[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] x86/mcheck: do not blindly de-reference dom0 et al



Since machine checks and CMCIs can happen before Dom0 even gets
constructed, the handlers of these events have to avoid de-referencing
respective pointers without checking.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx>

--- 2010-02-09.orig/xen/arch/x86/cpu/mcheck/amd_nonfatal.c      2010-01-13 
18:58:11.000000000 +0100
+++ 2010-02-09/xen/arch/x86/cpu/mcheck/amd_nonfatal.c   2010-02-16 
12:08:51.000000000 +0100
@@ -84,12 +84,9 @@ static void mce_amd_checkregs(void *info
 {
        mctelem_cookie_t mctc;
        struct mca_summary bs;
-       unsigned int event_enabled;
 
        mctc = mcheck_mca_logout(MCA_POLLER, mca_allbanks, &bs, NULL);
 
-       event_enabled = guest_enabled_event(dom0->vcpu[0], VIRQ_MCA);
-
        if (bs.errcnt && mctc != NULL) {
                static uint64_t dumpcount = 0;
 
@@ -101,7 +98,7 @@ static void mce_amd_checkregs(void *info
                 * a simple-minded attempt to avoid spamming the console
                 * for corrected errors in early startup. */
 
-               if (event_enabled) {
+               if (dom0_vmce_enabled()) {
                        mctelem_commit(mctc);
                        send_guest_global_virq(dom0, VIRQ_MCA);
                } else if (++dumpcount >= 10) {
@@ -136,7 +133,7 @@ static void mce_amd_work_fn(void *data)
        on_each_cpu(mce_amd_checkregs, data, 1);
 
        if (adjust > 0) {
-               if (!guest_enabled_event(dom0->vcpu[0], VIRQ_MCA) ) {
+               if (!dom0_vmce_enabled()) {
                        /* Dom0 did not enable VIRQ_MCA, so Xen is reporting. */
                        printk("MCE: polling routine found correctable error. "
                                " Use mcelog to parse above error output.\n");
--- 2010-02-09.orig/xen/arch/x86/cpu/mcheck/mce.c       2010-02-09 
09:00:50.000000000 +0100
+++ 2010-02-09/xen/arch/x86/cpu/mcheck/mce.c    2010-02-16 12:17:29.000000000 
+0100
@@ -414,7 +414,7 @@ void mcheck_cmn_handler(struct cpu_user_
         * as terminal for any context.
         */
        ctx_xen = SEG_PL(regs->cs) == 0;
-       ctx_dom0 = !ctx_xen && (domid == dom0->domain_id);
+       ctx_dom0 = !ctx_xen && (domid == 0);
        ctx_domU = !ctx_xen && !ctx_dom0;
 
        xen_state_lost = bs.uc != 0 || (ctx_xen && (bs.pcc || !ripv)) ||
@@ -463,7 +463,8 @@ void mcheck_cmn_handler(struct cpu_user_
         * XXFM Could add some Solaris dom0 contract kill here?
         */
        if (dom0_state_lost) {
-               if (guest_has_trap_callback(dom0, 0, TRAP_machine_check)) {
+               if (dom0 && dom0->max_vcpus && dom0->vcpu[0] &&
+                   guest_has_trap_callback(dom0, 0, TRAP_machine_check)) {
                        dom_state = DOM0_TRAP;
                        send_guest_trap(dom0, 0, TRAP_machine_check);
                        /* XXFM case of return with !ripv ??? */
@@ -532,7 +533,7 @@ cmn_handler_done:
        if (bs.errcnt) {
                /* Not panicing, so forward telemetry to dom0 now if it
                 * is interested. */
-               if (guest_enabled_event(dom0->vcpu[0], VIRQ_MCA)) {
+               if (dom0_vmce_enabled()) {
                        if (mctc != NULL)
                                mctelem_commit(mctc);
                        send_guest_global_virq(dom0, VIRQ_MCA);
--- 2010-02-09.orig/xen/arch/x86/cpu/mcheck/mce.h       2010-02-03 
16:15:15.000000000 +0100
+++ 2010-02-09/xen/arch/x86/cpu/mcheck/mce.h    2010-02-16 12:32:26.000000000 
+0100
@@ -55,6 +55,8 @@ void mc_panic(char *s);
 void x86_mc_get_cpu_info(unsigned, uint32_t *, uint16_t *, uint16_t *,
                         uint32_t *, uint32_t *, uint32_t *, uint32_t *);
 
+#define dom0_vmce_enabled() (dom0 && dom0->max_vcpus && dom0->vcpu[0] \
+       && guest_enabled_event(dom0->vcpu[0], VIRQ_MCA))
 
 /* Register a handler for machine check exceptions. */
 typedef void (*x86_mce_vector_t)(struct cpu_user_regs *, long);
--- 2010-02-09.orig/xen/arch/x86/cpu/mcheck/mce_intel.c 2010-02-09 
09:16:49.000000000 +0100
+++ 2010-02-09/xen/arch/x86/cpu/mcheck/mce_intel.c      2010-02-16 
12:11:40.000000000 +0100
@@ -518,7 +518,7 @@ static void mce_softirq(void)
         }
 
         /* Step2: Send Log to DOM0 through vIRQ */
-        if (dom0 && guest_enabled_event(dom0->vcpu[0], VIRQ_MCA)) {
+        if (dom0_vmce_enabled()) {
             mce_printk(MCE_VERBOSE, "MCE: send MCE# to DOM0 through virq\n");
             send_guest_global_virq(dom0, VIRQ_MCA);
         }
@@ -863,7 +863,7 @@ static void cmci_discover(void)
         MCA_CMCI_HANDLER, __get_cpu_var(mce_banks_owned), &bs, NULL);
 
     if (bs.errcnt && mctc != NULL) {
-        if (guest_enabled_event(dom0->vcpu[0], VIRQ_MCA)) {
+        if (dom0_vmce_enabled()) {
             mctelem_commit(mctc);
             send_guest_global_virq(dom0, VIRQ_MCA);
         } else {
@@ -978,7 +978,7 @@ fastcall void smp_cmci_interrupt(struct 
         MCA_CMCI_HANDLER, __get_cpu_var(mce_banks_owned), &bs, NULL);
 
     if (bs.errcnt && mctc != NULL) {
-        if (guest_enabled_event(dom0->vcpu[0], VIRQ_MCA)) {
+        if (dom0_vmce_enabled()) {
             mctelem_commit(mctc);
             mce_printk(MCE_VERBOSE, "CMCI: send CMCI to DOM0 through virq\n");
             send_guest_global_virq(dom0, VIRQ_MCA);
--- 2010-02-09.orig/xen/arch/x86/cpu/mcheck/non-fatal.c 2010-01-13 
18:58:11.000000000 +0100
+++ 2010-02-09/xen/arch/x86/cpu/mcheck/non-fatal.c      2010-02-16 
12:09:10.000000000 +0100
@@ -53,7 +53,7 @@ static void mce_checkregs (void *info)
                 * for corrected errors in early startup.
                 */
 
-               if (guest_enabled_event(dom0->vcpu[0], VIRQ_MCA)) {
+               if (dom0_vmce_enabled()) {
                        mctelem_commit(mctc);
                        send_guest_global_virq(dom0, VIRQ_MCA);
                } else if (++dumpcount >= 10) {


Attachment: x86-mce-dom0-check.patch
Description: Text document

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.