[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] x86: add sanity check and comments for vMCE injection


  • To: xen-changelog@xxxxxxxxxxxxxxxxxxx
  • From: Xen patchbot-unstable <patchbot@xxxxxxx>
  • Date: Fri, 05 Oct 2012 21:44:08 +0000
  • Delivery-date: Fri, 05 Oct 2012 21:44:18 +0000
  • List-id: "Change log for Mercurial \(receive only\)" <xen-changelog.lists.xen.org>

# HG changeset patch
# User Liu, Jinsong <jinsong.liu@xxxxxxxxx>
# Date 1349440221 -7200
# Node ID 993768a9e9c23c3df8da24c747def31469cd1eff
# Parent  032de7030d2035efa4bb69dba9289fef89d134a1
x86: add sanity check and comments for vMCE injection

Add sanity check for input vcpu so that malicious value would not
return 0. Add comments since vcpu=-1 (broadcast) is some implicit to
code reader.

Signed-off-by: Liu, Jinsong <jinsong.liu@xxxxxxxxx>
Suggested-by: Christoph Egger <Christoph.Egger@xxxxxxx>
Acked-by: Christoph Egger <Christoph.Egger@xxxxxxx>
Committed-by: Jan Beulich <jbeulich@xxxxxxxx>
---


diff -r 032de7030d20 -r 993768a9e9c2 xen/arch/x86/cpu/mcheck/mce_intel.c
--- a/xen/arch/x86/cpu/mcheck/mce_intel.c       Thu Oct 04 17:11:25 2012 +0200
+++ b/xen/arch/x86/cpu/mcheck/mce_intel.c       Fri Oct 05 14:30:21 2012 +0200
@@ -360,7 +360,7 @@ static void intel_memerr_dhandler(
                 }
 
                 /* We will inject vMCE to DOMU*/
-                if ( inject_vmce(d, -1) < 0 )
+                if ( inject_vmce(d, VMCE_INJECT_BROADCAST) < 0 )
                 {
                     mce_printk(MCE_QUIET, "inject vMCE to DOM%d"
                       " failed\n", d->domain_id);
diff -r 032de7030d20 -r 993768a9e9c2 xen/arch/x86/cpu/mcheck/vmce.c
--- a/xen/arch/x86/cpu/mcheck/vmce.c    Thu Oct 04 17:11:25 2012 +0200
+++ b/xen/arch/x86/cpu/mcheck/vmce.c    Fri Oct 05 14:30:21 2012 +0200
@@ -341,14 +341,20 @@ HVM_REGISTER_SAVE_RESTORE(VMCE_VCPU, vmc
 /*
  * for Intel MCE, broadcast vMCE to all vcpus
  * for AMD MCE, only inject vMCE to vcpu0
+ *
+ * @ d, domain to which would inject vmce
+ * @ vcpu,
+ *   -1 (VMCE_INJECT_BROADCAST), broadcast vMCE to all vcpus
+ *   >= 0, vcpu, the vMCE is injected to
  */
 int inject_vmce(struct domain *d, int vcpu)
 {
     struct vcpu *v;
+    int ret = -ESRCH;
 
     for_each_vcpu ( d, v )
     {
-        if ( vcpu >= 0 && v->vcpu_id != vcpu )
+        if ( vcpu != VMCE_INJECT_BROADCAST && vcpu != v->vcpu_id )
             continue;
 
         if ( (is_hvm_domain(d) ||
@@ -358,19 +364,21 @@ int inject_vmce(struct domain *d, int vc
             mce_printk(MCE_VERBOSE, "MCE: inject vMCE to d%d:v%d\n",
                        d->domain_id, v->vcpu_id);
             vcpu_kick(v);
+            ret = 0;
         }
         else
         {
             mce_printk(MCE_QUIET, "Failed to inject vMCE to d%d:v%d\n",
                        d->domain_id, v->vcpu_id);
-            return -EBUSY;
+            ret = -EBUSY;
+            break;
         }
 
-        if ( vcpu >= 0 )
-            return 0;
+        if ( vcpu != VMCE_INJECT_BROADCAST )
+            break;
     }
 
-    return v ? -ESRCH : 0;
+    return ret;
 }
 
 int fill_vmsr_data(struct mcinfo_bank *mc_bank, struct domain *d,
diff -r 032de7030d20 -r 993768a9e9c2 xen/arch/x86/cpu/mcheck/vmce.h
--- a/xen/arch/x86/cpu/mcheck/vmce.h    Thu Oct 04 17:11:25 2012 +0200
+++ b/xen/arch/x86/cpu/mcheck/vmce.h    Fri Oct 05 14:30:21 2012 +0200
@@ -18,6 +18,8 @@ int vmce_amd_wrmsr(struct vcpu *, uint32
 
 int fill_vmsr_data(struct mcinfo_bank *mc_bank, struct domain *d,
     uint64_t gstatus);
+
+#define VMCE_INJECT_BROADCAST (-1)
 int inject_vmce(struct domain *d, int vcpu);
 
 #endif

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.