From fab5b70212caa8122ff4512416d23e971e642b99 Mon Sep 17 00:00:00 2001 From: "awilliam@xenbuild.aw" Date: Wed, 21 Jun 2006 10:25:00 -0600 Subject: [PATCH] [IA64] don't allow non-dom0 domains to set pte memory attributes domUs shouldn't be allowed to set arbitrary memory attributes. This could allow accessing system memory with uncached attributes, leading to address aliasing, unsupported transactions, or worse. Signed-off-by: Alex Williamson --- xen/arch/ia64/xen/mm.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/xen/arch/ia64/xen/mm.c b/xen/arch/ia64/xen/mm.c index 74fabdadfe..fec626ccd5 100644 --- a/xen/arch/ia64/xen/mm.c +++ b/xen/arch/ia64/xen/mm.c @@ -471,6 +471,14 @@ u64 translate_domain_pte(u64 pteval, u64 address, u64 itir__, u64* logps, pteval2 |= (pteval & _PAGE_ED); pteval2 |= _PAGE_PL_2; // force PL0->2 (PL3 is unaffected) pteval2 = (pteval & ~_PAGE_PPN_MASK) | pteval2; + /* + * Don't let non-dom0 domains map uncached addresses. This can + * happen when domU tries to touch i/o port space. Also prevents + * possible address aliasing issues. + */ + if (d != dom0) + pteval2 &= ~_PAGE_MA_MASK; + return pteval2; } -- 2.30.2