|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v2] xen/arm: Correctly handle non-page aligned pointer in raw_copy_from_guest
On Tue, 2014-02-18 at 17:10 +0000, Ian Campbell wrote: > On Tue, 2014-02-18 at 16:56 +0000, Julien Grall wrote: > > The current implementation of raw_copy_guest helper may lead to data > > corruption > > and sometimes Xen crash when the guest virtual address is not aligned to > > PAGE_SIZE. > > > > When the total length is higher than a page, the length to read is badly > > compute with > > min(len, (unsigned)(PAGE_SIZE - offset)) > > > > As the offset is only computed one time per function, if the start address > > was > > not aligned to PAGE_SIZE, we can end up in same iteration: > > - to read accross page boundary => xen crash > > - read the previous page => data corruption > > > > This issue can be resolved by setting offset to 0 at the end of the first > > iteration. Indeed, after it, the virtual guest address is always aligned > > to PAGE_SIZE. > > > > Signed-off-by: Julien Grall <julien.grall@xxxxxxxxxx> > > Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> and applied. > > + /* > > + * After the first iteration, guest virtual address is correctly > > + * aligned to PAGE_SIZE. > > + */ > > I'd like to duplicate this comment in the other two places too -- if you > are OK with it I will do that as part of committing. I did this. Ian. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |