git.baikalelectronics.ru Git - kernel.git/commit

author	Jan Beulich <JBeulich@suse.com>
	Wed, 11 Mar 2015 13:51:17 +0000 (13:51 +0000)
committer	David Vrabel <david.vrabel@citrix.com>
	Wed, 11 Mar 2015 14:34:40 +0000 (14:34 +0000)
commit	4db9ca21fd18212b4d4363b62bdc584c08a02113
tree	5c794dd0eaf6b82cb5b46a05de14f77b41bb7b8a	tree \| snapshot
parent	bd90b5cbb0501b7dcf468a9924cfd97bbe494d39	commit \| diff

xen-pciback: limit guest control of command register

Otherwise the guest can abuse that control to cause e.g. PCIe
Unsupported Request responses by disabling memory and/or I/O decoding
and subsequently causing (CPU side) accesses to the respective address
ranges, which (depending on system configuration) may be fatal to the
host.

Note that to alter any of the bits collected together as
PCI_COMMAND_GUEST permissive mode is now required to be enabled
globally or on the specific device.

This is CVE-2015-2150 / XSA-120.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: David Vrabel <david.vrabel@citrix.com>

drivers/xen/xen-pciback/conf_space.c		diff \| blob \| history
drivers/xen/xen-pciback/conf_space.h		diff \| blob \| history
drivers/xen/xen-pciback/conf_space_header.c		diff \| blob \| history