projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cbea5a1) | patch
gnttab: correct locking on transitive grant copy error path
authorJan Beulich <jbeulich@suse.com>
Tue, 11 Oct 2022 12:29:30 +0000 (14:29 +0200)
committerJan Beulich <jbeulich@suse.com>
Tue, 11 Oct 2022 12:29:30 +0000 (14:29 +0200)
commit6e3aab858eef614a21a782a3b73acc88e74690ea
treee2177ca8594bc17be5fdf1ebb96aa186808f8a7btree | snapshot
parentcbea5a1149ca7fd4b7cdbfa3ec2e4f109b601ff7commit | diff
gnttab: correct locking on transitive grant copy error path

While the comment next to the lock dropping in preparation of
recursively calling acquire_grant_for_copy() mistakenly talks about the
rd == td case (excluded a few lines further up), the same concerns apply
to the calling of release_grant_for_copy() on a subsequent error path.

This is CVE-2022-33748 / XSA-411.

Fixes: ad48fb963dbf ("gnttab: fix transitive grant handling")
Signed-off-by: Jan Beulich <jbeulich@suse.com>
xen/common/grant_table.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.