diff options
author | Daniel De Graaf <dgdegra@tycho.nsa.gov> | 2013-10-04 12:51:44 +0200 |
---|---|---|
committer | Jan Beulich <jbeulich@suse.com> | 2013-10-04 12:51:44 +0200 |
commit | 65ba631bcb62c79eb33ebfde8a0471fd012c37a8 (patch) | |
tree | 3dce841a00c90fa356efb9254d708dff8156180d /xen | |
parent | 11b85dbd0ab068bad3beadda3aee2298205a3c01 (diff) | |
download | xen-65ba631bcb62c79eb33ebfde8a0471fd012c37a8.tar.gz xen-65ba631bcb62c79eb33ebfde8a0471fd012c37a8.tar.bz2 xen-65ba631bcb62c79eb33ebfde8a0471fd012c37a8.zip |
xsm: forbid PV guest console reads
The CONSOLEIO_read operation was incorrectly allowed to PV guests if the
hypervisor was compiled in debug mode (with VERBOSE defined).
Reported-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Diffstat (limited to 'xen')
-rw-r--r-- | xen/include/xsm/dummy.h | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index 052f3e0111..52c651c402 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -222,10 +222,10 @@ static XSM_INLINE int xsm_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd) { XSM_ASSERT_ACTION(XSM_OTHER); #ifdef VERBOSE - return xsm_default_action(XSM_HOOK, current->domain, NULL); -#else - return xsm_default_action(XSM_PRIV, current->domain, NULL); + if ( cmd == CONSOLEIO_write ) + return xsm_default_action(XSM_HOOK, d, NULL); #endif + return xsm_default_action(XSM_PRIV, d, NULL); } static XSM_INLINE int xsm_profile(XSM_DEFAULT_ARG struct domain *d, int op) |