Overview

File 25815-x86-PoD-no-bug-in-non-translated.patch of Package xen.openSUSE_12.1_Update

References: bnc#777091

# HG changeset patch
# User Ian Jackson <Ian.Jackson@eu.citrix.com>
# Date 1346844543 -3600
# Node ID bcf58ef63b7c844fe431eb9e394fc1ea5dd437c4
# Parent  4f1c696482016e7ba76f222c5875618c37680286
xen: Don't BUG_ON() PoD operations on a non-translated guest.

This is XSA-14 / CVE-2012-3496

Signed-off-by: Tim Deegan <tim@xen.org>
Reviewed-by: Ian Campbell <ian.campbell@citrix.com>
Tested-by: Ian Campbell <ian.campbell@citrix.com>

--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -2412,7 +2412,8 @@ guest_physmap_mark_populate_on_demand(st
     mfn_t omfn;
     int rc = 0;
 
-    BUG_ON(!paging_mode_translate(d));
+    if ( !paging_mode_translate(d) )
+        return -EINVAL;
 
     rc = gfn_check_limit(d, gfn, order);
     if ( rc != 0 )
openSUSE Build Service is sponsored by
Places