diff options
author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2013-10-22 12:04:43 +0200 |
---|---|---|
committer | Jan Beulich <jbeulich@suse.com> | 2013-10-22 12:04:43 +0200 |
commit | 29de283bdb3f547030012c4a4486e59e3d53fa27 (patch) | |
tree | ac8e1aece72aa9acfe887ed7e76ab4891eb0b9b0 | |
parent | 707aec94c54127ebfda7d0f8455ecbb332ee49f0 (diff) | |
download | xen-29de283bdb3f547030012c4a4486e59e3d53fa27.tar.gz xen-29de283bdb3f547030012c4a4486e59e3d53fa27.tar.bz2 xen-29de283bdb3f547030012c4a4486e59e3d53fa27.zip |
forbid PV guest console reads
The CONSOLEIO_read operation was incorrectly allowed to PV guests if the
hypervisor was compiled in debug mode (with VERBOSE defined).
Reported-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
master commit: 65ba631bcb62c79eb33ebfde8a0471fd012c37a8
master date: 2013-10-04 12:51:44 +0200
-rw-r--r-- | xen/drivers/char/console.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/xen/drivers/char/console.c b/xen/drivers/char/console.c index e10bed5d55..ef24f63895 100644 --- a/xen/drivers/char/console.c +++ b/xen/drivers/char/console.c @@ -363,11 +363,14 @@ long do_console_io(int cmd, int count, XEN_GUEST_HANDLE(char) buffer) long rc; unsigned int idx, len; -#ifndef VERBOSE - /* Only domain 0 may access the emergency console. */ if ( current->domain->domain_id != 0 ) - return -EPERM; +#ifndef VERBOSE + /* Only domain 0 may access the emergency console. */ +#else + /* Only console writes are permitted for other than Dom0. */ + if ( cmd != CONSOLEIO_write ) #endif + return -EPERM; rc = xsm_console_io(current->domain, cmd); if ( rc ) |