linux/drivers/xen
Jan Beulich af6fc858a3 xen-pciback: limit guest control of command register
Otherwise the guest can abuse that control to cause e.g. PCIe
Unsupported Request responses by disabling memory and/or I/O decoding
and subsequently causing (CPU side) accesses to the respective address
ranges, which (depending on system configuration) may be fatal to the
host.

Note that to alter any of the bits collected together as
PCI_COMMAND_GUEST permissive mode is now required to be enabled
globally or on the specific device.

This is CVE-2015-2150 / XSA-120.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: David Vrabel <david.vrabel@citrix.com>
2015-03-11 14:34:40 +00:00
..
events xen/events: avoid NULL pointer dereference in dom0 on large machines 2015-03-06 13:16:32 +00:00
xen-pciback xen-pciback: limit guest control of command register 2015-03-11 14:34:40 +00:00
xenbus xenbus: Add proper handling of XS_ERROR from Xenbus for transactions. 2015-02-05 15:04:46 +00:00
xenfs xen: Convert printks to pr_<level> 2013-06-28 11:19:58 -04:00
acpi.c xen / ACPI: notify xen when reduced hardware sleep is available 2013-07-31 14:22:35 +02:00
balloon.c xen: remove scratch frames for ballooned pages and m2p override 2015-01-28 14:03:10 +00:00
biomerge.c
cpu_hotplug.c xen: Convert printks to pr_<level> 2013-06-28 11:19:58 -04:00
dbgp.c xen: Use dev_is_pci() to check whether it is pci device 2014-01-07 09:53:33 -05:00
efi.c efi: dmi: add support for SMBIOS 3.0 UEFI configuration table 2014-11-05 09:03:16 +01:00
evtchn.c xen/evtchn: support more than 4096 ports 2014-01-06 10:07:50 -05:00
fallback.c xen-pciback: notify hypervisor about devices intended to be assigned to guests 2013-03-22 10:20:55 -04:00
features.c
gntalloc.c xen/gntalloc: safely delete grefs in add_grefs() undo path 2014-09-04 13:14:05 +01:00
gntdev.c xen/gntdev: provide find_special_page VMA operation 2015-01-28 14:04:58 +00:00
grant-table.c xen/grant-table: add a mechanism to safely unmap pages that are in use 2015-01-28 14:03:14 +00:00
Kconfig xen-scsiback: Add Xen PV SCSI backend driver 2014-09-23 13:36:19 +00:00
Makefile x86/xen: allow privcmd hypercalls to be preempted 2015-02-23 16:30:24 +00:00
manage.c xen/manage: Fix USB interaction issues when resuming 2015-02-06 15:49:09 +00:00
mcelog.c xen: Convert printks to pr_<level> 2013-06-28 11:19:58 -04:00
pci.c xen/pci: Allocate memory for physdev_pci_device_add's optarr 2014-10-23 16:24:02 +01:00
pcpu.c drivers: xen: Include appropriate header file in pcpu.c 2014-02-28 15:26:08 -05:00
platform-pci.c drivers: xen: Mark function as static in platform-pci.c 2014-02-28 15:26:04 -05:00
preempt.c x86/xen: allow privcmd hypercalls to be preempted 2015-02-23 16:30:24 +00:00
privcmd.c x86/xen: allow privcmd hypercalls to be preempted 2015-02-23 16:30:24 +00:00
privcmd.h
swiotlb-xen.c Revert "swiotlb-xen: pass dev_addr to swiotlb_tbl_unmap_single" 2014-12-10 14:58:35 +00:00
sys-hypervisor.c xen: sysfs: fix build warning. 2012-10-19 15:17:51 -04:00
tmem.c xen/tmem: mark xen_tmem_init() __init 2015-01-23 11:55:24 +00:00
xen-acpi-cpuhotplug.c ACPI: Drop acpi_evaluate_hotplug_ost() and ACPI_HOTPLUG_OST 2014-02-22 00:50:49 +01:00
xen-acpi-memhotplug.c ACPICA: Resources: Provide common part for struct acpi_resource_address structures. 2015-01-26 16:09:56 +01:00
xen-acpi-pad.c ACPI / PAD / xen: use acpi_evaluate_ost() to replace open-coded version 2014-02-21 00:27:47 +01:00
xen-acpi-processor.c xen-acpi-processor: Don't display errors when we get -ENOSYS 2014-05-23 12:34:00 -04:00
xen-balloon.c xen: Convert printks to pr_<level> 2013-06-28 11:19:58 -04:00
xen-scsiback.c xen-scsiback: mark pvscsi frontend request consumed only after last read 2015-02-23 16:30:25 +00:00
xen-selfballoon.c drivers:xen-selfballoon:reset 'frontswap_inertia_counter' after frontswap_shrink 2014-02-28 15:26:12 -05:00
xen-stub.c xen/acpi: remove redundant acpi/acpi_drivers.h include 2013-03-11 13:53:02 -04:00