[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] arm: implement hypercall continuations



On Fri, 2012-07-20 at 14:28 +0100, Stefano Stabellini wrote:
> On Fri, 20 Jul 2012, Ian Campbell wrote:
> > > > +        for ( i = 0; *p != '\0'; i++ )
> > > > +        {
> > > > +            arg = next_arg(p, args);
> > > > +
> > > > +            switch ( i )
> > > > +            {
> > > > +            case 0: regs->r0 = arg;       break;
> > > 
> > > wrong alignment
> > 
> > I had rc = arg and lined it up then chaned it back without realigning,
> > thanks for pointing it out.
> > 
> > > > @@ -462,17 +469,18 @@ static void do_debug_trap(struct cpu_user_regs 
> > > > *regs, unsigned int code)
> > > >  
> > > >  static void do_trap_hypercall(struct cpu_user_regs *regs, unsigned 
> > > > long iss)
> > > >  {
> > > > -    arm_hypercall_t *call = NULL;
> > > > +    arm_hypercall_fn_t call = NULL;
> > > >  
> > > >      if ( iss != XEN_HYPERCALL_TAG )
> > > > +        domain_crash_synchronous();
> > > 
> > > Why did you change the behavior of the iss != XEN_HYPERCALL_TAG case?
> > 
> > I just noticed it while adding the bounds check. A guest which makes a
> > hypercall with the wrong tag is either malicious or about to fail
> > horribly, there's no reason to allow them to keep living.
> 
> I don't think so: it could just be a misconfigured guest, trying to
> initialize KVM support before Xen.

Or it could be some other guest doing something else entirely, which
we've never heard of and with a different semantics for ENOSYS type
return values etc.

It is clearly bogus for a guest to be making a KVM hypercall on Xen (and
vice versa). We should provide a reliable way to detect the exact
hypervisor and enforce its use.

Ian.


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.