From: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Date: Fri, 4 Oct 2013 10:51:44 +0000 (+0200)
Subject: xsm: forbid PV guest console reads
X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~6213
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=65ba631bcb62c79eb33ebfde8a0471fd012c37a8;p=xen.git

xsm: forbid PV guest console reads

The CONSOLEIO_read operation was incorrectly allowed to PV guests if the
hypervisor was compiled in debug mode (with VERBOSE defined).

Reported-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
---

diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index 052f3e0111..52c651c402 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -222,10 +222,10 @@ static XSM_INLINE int xsm_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd)
 {
     XSM_ASSERT_ACTION(XSM_OTHER);
 #ifdef VERBOSE
-    return xsm_default_action(XSM_HOOK, current->domain, NULL);
-#else
-    return xsm_default_action(XSM_PRIV, current->domain, NULL);
+    if ( cmd == CONSOLEIO_write )
+        return xsm_default_action(XSM_HOOK, d, NULL);
 #endif
+    return xsm_default_action(XSM_PRIV, d, NULL);
 }
 
 static XSM_INLINE int xsm_profile(XSM_DEFAULT_ARG struct domain *d, int op)