diff options
| author | Daniel Sabogal <dsabogalcc@gmail.com> | 2017-09-12 17:21:02 -0400 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2017-09-13 11:27:06 +0000 |
| commit | 23c1929fd57227a2ee38954597247b761e7980e5 (patch) | |
| tree | 1ff5286988ade5ebf70c9fa2190700d9e8681904 /main/xen/xsa232.patch | |
| parent | c7dab9e89373104b9afb61c846b5ede3ee326eb3 (diff) | |
| download | aports-23c1929fd57227a2ee38954597247b761e7980e5.tar.bz2 aports-23c1929fd57227a2ee38954597247b761e7980e5.tar.xz | |
main/xen: security fixes (XSA-231, XSA-232, XSA-233, XSA-234)
Diffstat (limited to 'main/xen/xsa232.patch')
| -rw-r--r-- | main/xen/xsa232.patch | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/main/xen/xsa232.patch b/main/xen/xsa232.patch new file mode 100644 index 0000000000..9e5f35c7d6 --- /dev/null +++ b/main/xen/xsa232.patch @@ -0,0 +1,23 @@ +From: Andrew Cooper <andrew.cooper3@citrix.com> +Subject: grant_table: fix GNTTABOP_cache_flush handling + +Don't fall over a NULL grant_table pointer when the owner of the domain +is a system domain (DOMID_{XEN,IO} etc). + +This is XSA-232. + +Reported-by: Matthew Daley <mattd@bugfuzz.com> +Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> +Reviewed-by: Jan Beulich <jbeulich@suse.com> + +--- a/xen/common/grant_table.c ++++ b/xen/common/grant_table.c +@@ -3053,7 +3053,7 @@ static int cache_flush(gnttab_cache_flus + + page = mfn_to_page(mfn); + owner = page_get_owner_and_reference(page); +- if ( !owner ) ++ if ( !owner || !owner->grant_table ) + { + rcu_unlock_domain(d); + return -EPERM; |