[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen stable-4.9] x86/traps: Fix error handling of the pv %dr7 shadow state



commit c4cb7d3b0b3e8b077057a2c13c539f80105c7337
Author:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Wed Jul 4 12:35:16 2018 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Wed Jul 4 12:35:16 2018 +0200

    x86/traps: Fix error handling of the pv %dr7 shadow state
    
    c/s "x86/pv: Introduce and use x86emul_write_dr()" fixed a bug with IO 
shadow
    handling, in that it remained stale and visible until %dr7.L/G got set 
again.
    
    However, it neglected the -EPERM return inbetween these two hunks, 
introducing
    a different bug in which a write to %dr7 which tries to set IO breakpoints
    without %cr4.DE being set clobbers the IO state, rather than leaves it 
alone.
    
    Instead, move the zeroing slightly later, which guarentees that the shadow
    gets written exactly once, on a successful update to %dr7.
    
    Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    master commit: 237c31b5a1d5aa88cdb59b8c31b1b62eb13e82d1
    master date: 2018-06-04 11:05:45 +0100
---
 xen/arch/x86/traps.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 3df88edb91..cc352b774d 100644
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -4301,9 +4301,6 @@ long set_debugreg(struct vcpu *v, unsigned int reg, 
unsigned long value)
         if ( value & DR_GENERAL_DETECT )
             return -EPERM;
 
-        /* Zero the IO shadow before recalculating the real %dr7 */
-        v->arch.debugreg[5] = 0;
-
         /* DR7.{G,L}E = 0 => debugging disabled for this domain. */
         if ( value & DR7_ACTIVE_MASK )
         {
@@ -4332,6 +4329,10 @@ long set_debugreg(struct vcpu *v, unsigned int reg, 
unsigned long value)
                  !(v->arch.debugreg[7] & DR7_ACTIVE_MASK) )
                 activate_debugregs(v);
         }
+        else
+            /* Zero the emulated controls if %dr7 isn't active. */
+            v->arch.debugreg[5] = 0;
+
         if ( v == curr )
             write_debugreg(7, value);
         break;
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.9

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.