diff options
| author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2013-10-09 12:04:29 +0200 |
|---|---|---|
| committer | Jan Beulich <jbeulich@suse.com> | 2013-10-09 12:04:29 +0200 |
| commit | b267a5a2cae14c97ab9198336f1529e7e48fad22 (patch) | |
| tree | 6214577ca6dc07c851bdb7db10f481989105a70b | |
| parent | e6903c281d4d5eb84571a79b652a135c5687e616 (diff) | |
| download | xen-b267a5a2cae14c97ab9198336f1529e7e48fad22.tar.gz xen-b267a5a2cae14c97ab9198336f1529e7e48fad22.tar.bz2 xen-b267a5a2cae14c97ab9198336f1529e7e48fad22.zip | |
xsm: forbid PV guest console reads
The CONSOLEIO_read operation was incorrectly allowed to PV guests if the
hypervisor was compiled in debug mode (with VERBOSE defined).
Reported-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
master commit: 65ba631bcb62c79eb33ebfde8a0471fd012c37a8
master date: 2013-10-04 12:51:44 +0200
| -rw-r--r-- | xen/include/xsm/dummy.h | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index cc0a5a8301..ecf262b61c 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -222,10 +222,10 @@ static XSM_INLINE int xsm_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd) { XSM_ASSERT_ACTION(XSM_OTHER); #ifdef VERBOSE - return xsm_default_action(XSM_HOOK, current->domain, NULL); -#else - return xsm_default_action(XSM_PRIV, current->domain, NULL); + if ( cmd == CONSOLEIO_write ) + return xsm_default_action(XSM_HOOK, d, NULL); #endif + return xsm_default_action(XSM_PRIV, d, NULL); } static XSM_INLINE int xsm_profile(XSM_DEFAULT_ARG struct domain *d, int op) |