[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] xen/memory: Reject out-of-range resource 'frame' values


  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Fri, 29 Jan 2021 09:32:53 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YP0PrijEjZrAJGSu1qsypr6VxfVsHpHFcUZgWvWCsxo=; b=BXjS46lRYHHdK9dXwpviwDixeDiNVGnVPAlmlOScNW2pFE9DVy6/3Z90Ivl8pJYqzFobaMSAhIR7t1RWijPcFUSErnD+h2b1tvZ+7BMZLA60n9MA87DIx8A62zqWLPmdkvmX4mAm0YxWbO0J0HnaCPNbT2NDCJZK8nq3BEhv4EaF7J8Pk1M/OhCavPJLXkOuWDnuxoGfV5i72wKUEJSKaIVH+VURMxYmsoEaA2/uxvAxdvNTtR/iCRi/Mcph9O70ZCTtXnAZsfp2Rnpdk8Zc+hY/UWbF8HhVlXJPV4+H2TvKd8ip1wrVqL72VGIhC0qJlcwV7wmPhoDA5WDXInP1tA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=e+E+Pz1pzUa13DMTg3TyKD6A6IfAASp2u32FHG/9D2TUwLZxcK72KF9V2ROH+svEOqade3mbB5M8l2ykdbTYcAbTPRA0G7bDlE5te1V6AH2c05l64QcbcFbuesfoFabmwbxWYeu/wBuOh2RYfAf3dgS1BvsXeKW8yp4U7wWjX/UimIK1gS3lk0F9O0/kZnkVrtF83a2nQaSLJrI/X4t4qL3ZJyb55Tf606xx7CbzLhvZ+QSzVy/wO64Pjk16BbmjMw/31gBipLVcLKX+Q2RdHc333Op81Z+OICWCWFgWq24ihGyqgTJ2dou0xGyw7VvgNJfZqubtyCzyS3eSpCieqg==
  • Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Paul Durrant <paul@xxxxxxx>, Oleksandr Tyshchenko <oleksandr_tyshchenko@xxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Fri, 29 Jan 2021 09:33:20 +0000
  • Ironport-sdr: lzQFdzk6i+j5a+oRnKKbHno4GQqhFy9s2NpfxQe/cZblAIoAdCWuGnXl/trDHfb4QcxqZHFZzd KZGJVqh9zKZSnONo3D9CHsQyd0f9WRfcccqgXQIC9Mkpqj0Xr8+e3DQDA48XZ3WaLms6LnUshG TA4WrbJvPpKo3bRb6KIom5DVcL1JPxMnOfRVWvA+tqjJPRknA+s2iwtYrc1Dj+Y1cML7TYHhUx epyiIb3U4mKURw7tmObRw35zG7m5H5hzB6txRmD3P/PuCSEgBZKaLEn6dxL1qVr4X8yz6j941c WO4=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 29/01/2021 09:15, Jan Beulich wrote:
> On 28.01.2021 17:06, Andrew Cooper wrote:
>> --- a/xen/common/memory.c
>> +++ b/xen/common/memory.c
>> @@ -1054,7 +1054,7 @@ static long xatp_permission_check(struct domain *d, 
>> unsigned int space)
>>  }
>>  
>>  static int acquire_grant_table(struct domain *d, unsigned int id,
>> -                               unsigned long frame,
>> +                               unsigned int frame,
>>                                 unsigned int nr_frames,
>>                                 xen_pfn_t mfn_list[])
>>  {
> Doesn't this want carrying forward into
> gnttab_get_{shared,status}_frame() as well? Of course further
> cleanup here can also be done at a later point, but it leaves
> things in a somewhat inconsistent state. I'd like to leave it
> up to you to commit with Paul's R-b as is, or extend the
> adjustments and then also add mine.

In the series, those functions are deleted by the next patch.

What's the likelihood that you'll choose to backport this?  I can extend
it if needs be.

>
>> --- a/xen/include/asm-x86/mm.h
>> +++ b/xen/include/asm-x86/mm.h
>> @@ -641,7 +641,7 @@ static inline bool arch_mfn_in_directmap(unsigned long 
>> mfn)
>>  }
>>  
>>  int arch_acquire_resource(struct domain *d, unsigned int type,
>> -                          unsigned int id, unsigned long frame,
>> +                          unsigned int id, unsigned int frame,
>>                            unsigned int nr_frames, xen_pfn_t mfn_list[]);
> Same here wrt hvm_get_ioreq_server_frame().

This one isn't.  I'll adjust.

~Andrew



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.