[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] xen/x86: domctl: Don't leak data via XEN_DOMCTL_gethvmcontext

To: Julien Grall <julien@xxxxxxx>
From: Jan Beulich <jbeulich@xxxxxxxx>
Date: Mon, 27 Jan 2020 15:53:35 +0100
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Julien Grall <jgrall@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Delivery-date: Mon, 27 Jan 2020 14:53:26 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 27.01.2020 14:48, Julien Grall wrote:
> From: Julien Grall <jgrall@xxxxxxxxxx>
> 
> The HVM context may not fill up the full buffer passed by the caller.
> While we report corectly the size of the context, we will still be
> copying back the full size of the buffer.
> 
> As the buffer is allocated through xmalloc(), we will be copying some
> bits from the previous allocation.
> 
> Only copy back the part of the buffer used by the HVM context to prevent
> any leak.
> 
> Note that per XSA-72, this is not a security issue.
> 
> Signed-off-by: Julien Grall <jgrall@xxxxxxxxxx>

Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

References:
- [Xen-devel] [PATCH] xen/x86: domctl: Don't leak data via XEN_DOMCTL_gethvmcontext
  - From: Julien Grall

Prev by Date: Re: [Xen-devel] PVH PCI passthrough for DomUs
Next by Date: Re: [Xen-devel] Linux 5.5 fails to boot in VM
Previous by thread: [Xen-devel] [PATCH] xen/x86: domctl: Don't leak data via XEN_DOMCTL_gethvmcontext
Next by thread: [Xen-devel] Linux 5.5 fails to boot in VM
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.