[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] Fix cpumap setting before passing to XEN

To: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
From: Zhenzhong Duan <zhenzhong.duan@xxxxxxxxxx>
Date: Tue, 26 Apr 2016 11:54:32 +0800
Cc: Wei Liu <wei.liu2@xxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxx>
Delivery-date: Tue, 26 Apr 2016 03:55:12 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 2016/4/25 21:26, Ian Jackson wrote:

Konrad Rzeszutek Wilk writes ("Re: [Xen-devel] [PATCH] Fix cpumap setting before 
passing to XEN"):

On Wed, Apr 20, 2016 at 03:33:13PM +0100, Wei Liu wrote:

In principle I think having python binding and xl/libxl behave more or less
the same is the right direction. I'm a bit nervous about the change of
behaviour on the other hand.

Let's wait for a few more days to see if other people have any comment on
this.

Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> ?

Does this bug report mean that `xm vcpu-pin ... all' has never
worked properly ?  Can that really be the case ?

Xen 4.3 doesn't work, Xen 3.4 works.
I have no Xen 4.4 around to test that, but checked code, it will not.
Then I found below commit involved.

commit 41abbadef60e5fccdfd688579dd458f7f7887cf5
Author: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
Date:   Wed May 29 15:48:11 2013 +0100

    libxc: limit cpu values when setting vcpu affinity

    When support for pinning more than 64 cpus was added, check for cpu
    out-of-range values was removed. This can lead to subsequent
    out-of-bounds cpumap array accesses in case the cpu number is higher
    than the actual count.

    This patch returns the check.

    This is CVE-2013-2072 / XSA-56

    Signed-off-by: Petr Matousek <pmatouse@xxxxxxxxxx>


Also, xm exists in Xen 4.4 and earlier, only.  Xen 4.4 is no longer
supported upstream, so we would not apply this patch to Xen 4.4.  So
whatever we do, this is not going to fix any bug in `xm vcpu-pin' in
4.4.

The only impact is upper layer or the user need to pass a correct cpumapparam not beyond the real cpu map to avoid the error.But I am not clear if python binding is still used or will be removedjust as Xend.


This doesn't necessarily mean that I object to changing the behaviour
of the python xc module in still-supported Xen releases.  But I'm not
sure the reasoning behind the behaviour of the libxl bitmap functions
applies to the Python interface.

Zhenzhong Duan, are you using an out-of-tree copy of xm and xend ?

I am using xen-4.3.0-55.el6.47.33 which is Xen 4.3 variant

thanks
zduan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] Fix cpumap setting before passing to XEN
  - From: Wei Liu

References:
- [Xen-devel] [PATCH] Fix cpumap setting before passing to XEN
  - From: Zhenzhong Duan
- Re: [Xen-devel] [PATCH] Fix cpumap setting before passing to XEN
  - From: Wei Liu
- Re: [Xen-devel] [PATCH] Fix cpumap setting before passing to XEN
  - From: Zhenzhong Duan
- Re: [Xen-devel] [PATCH] Fix cpumap setting before passing to XEN
  - From: Wei Liu
- Re: [Xen-devel] [PATCH] Fix cpumap setting before passing to XEN
  - From: Konrad Rzeszutek Wilk
- Re: [Xen-devel] [PATCH] Fix cpumap setting before passing to XEN
  - From: Ian Jackson

Prev by Date: [Xen-devel] [xen-unstable test] 92720: trouble: blocked/broken/fail/pass
Next by Date: [Xen-devel] [PATCH] add info to p2m_pod_dump_data
Previous by thread: Re: [Xen-devel] [PATCH] Fix cpumap setting before passing to XEN
Next by thread: Re: [Xen-devel] [PATCH] Fix cpumap setting before passing to XEN
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.