|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] x86/pv: Fill all Xen slots in init_guest_l4_table()
>>> On 29.08.17 at 12:24, <andrew.cooper3@xxxxxxxxxx> wrote:
> There is a bug when using highmem-start= where some L4 directmap slots are not
> audited in alloc_l4_table(), and not overwritten by init_guest_l4_table().
>
> As highmem_start is only available in debug builds of the hypervisor, this
> does not constitute a security issue.
>
> Ensure that init_guest_l4_table() writes to all of the Xen slots.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
albeit ...
> @@ -1604,9 +1608,19 @@ void init_guest_l4_table(l4_pgentry_t l4tab[], const
> struct domain *d,
> &idle_pg_table[ROOT_PAGETABLE_FIRST_XEN_SLOT],
> root_pgt_pv_xen_slots * sizeof(l4_pgentry_t));
> #ifndef NDEBUG
> - if ( l4e_get_intpte(split_l4e) )
> - l4tab[ROOT_PAGETABLE_FIRST_XEN_SLOT + root_pgt_pv_xen_slots] =
> - split_l4e;
> + if ( unlikely(root_pgt_pv_xen_slots < ROOT_PAGETABLE_PV_XEN_SLOTS) )
> + {
> + l4_pgentry_t *next = &l4tab[ROOT_PAGETABLE_FIRST_XEN_SLOT +
> + root_pgt_pv_xen_slots];
> +
> + if ( l4e_get_intpte(split_l4e) )
> + *next++ = split_l4e;
> +
> + memset(next, 0,
> + _p(&l4tab[ROOT_PAGETABLE_LAST_XEN_SLOT + 1]) - _p(next));
... these disguised casts. But all alternatives I can think of make the
code more difficult to read.
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |