|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen staging] libxc/restore: Fix REC_TYPE_X86_PV_VCPU_XSAVE data auditing (take 2)
commit 0729830cc425a8ff27a3137e87b93768ae3c853c
Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Tue Feb 4 20:29:38 2020 +0000
Commit: Wei Liu <wl@xxxxxxx>
CommitDate: Wed Feb 5 12:02:42 2020 +0000
libxc/restore: Fix REC_TYPE_X86_PV_VCPU_XSAVE data auditing (take 2)
It turns out that a bug (since forever) in Xen causes XSAVE records to have
non-architectural behaviour on xsave-capable hardware, when a PV guest has
not
touched the state.
In such a case, the data record returned from Xen is 2*uint64_t, both
claiming
the (illegitimate) state of %xcr0 and %xcr0_accum being 0.
Adjust the bound in handle_x86_pv_vcpu_blob() to cope with this.
Fixes: 2a62c22715b "libxc/restore: Fix data auditing in
handle_x86_pv_vcpu_blob()"
Reported-by: Igor Druzhinin <igor.druzhinin@xxxxxxxxxx>
Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Acked-by: Wei Liu <wl@xxxxxxx>
---
tools/libxc/xc_sr_restore_x86_pv.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/libxc/xc_sr_restore_x86_pv.c
b/tools/libxc/xc_sr_restore_x86_pv.c
index 16e738884e..904ccc462a 100644
--- a/tools/libxc/xc_sr_restore_x86_pv.c
+++ b/tools/libxc/xc_sr_restore_x86_pv.c
@@ -827,10 +827,10 @@ static int handle_x86_pv_vcpu_blob(struct xc_sr_context
*ctx,
break;
case REC_TYPE_X86_PV_VCPU_XSAVE:
- if ( blobsz < 128 )
+ if ( blobsz < 16 )
{
ERROR("%s record too short: min %zu, got %u",
- rec_name, sizeof(*vhdr) + 128, rec->length);
+ rec_name, sizeof(*vhdr) + 16, rec->length);
goto out;
}
blob = &vcpu->xsave;
--
generated by git-patchbot for /home/xen/git/xen.git#staging
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |