projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f2ddd52) | patch
VT-d: don't permit SVT_NO_VERIFY entries for known device types
authorJan Beulich <jbeulich@suse.com>
Thu, 2 May 2013 15:08:58 +0000 (17:08 +0200)
committerJan Beulich <jbeulich@suse.com>
Thu, 2 May 2013 15:08:58 +0000 (17:08 +0200)
commit63cec00679cc65ab5d5a9447a62d5202f155b78c
treed92467125aa1f66d509c8c60dc7f4f38774b445atree | snapshot
parentf2ddd529337792bcb61fad259da8982be570df4dcommit | diff
VT-d: don't permit SVT_NO_VERIFY entries for known device types

Only in cases where we don't know what to do we should leave the IRTE
blank (suppressing all validation), but we should always log a warning
in those cases (as being insecure).

This is CVE-2013-1952 / XSA-49.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: "Zhang, Xiantao" <xiantao.zhang@intel.com>
xen/drivers/passthrough/vtd/intremap.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.