p***@xen.org
2018-11-15 11:33:05 UTC
commit 7c1a39fc51f0ce167c83fe4a195503e463388fc5
Author: Andrew Cooper <***@citrix.com>
AuthorDate: Tue Oct 2 13:55:07 2018 +0000
Commit: Andrew Cooper <***@citrix.com>
CommitDate: Thu Nov 15 11:11:30 2018 +0000
xen/domain: Introduce a new sanitise_domain_config() helper
Call it from the head of domain_create() (before doing any memory
allocations), which will apply the checks to dom0 as well as domU's.
For now, just subsume the XEN_DOMCTL_CDF_* check from XEN_DOMCTL_createdomain.
In an effort to aid future developoment, leave a debug printk() identifying
the cause of sanitisation failures.
Signed-off-by: Andrew Cooper <***@citrix.com>
Reviewed-by: Jan Beulich <***@suse.com>
Reviewed-by: Julien Grall <***@arm.com>
---
xen/common/domain.c | 18 ++++++++++++++++++
xen/common/domctl.c | 9 ---------
2 files changed, 18 insertions(+), 9 deletions(-)
diff --git a/xen/common/domain.c b/xen/common/domain.c
index d6650f0656..22aa634510 100644
--- a/xen/common/domain.c
+++ b/xen/common/domain.c
@@ -288,6 +288,21 @@ static void _domain_destroy(struct domain *d)
free_domain_struct(d);
}
+static int sanitise_domain_config(struct xen_domctl_createdomain *config)
+{
+ if ( config->flags & ~(XEN_DOMCTL_CDF_hvm_guest |
+ XEN_DOMCTL_CDF_hap |
+ XEN_DOMCTL_CDF_s3_integrity |
+ XEN_DOMCTL_CDF_oos_off |
+ XEN_DOMCTL_CDF_xs_domain) )
+ {
+ dprintk(XENLOG_INFO, "Unknown CDF flags %#x\n", config->flags);
+ return -EINVAL;
+ }
+
+ return 0;
+}
+
struct domain *domain_create(domid_t domid,
struct xen_domctl_createdomain *config,
bool is_priv)
@@ -297,6 +312,9 @@ struct domain *domain_create(domid_t domid,
INIT_evtchn = 1u<<3, INIT_gnttab = 1u<<4, INIT_arch = 1u<<5 };
int err, init_status = 0;
+ if ( config && (err = sanitise_domain_config(config)) )
+ return ERR_PTR(err);
+
if ( (d = alloc_domain_struct()) == NULL )
return ERR_PTR(-ENOMEM);
diff --git a/xen/common/domctl.c b/xen/common/domctl.c
index b2948814aa..d08b6274e2 100644
--- a/xen/common/domctl.c
+++ b/xen/common/domctl.c
@@ -498,15 +498,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
domid_t dom;
static domid_t rover = 0;
- ret = -EINVAL;
- if ( (op->u.createdomain.flags &
- ~(XEN_DOMCTL_CDF_hvm_guest
- | XEN_DOMCTL_CDF_hap
- | XEN_DOMCTL_CDF_s3_integrity
- | XEN_DOMCTL_CDF_oos_off
- | XEN_DOMCTL_CDF_xs_domain)) )
- break;
-
dom = op->domain;
if ( (dom > 0) && (dom < DOMID_FIRST_RESERVED) )
{
--
generated by git-patchbot for /home/xen/git/xen.git#staging
Author: Andrew Cooper <***@citrix.com>
AuthorDate: Tue Oct 2 13:55:07 2018 +0000
Commit: Andrew Cooper <***@citrix.com>
CommitDate: Thu Nov 15 11:11:30 2018 +0000
xen/domain: Introduce a new sanitise_domain_config() helper
Call it from the head of domain_create() (before doing any memory
allocations), which will apply the checks to dom0 as well as domU's.
For now, just subsume the XEN_DOMCTL_CDF_* check from XEN_DOMCTL_createdomain.
In an effort to aid future developoment, leave a debug printk() identifying
the cause of sanitisation failures.
Signed-off-by: Andrew Cooper <***@citrix.com>
Reviewed-by: Jan Beulich <***@suse.com>
Reviewed-by: Julien Grall <***@arm.com>
---
xen/common/domain.c | 18 ++++++++++++++++++
xen/common/domctl.c | 9 ---------
2 files changed, 18 insertions(+), 9 deletions(-)
diff --git a/xen/common/domain.c b/xen/common/domain.c
index d6650f0656..22aa634510 100644
--- a/xen/common/domain.c
+++ b/xen/common/domain.c
@@ -288,6 +288,21 @@ static void _domain_destroy(struct domain *d)
free_domain_struct(d);
}
+static int sanitise_domain_config(struct xen_domctl_createdomain *config)
+{
+ if ( config->flags & ~(XEN_DOMCTL_CDF_hvm_guest |
+ XEN_DOMCTL_CDF_hap |
+ XEN_DOMCTL_CDF_s3_integrity |
+ XEN_DOMCTL_CDF_oos_off |
+ XEN_DOMCTL_CDF_xs_domain) )
+ {
+ dprintk(XENLOG_INFO, "Unknown CDF flags %#x\n", config->flags);
+ return -EINVAL;
+ }
+
+ return 0;
+}
+
struct domain *domain_create(domid_t domid,
struct xen_domctl_createdomain *config,
bool is_priv)
@@ -297,6 +312,9 @@ struct domain *domain_create(domid_t domid,
INIT_evtchn = 1u<<3, INIT_gnttab = 1u<<4, INIT_arch = 1u<<5 };
int err, init_status = 0;
+ if ( config && (err = sanitise_domain_config(config)) )
+ return ERR_PTR(err);
+
if ( (d = alloc_domain_struct()) == NULL )
return ERR_PTR(-ENOMEM);
diff --git a/xen/common/domctl.c b/xen/common/domctl.c
index b2948814aa..d08b6274e2 100644
--- a/xen/common/domctl.c
+++ b/xen/common/domctl.c
@@ -498,15 +498,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
domid_t dom;
static domid_t rover = 0;
- ret = -EINVAL;
- if ( (op->u.createdomain.flags &
- ~(XEN_DOMCTL_CDF_hvm_guest
- | XEN_DOMCTL_CDF_hap
- | XEN_DOMCTL_CDF_s3_integrity
- | XEN_DOMCTL_CDF_oos_off
- | XEN_DOMCTL_CDF_xs_domain)) )
- break;
-
dom = op->domain;
if ( (dom > 0) && (dom < DOMID_FIRST_RESERVED) )
{
--
generated by git-patchbot for /home/xen/git/xen.git#staging