xen/netfront: don't use gnttab_query_foreign_access() for mapped status - linux-dev - Linux kernel development work

diff options

author	Juergen Gross <jgross@suse.com>	2022-03-07 09:48:54 +0100
committer	Juergen Gross <jgross@suse.com>	2022-03-07 09:48:54 +0100
commit	31185df7e2b1d2fa1de4900247a12d7b9c7087eb (patch)
tree	da3daf6834b4aed5d6ea01feb1ec934a0488dc9b /tools/perf/scripts/python/export-to-sqlite.py
parent	xen/blkfront: don't use gnttab_query_foreign_access() for mapped status (diff)
download	linux-dev-31185df7e2b1d2fa1de4900247a12d7b9c7087eb.tar.xz linux-dev-31185df7e2b1d2fa1de4900247a12d7b9c7087eb.zip

xen/netfront: don't use gnttab_query_foreign_access() for mapped status

It isn't enough to check whether a grant is still being in use by calling gnttab_query_foreign_access(), as a mapping could be realized by the other side just after having called that function. In case the call was done in preparation of revoking a grant it is better to do so via gnttab_end_foreign_access_ref() and check the success of that operation instead. This is CVE-2022-23037 / part of XSA-396. Reported-by: Demi Marie Obenour <demi@invisiblethingslab.com> Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> --- V2: - use gnttab_try_end_foreign_access() V3: - don't use gnttab_try_end_foreign_access()

Diffstat (limited to 'tools/perf/scripts/python/export-to-sqlite.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: