[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen stable-4.5] xen/arm: vgic-v3: message in the emulation code should be rate-limited



commit 38a7be831c5d953fd4fb222bb2d72be56c6a7375
Author:     Julien Grall <julien.grall@xxxxxxxxxx>
AuthorDate: Mon Jan 19 14:01:09 2015 +0000
Commit:     Ian Campbell <ian.campbell@xxxxxxxxxx>
CommitDate: Thu Jan 29 15:57:18 2015 +0000

    xen/arm: vgic-v3: message in the emulation code should be rate-limited
    
    printk by default is not rate-limited by default. Therefore a malicious 
guest
    may be able to flood the Xen console.
    
    If we use gdprintk, unnecessary information will be printed such as the
    filename and the line. Instead use XENLOG_G_{ERR,DEBUG} combine with %pv.
    
    Also remove the vGICv3 prefix which is not neccessary and update some
    message which were wrong.
    
    This is XSA-118.
    
    Signed-off-by: Julien Grall <julien.grall@xxxxxxxxxx>
    Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
    (cherry picked from commit c96222cc6dbb285a4de8f25e3b8e284e212ef964)
---
 xen/arch/arm/vgic-v3.c |  109 +++++++++++++++++++++++++++---------------------
 1 files changed, 61 insertions(+), 48 deletions(-)

diff --git a/xen/arch/arm/vgic-v3.c b/xen/arch/arm/vgic-v3.c
index ff99e50..dc1a671 100644
--- a/xen/arch/arm/vgic-v3.c
+++ b/xen/arch/arm/vgic-v3.c
@@ -168,13 +168,14 @@ static int __vgic_v3_rdistr_rd_mmio_read(struct vcpu *v, 
mmio_info_t *info,
         /* Reserved0 */
         goto read_as_zero;
     default:
-        printk("vGICv3: vGICR: read r%d offset %#08x\n not found",
-               dabt.reg, gicr_reg);
+        printk(XENLOG_G_ERR
+               "%pv: vGICR: read r%d offset %#08x\n not found",
+               v, dabt.reg, gicr_reg);
         return 0;
     }
 bad_width:
-    printk("vGICv3: vGICR: bad read width %d r%d offset %#08x\n",
-           dabt.size, dabt.reg, gicr_reg);
+    printk(XENLOG_G_ERR "%pv vGICR: bad read width %d r%d offset %#08x\n",
+           v, dabt.size, dabt.reg, gicr_reg);
     domain_crash_synchronous();
     return 0;
 
@@ -244,12 +245,14 @@ static int __vgic_v3_rdistr_rd_mmio_write(struct vcpu *v, 
mmio_info_t *info,
         /* RO */
         goto write_ignore;
     default:
-        printk("vGICR: write r%d offset %#08x\n not found", dabt.reg, 
gicr_reg);
+        printk(XENLOG_G_ERR "%pv: vGICR: write r%d offset %#08x\n not found",
+               v, dabt.reg, gicr_reg);
         return 0;
     }
 bad_width:
-    printk("vGICR: bad write width %d r%d=%"PRIregister" offset %#08x\n",
-           dabt.size, dabt.reg, *r, gicr_reg);
+    printk(XENLOG_G_ERR
+          "%pv: vGICR: bad write width %d r%d=%"PRIregister" offset %#08x\n",
+          v, dabt.size, dabt.reg, *r, gicr_reg);
     domain_crash_synchronous();
     return 0;
 
@@ -345,15 +348,16 @@ static int __vgic_v3_distr_common_mmio_read(struct vcpu 
*v, mmio_info_t *info,
         vgic_unlock_rank(v, rank, flags);
         return 1;
     default:
-        printk("vGICv3: vGICD/vGICR: unhandled read r%d offset %#08x\n",
-               dabt.reg, reg);
+        printk(XENLOG_G_ERR
+               "%pv: vGICD/vGICR: unhandled read r%d offset %#08x\n",
+               v, dabt.reg, reg);
         return 0;
     }
 
 bad_width:
-    dprintk(XENLOG_ERR,
-            "vGICv3: vGICD/vGICR: bad read width %d r%d offset %#08x\n",
-            dabt.size, dabt.reg, reg);
+    printk(XENLOG_G_ERR
+           "%pv: vGICD/vGICR: bad read width %d r%d offset %#08x\n",
+           v, dabt.size, dabt.reg, reg);
     domain_crash_synchronous();
     return 0;
 
