b014cb462c
changes since Xen 4.6.5: mostly bug fixes, including security fixes for XSA206, XSA211 to XSA244. PKGREVISION set to 1 to account for the fact that it's not a stock Xen 4.6.6. Note that, unlike upstream, pv-linear-pt defaults to true, so that NetBSD PV guests (including dom0) will continue to boot without changes to boot.cfg
25 lines
779 B
Text
25 lines
779 B
Text
$NetBSD: patch-XSA232,v 1.1 2017/10/17 10:57:34 bouyer Exp $
|
|
|
|
From: Andrew Cooper <andrew.cooper3@citrix.com>
|
|
Subject: grant_table: fix GNTTABOP_cache_flush handling
|
|
|
|
Don't fall over a NULL grant_table pointer when the owner of the domain
|
|
is a system domain (DOMID_{XEN,IO} etc).
|
|
|
|
This is XSA-232.
|
|
|
|
Reported-by: Matthew Daley <mattd@bugfuzz.com>
|
|
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
|
|
Reviewed-by: Jan Beulich <jbeulich@suse.com>
|
|
|
|
--- xen/common/grant_table.c.orig
|
|
+++ xen/common/grant_table.c
|
|
@@ -3053,7 +3053,7 @@ static int cache_flush(gnttab_cache_flus
|
|
|
|
page = mfn_to_page(mfn);
|
|
owner = page_get_owner_and_reference(page);
|
|
- if ( !owner )
|
|
+ if ( !owner || !owner->grant_table )
|
|
{
|
|
rcu_unlock_domain(d);
|
|
return -EPERM;
|