[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Xen-devel] do_iret bug in xen
- To: xen-devel@xxxxxxxxxxxxxxxxxxx
- From: "Ashish Bijlani" <ashish.bijlani@xxxxxxxxx>
- Date: Tue, 27 Nov 2007 13:59:15 -0500
- Delivery-date: Tue, 27 Nov 2007 10:59:50 -0800
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; bh=d1hp1zmm/cdF+GaicoYrUdwFs9+BdQymwoXIfc6nD0Y=; b=tb1EeeUJJPLBwmCGDzJSehS0Cd7MUuPC20qGSLGE8bYmtcceFjfQoDKv7g3BoddDr8VaV39eq/da/Ei3AAEU9lTmPi0XIrDGtakw77Ruwim9ykhLq08ry0igbBU4uNjYHwOMaKXf+7RhpJ77YQDr/Ln7EKCCYd+X07eEsvjW1K8=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=received:message-id:date:from:to:subject:mime-version:content-type; b=sK3jmZwcSl4Hh55dq53w1+EIC2aFbyaPVLlYXDctYukib6B0TypA2wBhfAFCDzj7tiDUw+Lc6TWufycXPUe5bY/gpb3oKuD+YnpSUR3Tu0RTMBxu0CgZtmyOq4vOU0VTaoSN6SATimKSsgcB5oC7Uthxds8yCEf3tUVjNq1Ygtw=
- List-id: Xen developer discussion <xen-devel.lists.xensource.com>
"do_iret" (slow iret via hyercall) can introduce a race condition as "current" can change during the execution of the function. all hypercalls run with "sti" on, so an interrupt on a processor causing the control to enter in "__enter_scheduler" after reading current can change the current process on that processor.
code excerpt
"
struct iret_context iret_saved;
struct vcpu *v = current;
if ( unlikely(copy_from_user(&iret_saved, (void *)regs->rsp,
sizeof(iret_saved))) )
{
"
Any thoughts on this?
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel