[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2] x86/viridian: Add Partition Reference Time enlightenment

To: "Paul Durrant" <paul.durrant@xxxxxxxxxx>, "Matt Wilson" <msw@xxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Mon, 13 Oct 2014 09:10:40 +0100
Cc: Keir Fraser <keir@xxxxxxx>, Ian Campbell <ian.campbell@xxxxxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>, Christoph Egger <chegger@xxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxx, Anthony Liguori <anthony@xxxxxxxxxxxxx>
Delivery-date: Mon, 13 Oct 2014 08:11:23 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 10.10.14 at 18:36, <msw@xxxxxxxxx> wrote:
> On Mon, Sep 29, 2014 at 11:28:44AM +0100, Paul Durrant wrote:
>> +    /*
>> +     * The guest will calculate reference time according to the following
>> +     * formula:
>> +     *
>> +     * ReferenceTime = ((RDTSC() * TscScale) >> 64) + TscOffset
>> +     *
>> +     * Windows uses a 100ns tick, so we need a scale which is cpu
>> +     * ticks per 100ns shifted left by 64.
>> +     */
>> +    p->TscScale = ((10000ul << 32) / d->arch.tsc_khz) << 32;
>> +
>> +    do {
>> +        p->TscSequence++;
>> +    } while ( p->TscSequence == 0xFFFFFFFF ||
>> +              p->TscSequence == 0 ); /* Avoid both 'invalid' values */
> 
> Anthony Liguori and I were looking this over today and he pointed
> something out: couldn't a second vCPU of the guest write 0 or
> 0xffffffff in a tight loop to cause a hypervisor DoS?

Yes, this is at least a theoretical issue that should be fixed. I don't
think it's a practical issue though: I'd expect the compiler to eliminate
the two reads of the field and instead directly use the result of the
increment.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v2] x86/viridian: Add Partition Reference Time enlightenment
  - From: Ian Campbell

References:
- Re: [Xen-devel] [PATCH v2] x86/viridian: Add Partition Reference Time enlightenment
  - From: Matt Wilson

Prev by Date: Re: [Xen-devel] [PATCH] arm32: fix build after 063188f4b3
Next by Date: [Xen-devel] [RESEND PATCH V3 0/3] x86: Full support of PAT
Previous by thread: Re: [Xen-devel] [PATCH v2] x86/viridian: Add Partition Reference Time enlightenment
Next by thread: Re: [Xen-devel] [PATCH v2] x86/viridian: Add Partition Reference Time enlightenment
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.