git.baikalelectronics.ru Git - kernel.git/commit

author	Jan Beulich <JBeulich@suse.com>
	Wed, 11 Mar 2015 13:51:17 +0000 (13:51 +0000)
committer	David Vrabel <david.vrabel@citrix.com>
	Wed, 11 Mar 2015 14:34:40 +0000 (14:34 +0000)
commit	7b6d874caa775c4ae7f4d57225d9a607bb06f313
tree	5c794dd0eaf6b82cb5b46a05de14f77b41bb7b8a	tree \| snapshot
parent	eae0985b09388b44a9acae998ef43e34e998c5c3	commit \| diff

xen-pciback: limit guest control of command register

Otherwise the guest can abuse that control to cause e.g. PCIe
Unsupported Request responses by disabling memory and/or I/O decoding
and subsequently causing (CPU side) accesses to the respective address
ranges, which (depending on system configuration) may be fatal to the
host.

Note that to alter any of the bits collected together as
PCI_COMMAND_GUEST permissive mode is now required to be enabled
globally or on the specific device.

This is CVE-2015-2150 / XSA-120.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: David Vrabel <david.vrabel@citrix.com>

drivers/xen/xen-pciback/conf_space.c		diff \| blob \| history
drivers/xen/xen-pciback/conf_space.h		diff \| blob \| history
drivers/xen/xen-pciback/conf_space_header.c		diff \| blob \| history