From 90b6e6c88983250742e1356d7178a6d4e683fa80 Mon Sep 17 00:00:00 2001
From: Tim Deegan <tim@xen.org>
Date: Thu, 8 Mar 2012 16:40:05 +0000
Subject: Tools: After a helper maps a ring, yank it from the guest physmap

This limits the ability of the guest to play around with its own rings, and DoS
itself.

Signed-off-by: Andres Lagar-Cavilla <andres@lagarcavilla.org>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Tim Deegan <tim@xen.org>
---
 tools/xenpaging/xenpaging.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'tools/xenpaging')

diff --git a/tools/xenpaging/xenpaging.c b/tools/xenpaging/xenpaging.c
index b9ba00fa11..5c1cd81ecc 100644
--- a/tools/xenpaging/xenpaging.c
+++ b/tools/xenpaging/xenpaging.c
@@ -416,6 +416,11 @@ static struct xenpaging *xenpaging_init(int argc, char *argv[])
                    (mem_event_sring_t *)paging->mem_event.ring_page,
                    PAGE_SIZE);
 
+    /* Now that the ring is set, remove it from the guest's physmap */
+    if ( xc_domain_decrease_reservation_exact(xch, 
+                    paging->mem_event.domain_id, 1, 0, &ring_pfn) )
+        PERROR("Failed to remove ring from guest physmap");
+
     /* Get max_pages from guest if not provided via cmdline */
     if ( !paging->max_pages )
     {
-- 
cgit v1.2.3