[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] VMX: don't allow PVH to reach handle_pio() or handle_mmio()



>>> On 06.12.14 at 02:50, <mukesh.rathor@xxxxxxxxxx> wrote:
> On Fri, 05 Dec 2014 14:06:53 +0000
> "Jan Beulich" <JBeulich@xxxxxxxx> wrote:
> 
>> PVH guests are not supposed to access I/O ports they weren't given
>> access to (there's nothing to handle emulation of such accesses).
>> 
>> Reported-by: Roger Pau MonnÃ<roger.pau@xxxxxxxxxx>
>> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
>> ---
>> Note: Only compile tested so far.
>> 
>> --- a/xen/arch/x86/hvm/vmx/vmx.c
>> +++ b/xen/arch/x86/hvm/vmx/vmx.c
>> @@ -3082,6 +3082,9 @@ void vmx_vmexit_handler(struct cpu_user_
>>      }
>>  
>>      case EXIT_REASON_IO_INSTRUCTION:
>> +        if ( unlikely(is_pvh_vcpu(v)) )
>> +            goto exit_and_crash;
>> +
>>          __vmread(EXIT_QUALIFICATION, &exit_qualification);
>>          if ( exit_qualification & 0x10 )
>>          {
> 
> Actually, handle_pio() will eventually reach handle_pvh_io() which
> would access check via admin_io_okay, so that path should be OK,
> right?

Ah, yes, at least that case was already taken care of.

Jan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.