|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH for 4.5] xen/arm: p2m: Fix crash when p2m_lookup is used with an invalid IPA
On Sat, 2014-10-18 at 20:25 +0100, Julien Grall wrote: > Since the commit 58f0fd8 "xen: arm: handle variable p2m levels in p2m_lookup", > Xen checks that the root_table offset is valid. If not, its unlock the p2m > spinlock before returning an error. But, at this time, the lock has not been > taken. > > On Xen built with debug=y, we can get the following stack trace if the guest > use an invalid IPA in hypercall or mess-up the grant-table: > > (XEN) Assertion '_raw_spin_is_locked(lock)' failed at > xen/include/asm/arm32/spinlock.h:22 > ... > (XEN) [<0022d1bc>] _spin_unlock+0x2c/0x50 (PC) > (XEN) [<00253264>] p2m_lookup+0x20c/0x230 (LR) > (XEN) [<7ffdfd54>] 7ffdfd54 > (XEN) [<002539f4>] gmfn_to_mfn+0x24/0x3c > (XEN) [<0020e4d4>] __get_paged_frame+0x30/0x12c > (XEN) [<00210680>] __acquire_grant_for_copy+0x4e0/0x768 > (XEN) [<00212030>] do_grant_table_op+0x13a0/0x2534 > (XEN) [<00257b10>] do_trap_hypervisor+0xe10/0x1148 > (XEN) [<0025b330>] return_from_trap+0/0x4 > > Signed-off-by: Julien Grall <julien.grall@xxxxxxxxxx> acked + applied, thanks. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |