[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen master] x86/xstate: extend validation to cover full header
commit d570d8229158136d5a1c75a2ee2a76493b720a3b Author: Jan Beulich <jbeulich@xxxxxxxx> AuthorDate: Mon Feb 1 13:54:09 2016 +0100 Commit: Jan Beulich <jbeulich@xxxxxxxx> CommitDate: Mon Feb 1 13:54:09 2016 +0100 x86/xstate: extend validation to cover full header Since we never hand out compacted state, at least for now we're also not going to accept such. Reported-by: Harmandeep Kaur <write.harmandeep@xxxxxxxxx> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> --- xen/arch/x86/domctl.c | 2 +- xen/arch/x86/hvm/hvm.c | 15 ++++++++++++++- xen/arch/x86/xstate.c | 13 ++++++++++--- xen/include/asm-x86/xstate.h | 8 ++++---- xen/include/public/arch-x86/hvm/save.h | 7 +++---- 5 files changed, 32 insertions(+), 13 deletions(-) diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c index 1d71216..f15046a 100644 --- a/xen/arch/x86/domctl.c +++ b/xen/arch/x86/domctl.c @@ -964,7 +964,7 @@ long arch_do_domctl( { if ( evc->size >= 2 * sizeof(uint64_t) + XSTATE_AREA_MIN_SIZE ) ret = validate_xstate(_xcr0, _xcr0_accum, - _xsave_area->xsave_hdr.xstate_bv); + &_xsave_area->xsave_hdr); } else if ( !_xcr0 ) ret = 0; diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index b4f1c8c..dea3335 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -2190,6 +2190,19 @@ static int hvm_save_cpu_xsave_states(struct domain *d, hvm_domain_context_t *h) return 0; } +/* + * Structure layout conformity checks, documenting correctness of the cast in + * the invocation of validate_xstate() below. + * Leverage CONFIG_COMPAT machinery to perform this. + */ +#define xen_xsave_hdr xsave_hdr +#define compat_xsave_hdr hvm_hw_cpu_xsave_hdr +CHECK_FIELD_(struct, xsave_hdr, xstate_bv); +CHECK_FIELD_(struct, xsave_hdr, xcomp_bv); +CHECK_FIELD_(struct, xsave_hdr, reserved); +#undef compat_xsave_hdr +#undef xen_xsave_hdr + static int hvm_load_cpu_xsave_states(struct domain *d, hvm_domain_context_t *h) { unsigned int vcpuid, size; @@ -2245,7 +2258,7 @@ static int hvm_load_cpu_xsave_states(struct domain *d, hvm_domain_context_t *h) h->cur += desc->length; err = validate_xstate(ctxt->xcr0, ctxt->xcr0_accum, - ctxt->save_area.xsave_hdr.xstate_bv); + (const void *)&ctxt->save_area.xsave_hdr); if ( err ) { printk(XENLOG_G_WARNING diff --git a/xen/arch/x86/xstate.c b/xen/arch/x86/xstate.c index 2e1efb7..5dface9 100644 --- a/xen/arch/x86/xstate.c +++ b/xen/arch/x86/xstate.c @@ -613,17 +613,24 @@ static bool_t valid_xcr0(u64 xcr0) return !(xcr0 & XSTATE_BNDREGS) == !(xcr0 & XSTATE_BNDCSR); } -int validate_xstate(u64 xcr0, u64 xcr0_accum, u64 xstate_bv) +int validate_xstate(u64 xcr0, u64 xcr0_accum, const struct xsave_hdr *hdr) { - if ( (xstate_bv & ~xcr0_accum) || + unsigned int i; + + if ( (hdr->xstate_bv & ~xcr0_accum) || (xcr0 & ~xcr0_accum) || !valid_xcr0(xcr0) || !valid_xcr0(xcr0_accum) ) return -EINVAL; - if ( xcr0_accum & ~xfeature_mask ) + if ( (xcr0_accum & ~xfeature_mask) || + hdr->xcomp_bv ) return -EOPNOTSUPP; + for ( i = 0; i < ARRAY_SIZE(hdr->reserved); ++i ) + if ( hdr->reserved[i] ) + return -EIO; + return 0; } diff --git a/xen/include/asm-x86/xstate.h b/xen/include/asm-x86/xstate.h index c902bb1..84f0af9 100644 --- a/xen/include/asm-x86/xstate.h +++ b/xen/include/asm-x86/xstate.h @@ -72,14 +72,13 @@ struct __attribute__((aligned (64))) xsave_struct }; } fpu_sse; - struct { + struct xsave_hdr { u64 xstate_bv; u64 xcomp_bv; u64 reserved[6]; } xsave_hdr; /* The 64-byte header */ - struct { char x[XSTATE_YMM_SIZE]; } ymm; /* YMM */ - char data[]; /* Future new states */ + char data[]; /* Variable layout states */ }; /* extended state operations */ @@ -90,7 +89,8 @@ uint64_t get_msr_xss(void); void xsave(struct vcpu *v, uint64_t mask); void xrstor(struct vcpu *v, uint64_t mask); bool_t xsave_enabled(const struct vcpu *v); -int __must_check validate_xstate(u64 xcr0, u64 xcr0_accum, u64 xstate_bv); +int __must_check validate_xstate(u64 xcr0, u64 xcr0_accum, + const struct xsave_hdr *); int __must_check handle_xsetbv(u32 index, u64 new_bv); void expand_xsave_states(struct vcpu *v, void *dest, unsigned int size); void compress_xsave_states(struct vcpu *v, const void *src, unsigned int size); diff --git a/xen/include/public/arch-x86/hvm/save.h b/xen/include/public/arch-x86/hvm/save.h index 6862720..fbd1c6a 100644 --- a/xen/include/public/arch-x86/hvm/save.h +++ b/xen/include/public/arch-x86/hvm/save.h @@ -564,12 +564,11 @@ struct hvm_hw_cpu_xsave { struct { struct { char x[512]; } fpu_sse; - struct { + struct hvm_hw_cpu_xsave_hdr { uint64_t xstate_bv; /* Updated by XRSTOR */ - uint64_t reserved[7]; + uint64_t xcomp_bv; /* Updated by XRSTOR{C,S} */ + uint64_t reserved[6]; } xsave_hdr; /* The 64-byte header */ - - struct { char x[0]; } ymm; /* YMM */ } save_area; }; -- generated by git-patchbot for /home/xen/git/xen.git#master _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxx http://lists.xensource.com/xen-changelog
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |