This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-changelog] [xen-unstable] [IA64] don't allow non-dom0 domains to se

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] [IA64] don't allow non-dom0 domains to set pte memory attributes
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Mon, 03 Jul 2006 10:20:30 +0000
Delivery-date: Mon, 03 Jul 2006 03:26:33 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User awilliam@xxxxxxxxxxx
# Node ID be0a536b70cc4071a14b807d2aee643f92fba6ba
# Parent  9031316e52030ef5065cd424d117f88abb0106b9
[IA64] don't allow non-dom0 domains to set pte memory attributes

  domUs shouldn't be allowed to set arbitrary memory attributes.
This could allow accessing system memory with uncached attributes,
leading to address aliasing, unsupported transactions, or worse.

Signed-off-by: Alex Williamson <alex.williamson@xxxxxx>
 xen/arch/ia64/xen/mm.c |    8 ++++++++
 1 files changed, 8 insertions(+)

diff -r 9031316e5203 -r be0a536b70cc xen/arch/ia64/xen/mm.c
--- a/xen/arch/ia64/xen/mm.c    Wed Jun 21 10:15:46 2006 -0600
+++ b/xen/arch/ia64/xen/mm.c    Wed Jun 21 10:25:00 2006 -0600
@@ -471,6 +471,14 @@ u64 translate_domain_pte(u64 pteval, u64
        pteval2 |= (pteval & _PAGE_ED);
        pteval2 |= _PAGE_PL_2; // force PL0->2 (PL3 is unaffected)
        pteval2 = (pteval & ~_PAGE_PPN_MASK) | pteval2;
+       /*
+        * Don't let non-dom0 domains map uncached addresses.  This can
+        * happen when domU tries to touch i/o port space.  Also prevents
+        * possible address aliasing issues.
+        */
+       if (d != dom0)
+               pteval2 &= ~_PAGE_MA_MASK;
        return pteval2;

Xen-changelog mailing list

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] [IA64] don't allow non-dom0 domains to set pte memory attributes, Xen patchbot-unstable <=