WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-ia64-devel

[Top] [All Lists]

Re: [Xen-ia64-devel] [PATCH][TAKE3] Fix vulnerability of copy_to_user in

from [Alex Williamson]

[Permanent Link][Original]

To:	Jarod Wilson <jwilson@xxxxxxxxxx>
Subject:	Re: [Xen-ia64-devel] [PATCH][TAKE3] Fix vulnerability of copy_to_user in PAL emulation
From:	Alex Williamson <alex.williamson@xxxxxx>
Date:	Fri, 14 Dec 2007 12:33:16 -0700
Cc:	xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date:	Fri, 14 Dec 2007 11:33:25 -0800
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
In-reply-to:	<4762D1A5.4050901@xxxxxxxxxx>
List-help:	<mailto:xen-ia64-devel-request@lists.xensource.com?subject=help>
List-id:	Discussion of the ia64 port of Xen <xen-ia64-devel.lists.xensource.com>
List-post:	<mailto:xen-ia64-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-ia64-devel>, <mailto:xen-ia64-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-ia64-devel>, <mailto:xen-ia64-devel-request@lists.xensource.com?subject=unsubscribe>
Organization:	OSLO R&D
References:	<7kodctlqdv.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxx> <1197657744.6806.8.camel@lappy> <4762D1A5.4050901@xxxxxxxxxx>
Sender:	xen-ia64-devel-bounces@xxxxxxxxxxxxxxxxxxx

On Fri, 2007-12-14 at 13:55 -0500, Jarod Wilson wrote:
> Alex Williamson wrote:
> > On Fri, 2007-12-14 at 15:52 +0900, Kouya Shimura wrote:
> >> Hi,
> >>
> >> The reputation of my previous patch was not so good,
> >> then I rewrote it. An attached patch is temporary fix
> >> for xen-3.2.
> 
> Anyone know offhand if this vulnerability exists in xen 3.1.x as well? 
> (As in, is this something a certain vendor shipping a xen 3.1.x codebase 
> needs to pull into their own tree ASAP? :)

   Yes, I believe the exposure is there too.  I was planning to port it
to the 3.1 tree once it's in the mainline.  It looks very straight
forward, just omit the chunk updating pal_brand_info since that didn't
exist back then.  Thanks,

        Alex

-- 
Alex Williamson                             HP Open Source & Linux Org.


_______________________________________________
Xen-ia64-devel mailing list
Xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-ia64-devel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-ia64-devel] [PATCH][TAKE3] Fix vulnerability of copy_to_user in PAL emulation, Kouya Shimura Re: [Xen-ia64-devel] [PATCH][TAKE3] Fix vulnerability of copy_to_user in PAL emulation, tgingold Re: [Xen-ia64-devel] [PATCH][TAKE3] Fix vulnerability of copy_to_user in PAL emulation, Alex Williamson Re: [Xen-ia64-devel] [PATCH][TAKE3] Fix vulnerability of copy_to_user in PAL emulation, Jarod Wilson Re: [Xen-ia64-devel] [PATCH][TAKE3] Fix vulnerability of copy_to_user in PAL emulation, Alex Williamson <= Re: [Xen-ia64-devel] [PATCH][TAKE3] Fix vulnerability of copy_to_user in PAL emulation, Jarod Wilson Re: [Xen-ia64-devel] [PATCH][TAKE3] Fix vulnerability of copy_to_user in PAL emulation, Alex Williamson

Previous by Date:	Re: [Xen-ia64-devel] [PATCH][TAKE3] Fix vulnerability of copy_to_user in PAL emulation, Jarod Wilson
Next by Date:	Re: [Xen-ia64-devel] [Patch][1/2] cleanup: move PERFC() fromasmmacro.h, Akio Takebe
Previous by Thread:	Re: [Xen-ia64-devel] [PATCH][TAKE3] Fix vulnerability of copy_to_user in PAL emulation, Jarod Wilson
Next by Thread:	Re: [Xen-ia64-devel] [PATCH][TAKE3] Fix vulnerability of copy_to_user in PAL emulation, Jarod Wilson
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix