dgit.raspbian.org Git - xen.git/commit

author	Keir Fraser <keir.fraser@citrix.com>
	Mon, 21 Jul 2008 08:41:36 +0000 (09:41 +0100)
committer	Keir Fraser <keir.fraser@citrix.com>
	Mon, 21 Jul 2008 08:41:36 +0000 (09:41 +0100)
commit	2325e6972157eaaad9af69892fd0fd70154c04ae
tree	027f355dc5467bf6989981e7527c86618bdc76aa	tree \| snapshot
parent	39f22f5e08c8d7ff61d44eb04befb1c122ca763c	commit \| diff

[XSM][FLASK] Argument handling bugs in XSM:FLASK

Addresses a number of argument handling bugs in the flask_op hypercall
in the XSM:Flask module. Thanks to Rafal Wojtczuk at McAfee for
reporting the issues and Tim Deegan at Citrix for providing an
initial patch.

This patch addresses the following issues:
- bounds checking and validation on input arguments to flask_op
- updated ABI/API, size and cmd are now uint32_t
- updated userspace tools and libraries to account for ABI/API
changes
- implemented all copies using from/to guest, better portability
- implemented upper bounds checking on op->cmd, op->size
- implemented sanity checking on op->size and op->buf
- implemented bit vector for checking from/to usage on op->cmd

Signed-off-by: George Coker <gscoker@alpha.ncsc.mil>

tools/flask/libflask/flask_op.c		diff \| blob \| history
tools/flask/libflask/include/flask.h		diff \| blob \| history
xen/arch/x86/time.c		diff \| blob \| history
xen/include/public/xsm/flask_op.h		diff \| blob \| history
xen/xsm/flask/avc.c		diff \| blob \| history
xen/xsm/flask/flask_op.c		diff \| blob \| history
xen/xsm/flask/include/avc.h		diff \| blob \| history