[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH RFC] x86/traps: Improve hypervisor stack overflow detection



On 19/11/15 17:34, Andrew Cooper wrote:
> A sample Gentoo compliation of Xen contains
>
>     lea    -0x1058(%rsp),%rsp
>     orq    $0x0,(%rsp)
>     lea    0x1020(%rsp),%rsp
>
> Whatever the reason for silly code like this, it fools the current stack
> overflow detection logic in the #DF handler (which triggers reliably on the
> 'orq' instruction).
>
> Update the overflow condition to declare an overflow if %esp is anywhere
> within the guard page, rather than just within the upper 8th of the page.
>
> Additionally, check %esp against the expected stack base in all builds.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> ---
> CC: Jan Beulich <JBeulich@xxxxxxxx>
> CC: Atom2 <ariel.atom2@xxxxxxxxxx>
>
> Currently untested, therefore RFC
>
> Atom2: If you have a free moment, would you mind giving this patch a spin on a
> debug hypervisor?  I would expect it to top erroniously informing you that no
> overflow was detected
> ---

Another question is whether, given that the sample above moves the stack
by more than 4k, it would be wise to also guard the 4th currently-spare
page between the primary stack and IST stacks.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.