[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] Fix boot crash on xsm/flask enabled builds when no policy module is present

On 08/26/2013 01:12 PM, Jan Beulich wrote:
On 26.08.13 at 12:03, Tomasz Wroblewski<tomasz.wroblewski@xxxxxxxxxx>  wrote:
Xen crashes on boot of xsm/flask enabled builds, if policy module is not
This seems to have worked on 4.1 at least.
Looking at the code (4.1.5) I can't see what would prevent the
same NULL pointer deref. Care to explain?
The crash doesn't happen at the NULL pointer dereference site though, but a bit later, when xen tries to flush tlbs for first time I believe, which happens during page allocation for the initial domain structure. I traced it to the following ASSERT in smp.c (so yes I should add this particular crash likely is limited to debug builds then)

void flush_area_mask(const cpumask_t *mask, const void *va, unsigned int flags)

The actual crash message is unhelpful since it's basically only

(XEN) Using scheduler: SMP Credit Scheduler (credit)
(XEN) Unknown interrupt (cr2=0000000000000000)

Either removing the assert (which is obviously bad), or checking for the null pointer deref as in the submitted patch seems to be fixing it. I'm suspecting it was always broken somehow but just was hidden or had different side effects on 4.1 than it does now. I do lack for a good explanation why fiddling with null addresses breaks up this assert, though.

Can be fixed by testing whether
is NULL before attempting to load from it - it's a global which is set to
non-NULL when
policy module is detected.

Signed-off-by: Tomasz Wroblewski<tomasz.wroblewski@xxxxxxxxxx>
  xen/xsm/flask/hooks.c |    3 ++-
  1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index fa0589a..cfa2929 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1585,7 +1585,8 @@ static __init int flask_init(void)
      if ( register_xsm(&flask_ops) )
          panic("Flask: Unable to register with XSM.\n");

-    ret = security_load_policy(policy_buffer, policy_size);
+    if ( policy_buffer )
+        ret = security_load_policy(policy_buffer, policy_size);
Question is whether policy_buffer == NULL really isn't supposed
to result in a -E... return value (as in fact flask initialization failed).


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.