[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen-4.9-testing test] 125044: regressions - FAIL
flight 125044 xen-4.9-testing real [real] http://logs.test-lab.xenproject.org/osstest/logs/125044/ Regressions :-( Tests which did not succeed and are blocking, including tests which could not be run: test-amd64-i386-libvirt-xsm <job status> broken in 125005 test-amd64-amd64-xl-xsm <job status> broken in 125005 test-amd64-i386-qemuu-rhel6hvm-intel <job status> broken in 125005 test-amd64-i386-xl-qemut-ws16-amd64 <job status> broken in 125005 test-amd64-amd64-libvirt-xsm <job status> broken in 125005 test-amd64-i386-xl-qemut-ws16-amd64 15 guest-saverestore.2 fail REGR. vs. 124328 Tests which are failing intermittently (not blocking): test-amd64-i386-xl-qemut-ws16-amd64 4 host-install(4) broken in 125005 pass in 125044 test-amd64-i386-libvirt-xsm 4 host-install(4) broken in 125005 pass in 125044 test-amd64-amd64-libvirt-xsm 4 host-install(4) broken in 125005 pass in 125044 test-amd64-amd64-xl-xsm 4 host-install(4) broken in 125005 pass in 125044 test-amd64-i386-qemuu-rhel6hvm-intel 4 host-install(4) broken in 125005 pass in 125044 test-amd64-amd64-xl-qemuu-win7-amd64 13 guest-saverestore fail in 125005 pass in 125044 test-amd64-amd64-xl-qemut-ws16-amd64 14 guest-localmigrate fail in 125005 pass in 125044 test-armhf-armhf-xl-xsm 6 xen-install fail pass in 125005 test-amd64-i386-xl-qemuu-debianhvm-amd64-shadow 15 guest-saverestore.2 fail pass in 125005 Tests which did not succeed, but are not blocking: test-amd64-amd64-xl-qemut-win7-amd64 17 guest-stop fail blocked in 124328 test-amd64-i386-xl-qemuu-win7-amd64 18 guest-start/win.repeat fail in 125005 blocked in 124328 test-amd64-i386-xl-qemuu-ws16-amd64 17 guest-stop fail in 125005 like 124328 test-armhf-armhf-xl-xsm 13 migrate-support-check fail in 125005 never pass test-armhf-armhf-xl-xsm 14 saverestore-support-check fail in 125005 never pass test-amd64-amd64-xl-qemuu-ws16-amd64 14 guest-localmigrate fail like 124248 test-amd64-i386-xl-qemut-win7-amd64 17 guest-stop fail like 124248 test-amd64-i386-xl-qemuu-win7-amd64 16 guest-localmigrate/x10 fail like 124248 test-amd64-i386-xl-qemuu-ws16-amd64 16 guest-localmigrate/x10 fail like 124248 test-amd64-amd64-xl-qemuu-win7-amd64 16 guest-localmigrate/x10 fail like 124328 test-armhf-armhf-xl-rtds 16 guest-start/debian.repeat fail like 124328 test-amd64-amd64-xl-qemut-ws16-amd64 17 guest-stop fail like 124328 test-amd64-i386-libvirt-xsm 13 migrate-support-check fail never pass test-amd64-amd64-libvirt-xsm 13 migrate-support-check fail never pass test-amd64-i386-libvirt 13 migrate-support-check fail never pass test-arm64-arm64-xl-xsm 13 migrate-support-check fail never pass test-arm64-arm64-xl-xsm 14 saverestore-support-check fail never pass test-amd64-amd64-libvirt 13 migrate-support-check fail never pass test-arm64-arm64-xl 13 migrate-support-check fail never pass test-arm64-arm64-xl 14 saverestore-support-check fail never pass test-arm64-arm64-xl-credit2 13 migrate-support-check fail never pass test-arm64-arm64-xl-credit2 14 saverestore-support-check fail never pass test-amd64-amd64-libvirt-qemuu-debianhvm-amd64-xsm 11 migrate-support-check fail never pass test-amd64-i386-libvirt-qemuu-debianhvm-amd64-xsm 11 migrate-support-check fail never pass test-amd64-amd64-qemuu-nested-amd 17 debian-hvm-install/l1/l2 fail never pass test-amd64-amd64-libvirt-vhd 12 migrate-support-check fail never pass test-armhf-armhf-xl-rtds 13 migrate-support-check fail never pass test-armhf-armhf-xl-rtds 14 saverestore-support-check fail never pass test-armhf-armhf-xl-multivcpu 13 migrate-support-check fail never pass test-armhf-armhf-xl-multivcpu 14 saverestore-support-check fail never pass test-armhf-armhf-xl 13 migrate-support-check fail never pass test-armhf-armhf-xl 14 saverestore-support-check fail never pass test-armhf-armhf-libvirt-xsm 13 migrate-support-check fail never pass test-armhf-armhf-libvirt-xsm 14 saverestore-support-check fail never pass test-armhf-armhf-xl-cubietruck 13 migrate-support-check fail never pass test-armhf-armhf-xl-cubietruck 14 saverestore-support-check fail never pass test-armhf-armhf-libvirt-raw 12 migrate-support-check fail never pass test-armhf-armhf-libvirt-raw 13 saverestore-support-check fail never pass test-arm64-arm64-libvirt-xsm 13 migrate-support-check fail never pass test-arm64-arm64-libvirt-xsm 14 saverestore-support-check fail never pass test-armhf-armhf-xl-credit2 13 migrate-support-check fail never pass test-armhf-armhf-xl-credit2 14 saverestore-support-check fail never pass test-armhf-armhf-libvirt 13 migrate-support-check fail never pass test-armhf-armhf-libvirt 14 saverestore-support-check fail never pass test-armhf-armhf-xl-arndale 13 migrate-support-check fail never pass test-armhf-armhf-xl-arndale 14 saverestore-support-check fail never pass test-armhf-armhf-xl-vhd 12 migrate-support-check fail never pass test-armhf-armhf-xl-vhd 13 saverestore-support-check fail never pass test-amd64-amd64-xl-qemuu-win10-i386 10 windows-install fail never pass test-amd64-i386-xl-qemuu-win10-i386 10 windows-install fail never pass test-amd64-amd64-xl-qemut-win10-i386 10 windows-install fail never pass test-amd64-i386-xl-qemut-win10-i386 10 windows-install fail never pass version targeted for testing: xen 612ff3c145ed6f76ddb520e1d8c6a83a7ed89602 baseline version: xen 238007d6fae9447bf5e8e73d67ae9fb844e7ff2a Last test of basis 124328 2018-06-17 23:39:07 Z 22 days Failing since 124807 2018-06-28 17:38:04 Z 11 days 6 attempts Testing same since 125005 2018-07-06 01:48:45 Z 4 days 2 attempts ------------------------------------------------------------ People who touched revisions under test: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> Jan Beulich <jbeulich@xxxxxxxx> Juergen Gross <jgross@xxxxxxxx> Kevin Tian <kevin.tian@xxxxxxxxx> Paul Durrant <paul.durrant@xxxxxxxxxx> jobs: build-amd64-xsm pass build-arm64-xsm pass build-armhf-xsm pass build-i386-xsm pass build-amd64-xtf pass build-amd64 pass build-arm64 pass build-armhf pass build-i386 pass build-amd64-libvirt pass build-arm64-libvirt pass build-armhf-libvirt pass build-i386-libvirt pass build-amd64-prev pass build-i386-prev pass build-amd64-pvops pass build-arm64-pvops pass build-armhf-pvops pass build-i386-pvops pass build-amd64-rumprun pass build-i386-rumprun pass test-xtf-amd64-amd64-1 pass test-xtf-amd64-amd64-2 pass test-xtf-amd64-amd64-3 pass test-xtf-amd64-amd64-4 pass test-xtf-amd64-amd64-5 pass test-amd64-amd64-xl pass test-arm64-arm64-xl pass test-armhf-armhf-xl pass test-amd64-i386-xl pass test-amd64-amd64-xl-qemut-debianhvm-amd64-xsm pass test-amd64-i386-xl-qemut-debianhvm-amd64-xsm pass test-amd64-amd64-libvirt-qemuu-debianhvm-amd64-xsm pass test-amd64-i386-libvirt-qemuu-debianhvm-amd64-xsm pass test-amd64-amd64-xl-qemuu-debianhvm-amd64-xsm pass test-amd64-i386-xl-qemuu-debianhvm-amd64-xsm pass test-amd64-amd64-xl-qemut-stubdom-debianhvm-amd64-xsm pass test-amd64-i386-xl-qemut-stubdom-debianhvm-amd64-xsm pass test-amd64-amd64-libvirt-xsm pass test-arm64-arm64-libvirt-xsm pass test-armhf-armhf-libvirt-xsm pass test-amd64-i386-libvirt-xsm pass test-amd64-amd64-xl-xsm pass test-arm64-arm64-xl-xsm pass test-armhf-armhf-xl-xsm fail test-amd64-i386-xl-xsm pass test-amd64-amd64-qemuu-nested-amd fail test-amd64-i386-qemut-rhel6hvm-amd pass test-amd64-i386-qemuu-rhel6hvm-amd pass test-amd64-amd64-xl-qemut-debianhvm-amd64 pass test-amd64-i386-xl-qemut-debianhvm-amd64 pass test-amd64-amd64-xl-qemuu-debianhvm-amd64 pass test-amd64-i386-xl-qemuu-debianhvm-amd64 pass test-amd64-i386-freebsd10-amd64 pass test-amd64-amd64-xl-qemuu-ovmf-amd64 pass test-amd64-i386-xl-qemuu-ovmf-amd64 pass test-amd64-amd64-rumprun-amd64 pass test-amd64-amd64-xl-qemut-win7-amd64 fail test-amd64-i386-xl-qemut-win7-amd64 fail test-amd64-amd64-xl-qemuu-win7-amd64 fail test-amd64-i386-xl-qemuu-win7-amd64 fail test-amd64-amd64-xl-qemut-ws16-amd64 fail test-amd64-i386-xl-qemut-ws16-amd64 fail test-amd64-amd64-xl-qemuu-ws16-amd64 fail test-amd64-i386-xl-qemuu-ws16-amd64 fail test-armhf-armhf-xl-arndale pass test-amd64-amd64-xl-credit2 pass test-arm64-arm64-xl-credit2 pass test-armhf-armhf-xl-credit2 pass test-armhf-armhf-xl-cubietruck pass test-amd64-i386-freebsd10-i386 pass test-amd64-i386-rumprun-i386 pass test-amd64-amd64-xl-qemut-win10-i386 fail test-amd64-i386-xl-qemut-win10-i386 fail test-amd64-amd64-xl-qemuu-win10-i386 fail test-amd64-i386-xl-qemuu-win10-i386 fail test-amd64-amd64-qemuu-nested-intel pass test-amd64-i386-qemut-rhel6hvm-intel pass test-amd64-i386-qemuu-rhel6hvm-intel pass test-amd64-amd64-libvirt pass test-armhf-armhf-libvirt pass test-amd64-i386-libvirt pass test-amd64-amd64-livepatch pass test-amd64-i386-livepatch pass test-amd64-amd64-migrupgrade pass test-amd64-i386-migrupgrade pass test-amd64-amd64-xl-multivcpu pass test-armhf-armhf-xl-multivcpu pass test-amd64-amd64-pair pass test-amd64-i386-pair pass test-amd64-amd64-libvirt-pair pass test-amd64-i386-libvirt-pair pass test-amd64-amd64-amd64-pvgrub pass test-amd64-amd64-i386-pvgrub pass test-amd64-amd64-pygrub pass test-amd64-amd64-xl-qcow2 pass test-armhf-armhf-libvirt-raw pass test-amd64-i386-xl-raw pass test-amd64-amd64-xl-rtds pass test-armhf-armhf-xl-rtds fail test-amd64-amd64-xl-qemuu-debianhvm-amd64-shadow pass test-amd64-i386-xl-qemuu-debianhvm-amd64-shadow fail test-amd64-amd64-xl-shadow pass test-amd64-i386-xl-shadow pass test-amd64-amd64-libvirt-vhd pass test-armhf-armhf-xl-vhd pass ------------------------------------------------------------ sg-report-flight on osstest.test-lab.xenproject.org logs: /home/logs/logs images: /home/logs/images Logs, config files, etc. are available at http://logs.test-lab.xenproject.org/osstest/logs Explanation of these reports, and of osstest in general, is at http://xenbits.xen.org/gitweb/?p=osstest.git;a=blob;f=README.email;hb=master http://xenbits.xen.org/gitweb/?p=osstest.git;a=blob;f=README;hb=master Test harness code can be found at http://xenbits.xen.org/gitweb?p=osstest.git;a=summary broken-job test-amd64-i386-libvirt-xsm broken broken-job test-amd64-amd64-xl-xsm broken broken-job test-amd64-i386-qemuu-rhel6hvm-intel broken broken-job test-amd64-i386-xl-qemut-ws16-amd64 broken broken-job test-amd64-amd64-libvirt-xsm broken Not pushing. ------------------------------------------------------------ commit 612ff3c145ed6f76ddb520e1d8c6a83a7ed89602 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Wed Jul 4 12:37:36 2018 +0200 x86/EFI: further correct FPU state handling around runtime calls We must not leave a vCPU with CR0.TS clear when it is not in fully eager mode and has not touched non-lazy state. Instead of adding a 3rd invocation of stts() to vcpu_restore_fpu_eager(), consolidate all of them into a single one done at the end of the function. Rename the function at the same time to better reflect its purpose, as the patches touches all of its occurences anyway. The new function parameter is not really well named, but "need_stts_if_not_fully_eager" seemed excessive to me. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Paul Durrant <paul.durrant@xxxxxxxxxx> master commit: 23839a0fa0bbe78c174cd2bb49083e153f0f99df master date: 2018-06-26 15:23:08 +0200 commit 555ef370330456cf80dee95be5b0cd112c3dbe73 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Wed Jul 4 12:36:54 2018 +0200 x86/HVM: attempts to emulate FPU insns need to set fpu_initialised My original way of thinking here was that this would be set anyway at the point state gets reloaded after the adjustments hvmemul_put_fpu() does, but the flag should already be set before that - after all the guest may never again touch the FPU before e.g. getting migrated/saved. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Acked-by: Paul Durrant <paul.durrant@xxxxxxxxxx> master commit: 3310e3cd648f3713c824790bd71d8ec405a09d05 master date: 2018-06-26 08:41:08 +0200 commit e76d0f7c65d53ec6ed9b1fd8af9415efee1d14c1 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Wed Jul 4 12:36:25 2018 +0200 x86/EFI: fix FPU state handling around runtime calls There are two issues. First, the nonlazy xstates were never restored after returning from the runtime call. Secondly, with the fully_eager_fpu mitigation for XSA-267 / LazyFPU, the unilateral stts() is no longer correct, and hits an assertion later when a lazy state restore tries to occur for a fully eager vcpu. Fix both of these issues by calling vcpu_restore_fpu_eager(). As EFI runtime services can be used in the idle context, the idle assertion needs to move until after the fully_eager_fpu check. Introduce a "curr" local variable and replace other uses of "current" at the same time. Reported-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Tested-by: Juergen Gross <jgross@xxxxxxxx> master commit: 437211cb696515ee5bd5dae0ab72866c9f382a33 master date: 2018-06-21 11:35:46 +0200 commit 19f4f879d2c9bda5c052e47e80feadb09ccda4f0 Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Date: Wed Jul 4 12:35:54 2018 +0200 x86/VT-x: Fix printing of EFER in vmcs_dump_vcpu() This is essentially a "take 2" of c/s 82540b66ce "x86/VT-x: Fix determination of EFER.LMA in vmcs_dump_vcpu()" because in hindight, that change was more problematic than useful. The original reason was to fix the logic for determining when not to print the PDPTE pointers. However, mutating the efer variable (particularly LME and LMA) before printing it interferes with diagnosing vmentry failures. Instead of modifying efer, change the PDPTE conditional to use VM_ENTRY_IA32E_MODE. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Kevin Tian <kevin.tian@xxxxxxxxx> master commit: 35fcb982ea16c40619fee8bba4789a94d824521e master date: 2018-06-05 11:55:51 +0100 commit c4cb7d3b0b3e8b077057a2c13c539f80105c7337 Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Date: Wed Jul 4 12:35:16 2018 +0200 x86/traps: Fix error handling of the pv %dr7 shadow state c/s "x86/pv: Introduce and use x86emul_write_dr()" fixed a bug with IO shadow handling, in that it remained stale and visible until %dr7.L/G got set again. However, it neglected the -EPERM return inbetween these two hunks, introducing a different bug in which a write to %dr7 which tries to set IO breakpoints without %cr4.DE being set clobbers the IO state, rather than leaves it alone. Instead, move the zeroing slightly later, which guarentees that the shadow gets written exactly once, on a successful update to %dr7. Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> master commit: 237c31b5a1d5aa88cdb59b8c31b1b62eb13e82d1 master date: 2018-06-04 11:05:45 +0100 commit 8cdaac2d39e2c089255f878145c690ff1f3ec6f9 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Wed Jul 4 12:34:36 2018 +0200 x86/CPUID: don't override tool stack decision to hide STIBP Other than in the feature sets, where we indeed want to offer the feature even if not enumerated on hardware, we shouldn't dictate the feature being available if tool stack or host admin have decided to not expose it (for whatever [questionable?] reason). That feature set side override is sufficient to achieve the intended guest side safety property (in offering - by default - STIBP independent of actual availability in hardware). Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> master commit: 06f542f8f2e446c01bd0edab51e9450af7f6e05b master date: 2018-05-29 12:39:24 +0200 commit 7fbbedd1643ffaaac1d941101409ad9934206d9c Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Wed Jul 4 12:33:55 2018 +0200 x86: correct default_xen_spec_ctrl calculation Even with opt_msr_sc_{pv,hvm} both false we should set up the variable as usual, to ensure proper one-time setup during boot and CPU bringup. This then also brings the code in line with the comment immediately ahead of the printk() being modified saying "irrespective of guests". Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> master commit: d6239f64713df819278bf048446d3187c6ac4734 master date: 2018-05-29 12:38:52 +0200 commit 46863c67f1f2cdf1eac4b818b1b1f90ea648b5d7 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Wed Jul 4 12:32:57 2018 +0200 libxc/x86/PV: don't hand through CPUID leaf 0x80000008 as is Just like for HVM the feature set should be used for EBX output, while EAX should be restricted to the low 16 bits and ECX/EDX should be zero. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> master commit: 849cc9ac56eff8a8d575ed9f484aad72f383862c master date: 2018-05-29 10:51:02 +0100 commit 041844ba7a0436ca877c6fa2add214124ead382a Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Thu Jun 28 10:01:45 2018 +0200 x86: guard against #NM Just in case we still don't get CR0.TS handling right, prevent a host crash by honoring exception fixups in do_device_not_available(). This would in particular cover emulator stubs raising #NM. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> master commit: 00cebd6f22beb6d5fa65ed2d8d1ff9acf59bce61 master date: 2018-06-28 09:08:04 +0200 commit 0a9c2bdc2df12504b3d78edf04d99a15092d81d5 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Thu Jun 28 10:01:07 2018 +0200 x86/HVM: don't cause #NM to be raised in Xen The changes for XSA-267 did not touch management of CR0.TS for HVM guests. In fully eager mode this bit should never be set when respective vCPU-s are active, or else hvmemul_get_fpu() might leave it wrongly set, leading to #NM in hypervisor context. {svm,vmx}_enter() and {svm,vmx}_fpu_dirty_intercept() become unreachable this way. Explicit {svm,vmx}_fpu_leave() invocations need to be guarded now. With no CR0.TS management necessary in fully eager mode, there's also no need anymore to intercept #NM. Reported-by: Charles Arnold <carnold@xxxxxxxx> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> master commit: 488efc29e4e996bb3805c982200f65061390cdce master date: 2018-06-28 09:07:06 +0200 commit 5d92007ce6c1beb0d05e9752b71169a131f15b37 Author: Ian Jackson <ian.jackson@xxxxxxxxxxxxx> Date: Thu Jun 28 10:00:28 2018 +0200 libxl: restore passing "readonly=" to qemu for SCSI disks A read-only check was introduced for XSA-142, commit ef6cb76026 ("libxl: relax readonly check introduced by XSA-142 fix") added the passing of the extra setting, but commit dab0539568 ("Introduce COLO mode and refactor relevant function") dropped the passing of the setting again, quite likely due to improper re-basing. Restore the readonly= parameter to SCSI disks. For IDE disks this is supposed to be rejected; add an assert. And there is a bare ad-hoc disk drive string in libxl__build_device_model_args_new, which we also update. This is XSA-266. Reported-by: Andrew Reimers <andrew.reimers@xxxxxxxxxxx> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Signed-off-by: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> master commit: dd64d3c41a2d15139c3a35d22d4cb6b78f4c5c59 master date: 2018-06-28 09:05:06 +0200 commit c257e35a2eb1e9f465026dbbabd5bcb5153115b6 Author: Ian Jackson <ian.jackson@xxxxxxxxxxxxx> Date: Thu Jun 28 10:00:09 2018 +0200 libxl: qemu_disk_scsi_drive_string: Break out common parts of disk config The generated configurations are identical apart from, in some cases, reordering of the id=%s element. So, overall, no functional change. This is part of XSA-266. Reported-by: Andrew Reimers <andrew.reimers@xxxxxxxxxxx> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Signed-off-by: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> master commit: 724e5aa31b58d1e430ad36b484cf0ec021497399 master date: 2018-06-28 09:04:55 +0200 commit ad08a1bec4c35f2d203e2925fc7acb0cb89236b7 Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Date: Thu Jun 28 09:59:43 2018 +0200 x86: Refine checks in #DB handler for faulting conditions One of the fix for XSA-260 (c/s 75d6828bc2 "x86/traps: Fix handling of #DB exceptions in hypervisor context") added some safety checks to help avoid livelocks of #DB faults. While a General Detect #DB exception does have fault semantics, hardware clears %dr7.gd on entry to the handler, meaning that it is actually safe to return to. Furthermore, %dr6.gd is guest controlled and sticky (never cleared by hardware). A malicious PV guest can therefore trigger the fatal_trap() and crash Xen. Instruction breakpoints are more tricky. The breakpoint match bits in %dr6 are not sticky, but the Intel manual warns that they may be set for non-enabled breakpoints, so add a breakpoint enabled check. Beyond that, because of the restriction on the linear addresses PV guests can set, and the fault (rather than trap) nature of instruction breakpoints (i.e. can't be deferred by a MovSS shadow), there should be no way to encounter an instruction breakpoint in Xen context. However, for extra robustness, deal with this situation by clearing the breakpoint configuration, rather than crashing. This is XSA-265 Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> master commit: 17bf51297220dcd74da29de99320b6b1c72d1fa5 master date: 2018-06-28 09:04:20 +0200 commit c50b1f68ffb9b330d04031196bf1c3e8afc655d9 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Thu Jun 28 09:58:55 2018 +0200 x86/mm: don't bypass preemption checks While unlikely, it is not impossible for a multi-vCPU guest to leverage bypasses of preemption checks to drive Xen into an unbounded loop. This is XSA-264. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> master commit: 17608703c65bf080b0a9f024f9b370872b9f2c05 master date: 2018-06-28 09:03:09 +0200 (qemu changes not included) _______________________________________________ osstest-output mailing list osstest-output@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/osstest-output
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |