Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:Maintenance:114
xen.openSUSE_Evergreen_11.4
CVE-2012-5514-xsa30.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2012-5514-xsa30.patch of Package xen.openSUSE_Evergreen_11.4
xen: fix error handling of guest_physmap_mark_populate_on_demand() The only user of the "out" label bypasses a necessary unlock, thus enabling the caller to lock up Xen. Also, the function was never meant to be called by a guest for itself, so rather than inspecting the code paths in depth for potential other problems this might cause, and adjusting e.g. the non-guest printk() in the above error path, just disallow the guest access to it. Finally, the printk() (considering its potential of spamming the log, the more that it's not using XENLOG_GUEST), is being converted to P2M_DEBUG(), as debugging is what it apparently was added for in the first place. This is XSA-30 / CVE-2012-5514. Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: George Dunlap <george.dunlap@eu.citrix.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com> --- xen-4.0.3-testing/xen/arch/x86/mm/p2m.c.orig 2012-12-12 12:09:17.614370326 +0100 +++ xen-4.0.3-testing/xen/arch/x86/mm/p2m.c 2012-12-12 12:14:37.940338582 +0100 @@ -2080,6 +2080,9 @@ int pod_count = 0; int rc = 0; + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; + if ( !paging_mode_translate(d) ) return -EINVAL; @@ -2098,8 +2101,7 @@ omfn = gfn_to_mfn_query(d, gfn + i, &ot); if ( p2m_is_ram(ot) ) { - printk("%s: gfn_to_mfn returned type %d!\n", - __func__, ot); + P2M_DEBUG("gfn_to_mfn returned type %d!\n", ot); rc = -EBUSY; goto out; } @@ -2121,10 +2123,10 @@ BUG_ON(p2md->pod.entry_count < 0); } +out: audit_p2m(d); p2m_unlock(p2md); -out: return rc; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor