[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] VMX: don't allow PVH to reach handle_pio() or handle_mmio()
>>> On 06.12.14 at 02:50, <mukesh.rathor@xxxxxxxxxx> wrote: > On Fri, 05 Dec 2014 14:06:53 +0000 > "Jan Beulich" <JBeulich@xxxxxxxx> wrote: > >> PVH guests are not supposed to access I/O ports they weren't given >> access to (there's nothing to handle emulation of such accesses). >> >> Reported-by: Roger Pau MonnÃ<roger.pau@xxxxxxxxxx> >> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> >> --- >> Note: Only compile tested so far. >> >> --- a/xen/arch/x86/hvm/vmx/vmx.c >> +++ b/xen/arch/x86/hvm/vmx/vmx.c >> @@ -3082,6 +3082,9 @@ void vmx_vmexit_handler(struct cpu_user_ >> } >> >> case EXIT_REASON_IO_INSTRUCTION: >> + if ( unlikely(is_pvh_vcpu(v)) ) >> + goto exit_and_crash; >> + >> __vmread(EXIT_QUALIFICATION, &exit_qualification); >> if ( exit_qualification & 0x10 ) >> { > > Actually, handle_pio() will eventually reach handle_pvh_io() which > would access check via admin_io_okay, so that path should be OK, > right? Ah, yes, at least that case was already taken care of. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |