| commit | b0ac694fdb9113b973048ebe5619927e74965f61 | |
| author | Stefano Stabellini <sstabellini@kernel.org> | |
| Tue, 27 Jun 2017 21:45:34 +0000 (27 14:45 -0700) | ||
| committer | Stefano Stabellini <sstabellini@kernel.org> | |
| Tue, 27 Jun 2017 21:45:34 +0000 (27 14:45 -0700) | ||
| tree | 1cb8cb236d78e1d5395206fbd3fae78f99043a2a | treesnapshot (tar.gz zip) |
| parent | 577caa2672ccde7352fda3ef17e44993de862f0e | commitdiff |
xen/disk: don't leak stack data via response ring
Rather than constructing a local structure instance on the stack, fill
the fields directly on the shared ring, just like other (Linux)
backends do. Build on the fact that all response structure flavors are
actually identical (aside from alignment and padding at the end).
This is XSA-216.
Reported by: Anthony Perard <anthony.perard@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
Rather than constructing a local structure instance on the stack, fill
the fields directly on the shared ring, just like other (Linux)
backends do. Build on the fact that all response structure flavors are
actually identical (aside from alignment and padding at the end).
This is XSA-216.
Reported by: Anthony Perard <anthony.perard@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
| hw/block/xen_disk.c | diffblobblamehistory |