projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fdac951) | patch
x86: fix various issues with handling guest IRQs
authorJan Beulich <jbeulich@suse.com>
Thu, 18 Apr 2013 14:11:23 +0000 (16:11 +0200)
committerJan Beulich <jbeulich@suse.com>
Thu, 18 Apr 2013 14:11:23 +0000 (16:11 +0200)
commit545607eb3cfeb2abf5742d1bb869734f317fcfe5
tree6039c103db155c2f36625ffd75d7262d5dfdc5c4tree | snapshot
parentfdac9515607b757c044e7ef0d61b1453ef999b08commit | diff
x86: fix various issues with handling guest IRQs

- properly revoke IRQ access in map_domain_pirq() error path
- don't permit replacing an in use IRQ
- don't accept inputs in the GSI range for MAP_PIRQ_TYPE_MSI
- track IRQ access permission in host IRQ terms, not guest IRQ ones
  (and with that, also disallow Dom0 access to IRQ0)

This is CVE-2013-1919 / XSA-46.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
tools/libxl/libxl_create.c diff | blob | history
tools/python/xen/xend/server/irqif.py diff | blob | history
xen/arch/x86/domain_build.c diff | blob | history
xen/arch/x86/domctl.c diff | blob | history
xen/arch/x86/irq.c diff | blob | history
xen/arch/x86/physdev.c diff | blob | history
xen/common/domctl.c diff | blob | history
xen/common/event_channel.c diff | blob | history
xen/include/xen/iocap.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.