From: Keir Fraser Date: Mon, 22 Sep 2008 14:20:25 +0000 (+0100) Subject: domctl: don't allow certain operations on Dom0 X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~14101^2~42 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=23f36ed6ff84de351caab8903b9909ec22e5d294;p=xen.git domctl: don't allow certain operations on Dom0 XEN_DOMCTL_setvcpucontext, XEN_DOMCTL_max_vcpus, and XEN_DOMCTL_setdebugging don't seem to allow Dom0 as the subject domain (based on the criteria that they pause that domain in order to do their job). Signed-off-by: Jan Beulich Signed-off-by: Keir Fraser --- diff --git a/xen/common/domctl.c b/xen/common/domctl.c index 9892550d8b..f4787b22e3 100644 --- a/xen/common/domctl.c +++ b/xen/common/domctl.c @@ -223,7 +223,8 @@ long do_domctl(XEN_GUEST_HANDLE(xen_domctl_t) u_domctl) goto svc_out; ret = -EINVAL; - if ( (vcpu >= MAX_VIRT_CPUS) || ((v = d->vcpu[vcpu]) == NULL) ) + if ( (d == current->domain) || /* no domain_pause() */ + (vcpu >= MAX_VIRT_CPUS) || ((v = d->vcpu[vcpu]) == NULL) ) goto svc_out; if ( guest_handle_is_null(op->u.vcpucontext.ctxt) ) @@ -392,14 +393,18 @@ long do_domctl(XEN_GUEST_HANDLE(xen_domctl_t) u_domctl) struct domain *d; unsigned int i, max = op->u.max_vcpus.max, cpu; - ret = -EINVAL; - if ( max > MAX_VIRT_CPUS ) - break; - ret = -ESRCH; if ( (d = rcu_lock_domain_by_id(op->domain)) == NULL ) break; + ret = -EINVAL; + if ( (d == current->domain) || /* no domain_pause() */ + (max > MAX_VIRT_CPUS) ) + { + rcu_unlock_domain(d); + break; + } + ret = xsm_max_vcpus(d); if ( ret ) { @@ -706,6 +711,13 @@ long do_domctl(XEN_GUEST_HANDLE(xen_domctl_t) u_domctl) if ( d == NULL ) break; + ret = -EINVAL; + if ( d == current->domain ) /* no domain_pause() */ + { + rcu_unlock_domain(d); + break; + } + ret = xsm_setdebugging(d); if ( ret ) {