projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3c80d6f) | patch
memory: split and tighten maximum order permitted in memops
authorJan Beulich <jbeulich@suse.com>
Tue, 8 Dec 2015 13:00:33 +0000 (14:00 +0100)
committerJan Beulich <jbeulich@suse.com>
Tue, 8 Dec 2015 13:00:33 +0000 (14:00 +0100)
commit4a578b316eb98975374d88f28904acf13dbcfac2
treed9ede321004a621b94c63a71558692e0a65cdf84tree | snapshot
parent3c80d6f3c61eb0f8072f70b0a9a8c8c7adf17572commit | diff
memory: split and tighten maximum order permitted in memops

Introduce and enforce separate limits for ordinary DomU, DomU with
pass-through device(s), control domain, and hardware domain.

The DomU defaults were determined based on what so far was allowed by
multipage_allocation_permitted().

The x86 hwdom default was chosen based on linux-2.6.18-xen.hg c/s
1102:82782f1361a9 indicating 2Mb is not enough, plus some slack.

The ARM hwdom default was chosen to allow 2Mb (order-9) mappings, plus
a little bit of slack.

This is CVE-2015-8338 / XSA-158.

Reported-by: Julien Grall <julien.grall@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
docs/misc/xen-command-line.markdown diff | blob | history
xen/common/memory.c diff | blob | history
xen/include/asm-arm/config.h diff | blob | history
xen/include/asm-arm/iocap.h diff | blob | history
xen/include/asm-x86/config.h diff | blob | history
xen/include/asm-x86/iocap.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.