[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH V4 20/24] xen/arm: io: Harden sign extension check


  • To: Oleksandr Tyshchenko <olekstysh@xxxxxxxxx>
  • From: Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • Date: Fri, 22 Jan 2021 10:15:08 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ghsbB059gqoJr2EJGr9y8U+7rOyvqEb3oAmRtxL4Uho=; b=S0yuIor3JPYqfwIqSumd6ji2NZlLEKxrlGBblB1eI9zcHN0IzQ7IC7p9h353rvziN/9ePmZriM/3fVq6JXIQBssU85AWnYrg1xNoUoP8P9zrJtQ+pvIPdKnDUK+HSP/Rbobl+e3JAQUdaNdct0jMMMeM5EIuKlV6DeAwdr6uSOztTSf58uAmxM/VtZHbQjfQWXl5slOTgDVnW1yqTYZ0E2mAMDTdaMFYSAEHyY0NuHLBRUI3Orpfe+5wCrysXYDHcGSTuQAPaob0prnKgIk1NACjauTCXi0zspnu0tHTZoZXKE4ePku4h/iXnXB1+pOsBH+Xbev6ht3q/NSRpNxqKw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VQZN2D8cNF+USVWYAyVfKTXTwGoFCgqZTs7w2Mt8+8w/RIaUFgOlGZ2WpUU7H51d8eYgsmexUAeFrJHhXuKENr1Q1C6rgEg37OyB5Q2CfcbH0/9xlsKOdQdvNBLQn8GtHyCwSJoc7Yfn6PVQow5inws6BDFJcAJIP9E/l9CMxZaBWpyTUhWIhh3JH45l1zkRlo/o6Q325cqX6P3jC7N9zqWGM0BBfrJZ+pLy900vXAg2Qa6lCJVK1HNNFOyKmBpBBs2s7n8Pp7jU5GiZGxhSWPBddsHMYNaB5TCeVO/AN0axlIVH7gPiAZl4epKK03S9qKYa54yYbmEhXlKnCJuIcA==
  • Authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=epam.com;
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Oleksandr Tyshchenko <Oleksandr_Tyshchenko@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Julien Grall <julien.grall@xxxxxxx>
  • Delivery-date: Fri, 22 Jan 2021 10:15:35 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHW6S1XhqmL2XksL0G2IwXoD8Dgg6ozfI+A
  • Thread-topic: [PATCH V4 20/24] xen/arm: io: Harden sign extension check

Hi Oleksandr,

Oleksandr Tyshchenko writes:

> From: Oleksandr Tyshchenko <oleksandr_tyshchenko@xxxxxxxx>
>
> In the ideal world we would never get an undefined behavior when
> propagating the sign bit since that bit can only be set for access
> size smaller than the register size (i.e byte/half-word for aarch32,
> byte/half-word/word for aarch64).
>
> In the real world we need to care for *possible* hardware bug such as
> advertising a sign extension for either 64-bit (or 32-bit) on Arm64
> (resp. Arm32).
>
> So harden a bit more the code to prevent undefined behavior when
> propagating the sign bit in case of buggy hardware.
>
> Signed-off-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@xxxxxxxx>
> CC: Julien Grall <julien.grall@xxxxxxx>

Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@xxxxxxxx>

>
> ---
> Please note, this is a split/cleanup/hardening of Julien's PoC:
> "Add support for Guest IO forwarding to a device emulator"
>
> Changes V3 -> V4:
>    - new patch
> ---
>  xen/include/asm-arm/traps.h | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/xen/include/asm-arm/traps.h b/xen/include/asm-arm/traps.h
> index e301c44..992d537 100644
> --- a/xen/include/asm-arm/traps.h
> +++ b/xen/include/asm-arm/traps.h
> @@ -93,7 +93,8 @@ static inline register_t sign_extend(const struct hsr_dabt 
> dabt, register_t r)
>       * Note that we expect the read handler to have zeroed the bits
>       * outside the requested access size.
>       */
> -    if ( dabt.sign && (r & (1UL << (size - 1))) )
> +    if ( dabt.sign && (size < sizeof(register_t) * 8) &&
> +         (r & (1UL << (size - 1))) )
>      {
>          /*
>           * We are relying on register_t using the same as


-- 
Volodymyr Babchuk at EPAM


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.