Xen project Mailing List

Re: [Xen-devel] [PATCH v2] x86/hvm/viridian: save APIC assist vector

To: Jan Beulich <JBeulich@xxxxxxxx>

From: Paul Durrant <Paul.Durrant@xxxxxxxxxx>

Date: Wed, 30 Mar 2016 08:23:09 +0000

Accept-language: en-GB, en-US

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Wed, 30 Mar 2016 08:23:44 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Thread-index: AQHRiZ8fcnz2TFgpzkO569sTBxww7J9xY0kAgABD/zA=

Thread-topic: [PATCH v2] x86/hvm/viridian: save APIC assist vector

> -----Original Message----- > From: Jan Beulich [mailto:JBeulich@xxxxxxxx] > Sent: 30 March 2016 07:19 > To: Paul Durrant > Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx > Subject: Re: [PATCH v2] x86/hvm/viridian: save APIC assist vector > > >>> On 29.03.16 at 11:30, <paul.durrant@xxxxxxxxxx> wrote: > > @@ -806,7 +808,8 @@ static int viridian_save_vcpu_ctxt(struct domain *d, > hvm_domain_context_t *h) > > for_each_vcpu( d, v ) { > > struct hvm_viridian_vcpu_context ctxt; > > > > - ctxt.apic_assist = v->arch.hvm_vcpu.viridian.apic_assist.msr.raw; > > + ctxt.apic_assist_msr = > > v->arch.hvm_vcpu.viridian.apic_assist.msr.raw; > > + ctxt.apic_assist_vector = v- > >arch.hvm_vcpu.viridian.apic_assist.vector; > > > > if ( hvm_save_entry(VIRIDIAN_VCPU, v->vcpu_id, h, &ctxt) != 0 ) > > return 1; > > While this went in already, I'm afraid there's further work needed: > There's an information leak here (since the padding field doesn't get > zeroed), and ... > Yes, sorry I didn't notice that the struct was not zeroed out before writing to it. > > @@ -829,13 +832,15 @@ static int viridian_load_vcpu_ctxt(struct domain > *d, hvm_domain_context_t *h) > > return -EINVAL; > > } > > > > - if ( hvm_load_entry(VIRIDIAN_VCPU, h, &ctxt) != 0 ) > > + if ( hvm_load_entry_zeroextend(VIRIDIAN_VCPU, h, &ctxt) != 0 ) > > return -EINVAL; > > > > - v->arch.hvm_vcpu.viridian.apic_assist.msr.raw = ctxt.apic_assist; > > + v->arch.hvm_vcpu.viridian.apic_assist.msr.raw = ctxt.apic_assist_msr; > > if ( v->arch.hvm_vcpu.viridian.apic_assist.msr.fields.enabled ) > > initialize_apic_assist(v); > > > > + v->arch.hvm_vcpu.viridian.apic_assist.vector = ctxt.apic_assist_vector; > > + > > return 0; > > } > > ... the padding field doesn't get checked to be zero here, > preventing us from later on assigning meaning to any parts of it. > Ok. I'll add that. Paul > Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.