg) != d)" in gnttab_unpopulate_status_frames(). This is XSA-268. Signed-off-by: Stefano Stabellini <sstabellini@xxxxxxxxxx> Acked-by: Jan Beulich <jbeulich@xxxxxxxx> (cherry picked from commit 9a5c16a3e75778c8a094ca87784d93b74676f46c) --- docs/misc/xen-command-line.markdown | 2 ++ xen/common/grant_table.c | 6 +++++- xen/include/asm-arm/grant_table.h | 1 + 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/docs/misc/xen-command-line.markdown b/docs/misc/xen-command-line.markdown index 0f0376da81..014476c57d 100644 --- a/docs/misc/xen-command-line.markdown +++ b/docs/misc/xen-command-line.markdown @@ -885,6 +885,8 @@ version are 1 and 2. use of grant table v2 without transitive grants is an ABI breakage from the guests point of view. +The usage of gnttab v2 is not security supported on ARM platforms. + ### gnttab\_max\_frames > `= <integer>` diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c index 95f9443ce8..7106e0b006 100644 --- a/xen/common/grant_table.c +++ b/xen/common/grant_table.c @@ -62,7 +62,11 @@ integer_param("gnttab_max_frames", max_grant_frames); static unsigned int __read_mostly max_maptrack_frames; integer_param("gnttab_max_maptrack_frames", max_maptrack_frames); -static unsigned int __read_mostly opt_gnttab_max_version = 2; +#ifndef GNTTAB_MAX_VERSION +#define GNTTAB_MAX_VERSION 2 +#endif + +static unsigned int __read_mostly opt_gnttab_max_version = GNTTAB_MAX_VERSION; static bool __read_mostly opt_transitive_grants = true; static int __init parse_gnttab(const char *s) diff --git a/xen/include/asm-arm/grant_table.h b/xen/include/asm-arm/grant_table.h index 2f9224fb7a..b47220c1c6 100644 --- a/xen/include/asm-arm/grant_table.h +++ b/xen/include/asm-arm/grant_table.h @@ -4,6 +4,7 @@ #include <xen/grant_table.h> #define INITIAL_NR_GRANT_FRAMES 4 +#define GNTTAB_MAX_VERSION 1 void gnttab_clear_flag(unsigned long nr, uint16_t *addr); int create_grant_host_mapping(unsigned long gpaddr, -- generated by git-patchbot for /home/xen/git/xen.git#stable-4.9 _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/xen-changelog
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |