[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 0/2] Xen/mem_event: Do not rely on the toolstack being bug-free

Xen performs insufficient validation of the contents of mem_event responses
from the toolstack.  As a result, a buggy toolstack could cause Xen to walk
off the end of a domain's vcpu list, and get out of sync with vcpu pause
reference counts.

These two fixes are compile tested only, as I have no way to plausibly test
the mem-event functionality itself.

Andrew Cooper (2):
  Xen/mem_event: Validate the response vcpu_id before acting on it.
  Xen/mem_event: Prevent underflow of vcpu pause counts

 xen/arch/x86/hvm/hvm.c          |    2 +-
 xen/arch/x86/mm/mem_event.c     |   14 ++++++++++++++
 xen/arch/x86/mm/mem_sharing.c   |   13 +++++++++++--
 xen/arch/x86/mm/p2m.c           |   26 ++++++++++++++++++++++----
 xen/include/asm-x86/mem_event.h |    3 +++
 xen/include/xen/sched.h         |    2 ++
 6 files changed, 53 insertions(+), 7 deletions(-)

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.