[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] X86 MCE: Prevent malicious guest access broken page again

# HG changeset patch
# User Keir Fraser <keir@xxxxxxx>
# Date 1317413803 -3600
# Node ID 2215d7d7382617adbe97831fe35752a027917d1d
# Parent  d568e2313fd6f055b66a6c3cb2bca6372b77692e
X86 MCE: Prevent malicious guest access broken page again

To avoid recursive mce.

Signed-off-by: Liu, Jinsong <jinsong.liu@xxxxxxxxx>
Committed-by: Keir Fraser <keir@xxxxxxx>
---


diff -r d568e2313fd6 -r 2215d7d73826 xen/arch/x86/cpu/mcheck/mce_intel.c
--- a/xen/arch/x86/cpu/mcheck/mce_intel.c       Fri Sep 30 21:15:21 2011 +0100
+++ b/xen/arch/x86/cpu/mcheck/mce_intel.c       Fri Sep 30 21:16:43 2011 +0100
@@ -657,6 +657,8 @@
     /* This is free page */
     if (status & PG_OFFLINE_OFFLINED)
         *result = MCER_RECOVERED;
+    else if (status & PG_OFFLINE_AGAIN)
+        *result = MCER_CONTINUE;
     else if (status & PG_OFFLINE_PENDING) {
         /* This page has owner */
         if (status & PG_OFFLINE_OWNED) {
diff -r d568e2313fd6 -r 2215d7d73826 xen/common/page_alloc.c
--- a/xen/common/page_alloc.c   Fri Sep 30 21:15:21 2011 +0100
+++ b/xen/common/page_alloc.c   Fri Sep 30 21:16:43 2011 +0100
@@ -38,6 +38,7 @@
 #include <xen/tmem.h>
 #include <xen/tmem_xen.h>
 #include <public/sysctl.h>
+#include <public/sched.h>
 #include <asm/page.h>
 #include <asm/numa.h>
 #include <asm/flushtlb.h>
@@ -708,6 +709,19 @@
         return -EINVAL;
     }
 
+    /*
+     * NB. When broken page belong to guest, usually hypervisor will
+     * notify the guest to handle the broken page. However, hypervisor
+     * need to prevent malicious guest access the broken page again.
+     * Under such case, hypervisor shutdown guest, preventing recursive mce.
+     */
+    if ( (pg->count_info & PGC_broken) && (owner = page_get_owner(pg)) )
+    {
+        *status = PG_OFFLINE_AGAIN;
+        domain_shutdown(owner, SHUTDOWN_crash);
+        return 0;
+    }
+
     spin_lock(&heap_lock);
 
     old_info = mark_page_offline(pg, broken);
diff -r d568e2313fd6 -r 2215d7d73826 xen/include/public/sysctl.h
--- a/xen/include/public/sysctl.h       Fri Sep 30 21:15:21 2011 +0100
+++ b/xen/include/public/sysctl.h       Fri Sep 30 21:16:43 2011 +0100
@@ -399,6 +399,7 @@
 #define PG_OFFLINE_OFFLINED  (0x1UL << 1)
 #define PG_OFFLINE_PENDING   (0x1UL << 2)
 #define PG_OFFLINE_FAILED    (0x1UL << 3)
+#define PG_OFFLINE_AGAIN     (0x1UL << 4)
 
 #define PG_ONLINE_FAILED     PG_OFFLINE_FAILED
 #define PG_ONLINE_ONLINED    PG_OFFLINE_OFFLINED

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.