thr3ads.net - Xen devel - [Xen-devel][PATCH][XSM][FLASK] Argument handling bugs in XSM:FLASK [Jul 2008]

If this information is useful, please help other people find it:
Share via:

George S. Coker, II

2008-Jul-18 19:12 UTC

[Xen-devel][PATCH][XSM][FLASK] Argument handling bugs in XSM:FLASK

The attached patch addresses a number of argument handling bugs in the
flask_op hypercall in the XSM:Flask module.  Thanks to Rafal Wojtczuk at
McAfee for reporting the issues and Tim Deegan at Citrix for providing an
initial patch.

This patch addresses the following issues:
 - bounds checking and validation on input arguments to flask_op
 - updated ABI/API, size and cmd are now uint32_t
 - updated userspace tools and libraries to account for ABI/API changes
 - implemented all copies using from/to guest, better portability
 - implemented upper bounds checking on op->cmd, op->size
 - implemented sanity checking on op->size and op->buf
 - implemented bit vector for checking from/to usage on op->cmd

Please do not hesitate to contact me on future issues/concerns/comments
related to XSM and the Flask module.

<Signed-off-by: George Coker, gscoker@alpha.ncsc.mil>

-- 
George S. Coker, II <gscoker@alpha.ncsc.mil>



_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Xen devel - Jul 2008 - [PATCH][XSM][FLASK] Argument handling bugs in XSM:FLASK

[Xen-devel][PATCH][XSM][FLASK] Argument handling bugs in XSM:FLASK