@@ -458,15 +462,16 @@ static int __vgic_v3_distr_common_mmio_write(struct vcpu 
*v, mmio_info_t *info,
         vgic_unlock_rank(v, rank, flags);
         return 1;
     default:
-        printk("vGICv3: vGICD/vGICR: unhandled write r%d "
-               "=%"PRIregister" offset %#08x\n", dabt.reg, *r, reg);
+        printk(XENLOG_G_ERR
+               "%pv: vGICD/vGICR: unhandled write r%d=%"PRIregister" offset 
%#08x\n",
+               v, dabt.reg, *r, reg);
         return 0;
     }
 
 bad_width:
-    dprintk(XENLOG_ERR,
-            "vGICv3: vGICD/vGICR: bad write width %d r%d=%"PRIregister" "
-            "offset %#08x\n", dabt.size, dabt.reg, *r, reg);
+    printk(XENLOG_G_ERR
+           "%pv: vGICD/vGICR: bad write width %d r%d=%"PRIregister" offset 
%#08x\n",
+           v, dabt.size, dabt.reg, *r, reg);
     domain_crash_synchronous();
     return 0;
 
@@ -521,13 +526,14 @@ static int vgic_v3_rdistr_sgi_mmio_read(struct vcpu *v, 
mmio_info_t *info,
         if ( dabt.size != DABT_WORD ) goto bad_width;
         return 1;
     default:
-        printk("vGICv3: vGICR: read r%d offset %#08x\n not found",
-               dabt.reg, gicr_reg);
+        printk(XENLOG_G_ERR
+               "%pv: vGICR: SGI: read r%d offset %#08x\n not found",
+               v, dabt.reg, gicr_reg);
         return 0;
     }
 bad_width:
-    printk("vGICv3: vGICR: bad read width %d r%d offset %#08x\n",
-           dabt.size, dabt.reg, gicr_reg);
+    printk(XENLOG_G_ERR "%pv: vGICR: SGI: bad read width %d r%d offset 
%#08x\n",
+           v, dabt.size, dabt.reg, gicr_reg);
     domain_crash_synchronous();
     return 0;
 
@@ -585,14 +591,16 @@ static int vgic_v3_rdistr_sgi_mmio_write(struct vcpu *v, 
mmio_info_t *info,
         /* We do not implement security extensions for guests, write ignore */
         goto write_ignore;
     default:
-        printk("vGICv3: vGICR SGI: write r%d offset %#08x\n not found",
-               dabt.reg, gicr_reg);
+        printk(XENLOG_G_ERR
+               "%pv: vGICR: SGI: write r%d offset %#08x\n not found",
+               v, dabt.reg, gicr_reg);
         return 0;
     }
 
 bad_width:
-    printk("vGICR SGI: bad write width %d r%d=%"PRIregister" offset %#08x\n",
-           dabt.size, dabt.reg, *r, gicr_reg);
+    printk(XENLOG_G_ERR
+           "%pv: vGICR: SGI: bad write width %d r%d=%"PRIregister" offset 
%#08x\n",
+           v, dabt.size, dabt.reg, *r, gicr_reg);
     domain_crash_synchronous();
     return 0;
 
@@ -616,9 +624,9 @@ static int vgic_v3_rdistr_mmio_read(struct vcpu *v, 
mmio_info_t *info)
     else  if ( (offset >= SZ_64K) && (offset < 2 * SZ_64K) )
         return vgic_v3_rdistr_sgi_mmio_read(v, info, (offset - SZ_64K));
     else
-        gdprintk(XENLOG_WARNING,
-                 "vGICv3: vGICR: unknown gpa read address %"PRIpaddr"\n",
-                 info->gpa);
+        printk(XENLOG_G_WARNING
+               "%pv: vGICR: unknown gpa read address %"PRIpaddr"\n",
+                v, info->gpa);
 
     return 0;
 }
@@ -638,9 +646,9 @@ static int vgic_v3_rdistr_mmio_write(struct vcpu *v, 
mmio_info_t *info)
     else  if ( (offset >= SZ_64K) && (offset < 2 * SZ_64K) )
         return vgic_v3_rdistr_sgi_mmio_write(v, info, (offset - SZ_64K));
     else
-        gdprintk(XENLOG_WARNING,
-                 "vGICV3: vGICR: unknown gpa write address %"PRIpaddr"\n",
-                 info->gpa);
+        printk(XENLOG_G_WARNING
+               "%pv: vGICR: unknown gpa write address %"PRIpaddr"\n",
+               v, info->gpa);
 
     return 0;
 }
@@ -764,18 +772,19 @@ static int vgic_v3_distr_mmio_read(struct vcpu *v, 
mmio_info_t *info)
     case 0xf30 ... 0x5fcc:
     case 0x8000 ... 0xbfcc:
         /* These are reserved register addresses */
-        printk("vGICv3: vGICD: read unknown 0x00c .. 0xfcc r%d offset %#08x\n",
-               dabt.reg, gicd_reg);
+        printk(XENLOG_G_DEBUG
+               "%pv: vGICD: RAZ on reserved register offset %#08x\n",
+               v, gicd_reg);
         goto read_as_zero;
     default:
-        printk("vGICv3: vGICD: unhandled read r%d offset %#08x\n",
-               dabt.reg, gicd_reg);
+        printk(XENLOG_G_ERR "%pv: vGICD: unhandled read r%d offset %#08x\n",
+               v, dabt.reg, gicd_reg);
         return 0;
     }
 
 bad_width:
-    dprintk(XENLOG_ERR, "vGICv3: vGICD: bad read width %d r%d offset %#08x\n",
-            dabt.size, dabt.reg, gicd_reg);
+    printk(XENLOG_G_ERR "%pv: vGICD: bad read width %d r%d offset %#08x\n",
+           v, dabt.size, dabt.reg, gicd_reg);
     domain_crash_synchronous();
     return 0;
 
@@ -832,8 +841,9 @@ static int vgic_v3_distr_mmio_write(struct vcpu *v, 
mmio_info_t *info)
     case 0x020 ... 0x03c:
     case 0xc000 ... 0xffcc:
         /* Implementation defined -- write ignored */
-        printk("vGICv3: vGICD: write unknown 0x020 - 0x03c r%d offset %#08x\n",
-               dabt.reg, gicd_reg);
+        printk(XENLOG_G_DEBUG
+               "%pv: vGICD: WI on implementation defined register offset 
%#08x\n",
+               v, gicd_reg);
         goto write_ignore;
     case GICD_IGROUPR ... GICD_IGROUPRN:
     case GICD_ISENABLER ... GICD_ISENABLERN:
@@ -877,8 +887,9 @@ static int vgic_v3_distr_mmio_write(struct vcpu *v, 
mmio_info_t *info)
             new_target = new_irouter & MPIDR_AFF0_MASK;
             if ( new_target >= v->domain->max_vcpus )
             {
-                printk("vGICv3: vGICD: wrong irouter at offset %#08x\n val 
0x%lx vcpu %x",
-                       gicd_reg, new_target, v->domain->max_vcpus);
+                printk(XENLOG_G_DEBUG
+                       "%pv: vGICD: wrong irouter at offset %#08x\n val 0x%lx 
vcpu %x",
+                       v, gicd_reg, new_target, v->domain->max_vcpus);
                 vgic_unlock_rank(v, rank, flags);
                 return 0;
             }
@@ -918,19 +929,21 @@ static int vgic_v3_distr_mmio_write(struct vcpu *v, 
mmio_info_t *info)
     case 0xf30 ... 0x5fcc:
     case 0x8000 ... 0xbfcc:
         /* Reserved register addresses */
-        printk("vGICv3: vGICD: write unknown 0x00c 0xfcc  r%d offset %#08x\n",
-                dabt.reg, gicd_reg);
+        printk(XENLOG_G_DEBUG
+               "%pv: vGICD: write unknown 0x00c 0xfcc  r%d offset %#08x\n",
+               v, dabt.reg, gicd_reg);
         goto write_ignore;
     default:
-        printk("vGICv3: vGICD: unhandled write r%d=%"PRIregister" "
-               "offset %#08x\n", dabt.reg, *r, gicd_reg);
+        printk(XENLOG_G_ERR
+               "%pv: vGICD: unhandled write r%d=%"PRIregister" offset %#08x\n",
+               v, dabt.reg, *r, gicd_reg);
         return 0;
     }
 
 bad_width:
-    dprintk(XENLOG_ERR,
-            "VGICv3: vGICD: bad write width %d r%d=%"PRIregister" "
-            "offset %#08x\n", dabt.size, dabt.reg, *r, gicd_reg);
+    printk(XENLOG_G_ERR
+           "%pv: vGICD: bad write width %d r%d=%"PRIregister" offset %#08x\n",
+           v, dabt.size, dabt.reg, *r, gicd_reg);
     domain_crash_synchronous();
     return 0;
 
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.5

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.