diff options
| author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2013-10-04 12:51:44 +0200 |
|---|---|---|
| committer | Jan Beulich <jbeulich@suse.com> | 2013-10-04 12:51:44 +0200 |
| commit | 65ba631bcb62c79eb33ebfde8a0471fd012c37a8 (patch) | |
| tree | 3dce841a00c90fa356efb9254d708dff8156180d | |
| parent | 11b85dbd0ab068bad3beadda3aee2298205a3c01 (diff) | |
| download | xen-65ba631bcb62c79eb33ebfde8a0471fd012c37a8.tar.gz xen-65ba631bcb62c79eb33ebfde8a0471fd012c37a8.tar.bz2 xen-65ba631bcb62c79eb33ebfde8a0471fd012c37a8.zip | |
xsm: forbid PV guest console reads
The CONSOLEIO_read operation was incorrectly allowed to PV guests if the
hypervisor was compiled in debug mode (with VERBOSE defined).
Reported-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
| -rw-r--r-- | xen/include/xsm/dummy.h | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index 052f3e0111..52c651c402 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -222,10 +222,10 @@ static XSM_INLINE int xsm_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd) { XSM_ASSERT_ACTION(XSM_OTHER); #ifdef VERBOSE - return xsm_default_action(XSM_HOOK, current->domain, NULL); -#else - return xsm_default_action(XSM_PRIV, current->domain, NULL); + if ( cmd == CONSOLEIO_write ) + return xsm_default_action(XSM_HOOK, d, NULL); #endif + return xsm_default_action(XSM_PRIV, d, NULL); } static XSM_INLINE int xsm_profile(XSM_DEFAULT_ARG struct domain *d, int op) |