tmem: only allow tmem control operations from privileged domains

This is part of XSA-15 / CVE-2012-3497. Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Jan Beulich <jbeulich@suse.com>
author: Ian Campbell <ian.campbell@citrix.com> 2012-09-11 14:06:30 +0200
committer: Ian Campbell <ian.campbell@citrix.com> 2012-09-11 14:06:30 +0200
commit: 60172eff1eacf9fff67ee80857f8735a3664c831 (patch)
tree: cc0e166e3c4632b43a20bebded5673703369655d /xen/common/tmem.c
parent: 927f83863cd7277a8c77ad40a35f018c71dc7f40 (diff)
download: xen-60172eff1eacf9fff67ee80857f8735a3664c831.tar.gz
xen-60172eff1eacf9fff67ee80857f8735a3664c831.tar.bz2
xen-60172eff1eacf9fff67ee80857f8735a3664c831.zip
1 files changed, 2 insertions, 4 deletions
diff --git a/xen/common/tmem.c b/xen/common/tmem.c
index 1a8777c284..aedac551d3 100644
--- a/xen/common/tmem.c
+++ b/xen/common/tmem.c
@@ -2541,10 +2541,8 @@ static NOINLINE int do_tmem_control(struct tmem_op *op)
     OID *oidp = (OID *)(&op->u.ctrl.oid[0]);
 
     if (!tmh_current_is_privileged())
-    {
-        /* don't fail... mystery: sometimes dom0 fails here */
-        /* return -EPERM; */
-    }
+        return -EPERM;
+
     switch(subop)
     {
     case TMEMC_THAW:
author	Ian Campbell <ian.campbell@citrix.com>	2012-09-11 14:06:30 +0200
committer	Ian Campbell <ian.campbell@citrix.com>	2012-09-11 14:06:30 +0200
commit	60172eff1eacf9fff67ee80857f8735a3664c831 (patch)
tree	cc0e166e3c4632b43a20bebded5673703369655d /xen/common/tmem.c
parent	927f83863cd7277a8c77ad40a35f018c71dc7f40 (diff)
download	xen-60172eff1eacf9fff67ee80857f8735a3664c831.tar.gz xen-60172eff1eacf9fff67ee80857f8735a3664c831.tar.bz2 xen-60172eff1eacf9fff67ee80857f8735a3664c831.zip