WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-changelog

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-changelog] [xen-unstable] domctl: don't allow certain operations on

from [Xen patchbot-unstable] [Permanent Link][Original]
To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] domctl: don't allow certain operations on Dom0
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Mon, 22 Sep 2008 11:20:14 -0700
Delivery-date: Mon, 22 Sep 2008 11:20:27 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx 
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1222093225 -3600
# Node ID 1c09b810f97757288a0908b22d9d2b11c5d13501
# Parent  40233384ffe31a0238743618755a906209c79763
domctl: don't allow certain operations on Dom0

XEN_DOMCTL_setvcpucontext, XEN_DOMCTL_max_vcpus, and
XEN_DOMCTL_setdebugging don't seem to allow Dom0 as the subject domain
(based on the criteria that they pause that domain in order to do
their job).

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx>
Signed-off-by: Keir Fraser <keir.fraser@xxxxxxxxxx>
---
 xen/common/domctl.c |   22 +++++++++++++++++-----
 1 files changed, 17 insertions(+), 5 deletions(-)

diff -r 40233384ffe3 -r 1c09b810f977 xen/common/domctl.c
--- a/xen/common/domctl.c       Mon Sep 22 15:15:19 2008 +0100
+++ b/xen/common/domctl.c       Mon Sep 22 15:20:25 2008 +0100
@@ -223,7 +223,8 @@ long do_domctl(XEN_GUEST_HANDLE(xen_domc
             goto svc_out;
 
         ret = -EINVAL;
-        if ( (vcpu >= MAX_VIRT_CPUS) || ((v = d->vcpu[vcpu]) == NULL) )
+        if ( (d == current->domain) || /* no domain_pause() */
+             (vcpu >= MAX_VIRT_CPUS) || ((v = d->vcpu[vcpu]) == NULL) )
             goto svc_out;
 
         if ( guest_handle_is_null(op->u.vcpucontext.ctxt) )
@@ -392,13 +393,17 @@ long do_domctl(XEN_GUEST_HANDLE(xen_domc
         struct domain *d;
         unsigned int i, max = op->u.max_vcpus.max, cpu;
 
-        ret = -EINVAL;
-        if ( max > MAX_VIRT_CPUS )
-            break;
-
         ret = -ESRCH;
         if ( (d = rcu_lock_domain_by_id(op->domain)) == NULL )
             break;
+
+        ret = -EINVAL;
+        if ( (d == current->domain) || /* no domain_pause() */
+             (max > MAX_VIRT_CPUS) )
+        {
+            rcu_unlock_domain(d);
+            break;
+        }
 
         ret = xsm_max_vcpus(d);
         if ( ret )
@@ -705,6 +710,13 @@ long do_domctl(XEN_GUEST_HANDLE(xen_domc
         d = rcu_lock_domain_by_id(op->domain);
         if ( d == NULL )
             break;
+
+        ret = -EINVAL;
+        if ( d == current->domain ) /* no domain_pause() */
+        {
+            rcu_unlock_domain(d);
+            break;
+        }
 
         ret = xsm_setdebugging(d);
         if ( ret )

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] domctl: don't allow certain operations on Dom0, Xen patchbot-unstable <=
Previous by Date:  [Xen-changelog] [xen-unstable] vsprintf: Better size_t input checking, and fix return values of, Xen patchbot-unstable
Next by Date:  [Xen-changelog] [xen-unstable] x86/cpufreq: don't use static array for large per-CPU data structures, Xen patchbot-unstable
Previous by Thread:  [Xen-changelog] [xen-unstable] vsprintf: Better size_t input checking, and fix return values of, Xen patchbot-unstable
Next by Thread:  [Xen-changelog] [xen-unstable] x86/cpufreq: don't use static array for large per-CPU data structures, Xen patchbot-unstable
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy