RE: [Xen-devel] [PATCH] Protect Xen against accessing NULL-pointer triggered by Xenoprof Hypercall in dom0

["Santos, Jose Renato G" <joserenato.santos@xxxxxx>]

Thanks Xiaowei
Yes, that makes sense.
I guess it is good to prevent dom0 misbehavior to crash the system.
The patch looks good to me

Thanks

Renato
 

> -----Original Message-----
> From: Yang, Xiaowei [mailto:xiaowei.yang@xxxxxxxxx] 
> Sent: Wednesday, January 21, 2009 4:50 PM
> To: Santos, Jose Renato G
> Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
> Subject: Re: [Xen-devel] [PATCH] Protect Xen against 
> accessing NULL-pointer triggered by Xenoprof Hypercall in dom0
> 
> Santos, Jose Renato G wrote:
> > Xiaowei,
> > 
> > Could you please clarify what is the NULL pointer problem 
> that you want to prevent with this patch?
> > Thanks
> > 
> Oh, let me put more details. For late coming CPUs that 
> Xenoprof doesn't support yet, pointers cpu_type and model 
> could be unassigned at init time and remains as NULL. However 
> almost all Xenoprof internal functions doesn't check it 
> before using. If the hyercall handler doesn't take care of 
> it, dom0 could exploit it (e.g. XENOPROF_reserve_counters) to 
> trigger Xen NULL-pointer access.
> 
> Thanks,
> Xiaowei
> 
> > Renato
> > 
> >> -----Original Message-----
> >> From: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
> >> [mailto:xen-devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Yang, 
> >> Xiaowei
> >> Sent: Tuesday, January 20, 2009 8:28 PM
> >> To: xen-devel@xxxxxxxxxxxxxxxxxxx
> >> Subject: [Xen-devel] [PATCH] Protect Xen against accessing 
> >> NULL-pointer triggered by Xenoprof Hypercall in dom0
> >>
> >> Xenoprof Hypercall in dom0 could trigger Xen accessing 
> NULL-pointer 
> >> and results in fatal page fault. The patch prevents it.
> >>
> >> Signed-off-by: Xiaowei Yang <xiaowei.yang@xxxxxxxxx>
> >>
> >> Thanks,
> >> Xiaowei
> >>
> >>
> 
> 
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel