* [PATCH] Avoid null dereference in flask get_page_sid
@ 2010-09-08 16:21 Daniel De Graaf
0 siblings, 0 replies; only message in thread
From: Daniel De Graaf @ 2010-09-08 16:21 UTC (permalink / raw)
To: xen-devel
When booting Xen with flask enabled, dom0 memory specified to 1G,
and no policy loaded, I was able to produce a crash in get_page_sid.
The following patch appears to fix the issue, but I'm not sure if this
is the best response when given a page that does not have a label.
Xen call trace:
[<ffff82c48014e9e9>] get_page_sid+0x87/0x93
[<ffff82c48014eaea>] get_mfn_sid+0x56/0x6e
[<ffff82c48014f491>] flask_mmu_normal_update+0xbc/0xeb
[<ffff82c48017c099>] do_mmu_update+0x378/0x1927
[<ffff82c480113989>] do_multicall+0x29d/0x438
[<ffff82c480207cb2>] syscall_enter+0xf2/0x14c
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -345,7 +345,10 @@
default:
/*Pages are implicitly labeled by domain ownership!*/
dsec = d->ssid;
- *sid = dsec->sid;
+ if (dsec)
+ *sid = dsec->sid;
+ else
+ rc = -ENOENT;
break;
}
--
Daniel De Graaf
National Security Agency
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2010-09-08 16:21 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-09-08 16:21 [PATCH] Avoid null dereference in flask get_page_sid Daniel De Graaf
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.