[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RFC PATCH V1 01/12] hvm/ioreq: Make x86's IOREQ feature common
- To: Julien Grall <julien@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
- From: Oleksandr <olekstysh@xxxxxxxxx>
- Date: Sun, 16 Aug 2020 22:37:07 +0300
- Cc: Kevin Tian <kevin.tian@xxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Paul Durrant <paul@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Oleksandr Tyshchenko <oleksandr_tyshchenko@xxxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
- Delivery-date: Sun, 16 Aug 2020 19:37:14 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 15.08.20 20:30, Julien Grall wrote:
Hi Oleksandr,
Hi Julien.
On 03/08/2020 19:21, Oleksandr Tyshchenko wrote:
+static int hvm_send_buffered_ioreq(struct hvm_ioreq_server *s,
ioreq_t *p)
+{
[...]
+ /* Canonicalize read/write pointers to prevent their overflow. */
+ while ( (s->bufioreq_handling == HVM_IOREQSRV_BUFIOREQ_ATOMIC) &&
+ qw++ < IOREQ_BUFFER_SLOT_NUM &&
+ pg->ptrs.read_pointer >= IOREQ_BUFFER_SLOT_NUM )
+ {
+ union bufioreq_pointers old = pg->ptrs, new;
+ unsigned int n = old.read_pointer / IOREQ_BUFFER_SLOT_NUM;
+
+ new.read_pointer = old.read_pointer - n *
IOREQ_BUFFER_SLOT_NUM;
+ new.write_pointer = old.write_pointer - n *
IOREQ_BUFFER_SLOT_NUM;
+ cmpxchg(&pg->ptrs.full, old.full, new.full);
While working on the implementation of cmpxchg(), I realized the
operation will happen on memory shared with a the emulator.
This will need to be switched to guest_cmpxchg64() to prevent a domain
to DoS Xen on Arm.
Got it. I will create a separate patch for that purpose.
--
Regards,
Oleksandr Tyshchenko
|
