Daniel De Graaf
2013-Sep-25 15:54 UTC
[PATCH v2] xen: fix DOMID_IO mapping permission checks
When the permission checks for memory mapping were moved from
get_pg_owner to xsm_mmu_update in aaba7a677, the exception for DOMID_IO
was not taken into account. This will cause IO memory mappings by PV
domains (mini-os in particular) to fail when XSM/FLASK is not being
used. This patch reintroduces the exception for DOMID_IO; the actual
restrictions on IO memory mappings have always been checked separately
using iomem_access_permitted, so this change should not break existing
access control.
Reported-by: Eduardo Peixoto Macedo <epm@cin.ufpe.br>
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
---
This version has been tested; the previous one checked the wrong target
domain (owner of the page table being modified, not source of the page).
xen/include/xsm/dummy.h | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index cc0a5a8..052f3e0 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -567,9 +567,10 @@ static XSM_INLINE int xsm_domain_memory_map(XSM_DEFAULT_ARG
struct domain *d)
static XSM_INLINE int xsm_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct
domain *t,
struct domain *f, uint32_t flags)
{
- int rc;
+ int rc = 0;
XSM_ASSERT_ACTION(XSM_TARGET);
- rc = xsm_default_action(action, d, f);
+ if ( f != dom_io )
+ rc = xsm_default_action(action, d, f);
if ( t && !rc )
rc = xsm_default_action(action, d, t);
return rc;
--
1.8.1.4