[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Re: Questions about VIRT_BASE and ELF_PADDR_OFFSET in __xen_guest

> > There is no reason really why VIRT_BASE=0 should not work. If it
> > crashes there is presumably some underlying bug which disallowing
> > VIRT_BASE=0 does not fix.
> 
> You are right. The experiment I was trying with Mini-OS was flawed. I
> had forgotten to fix up the minios_x86_64.lds file to reflect 0x0 (bang
> head on table). Once I did that things worked fine. 
> 
> Do we care about the situation where there is a mismatch in ELF header
> and __xen_guest section? When this happens the var "pa" is calculated
> incorrectly causing "parray" to go out of bounds.

Well, that's the bug. We should perform bounds checks on indexes into
parray. I would very much like to see a patch to fix this!

 -- Keir

> pa = (phdr->p_paddr + done) - dsi->elf_paddr_offset; 
> va = xc_map_foreign_range(xch, dom, PAGE_SIZE, PROT_WRITE, 
>                           parray[pa>>PAGE_SHIFT]);
> 
> [line 227-228 xc_load_elf.c loadelfimage()]
> 
> (In my flawed test, p_addr was 0xffffffff80000000 and elf_paddr_offset
> was 0 due to obvious reasons)
> 
> I know this is rarely possible unless someone does something stupid like
> I did :-) which is why I am wondering if we should test for this case. 
> 
> [ASIDE]
> Due to this I think I should fix x86_xx.S in Mini-OS so that it picks up
> &_text from minios_x86_xx.lds.
> 
> Cheers,
> Aravindh
> 
 -=- MIME -=- 
> There is no reason really why VIRT_BASE=3D0 should not work. If it
> crashes there is presumably some underlying bug which disallowing
> VIRT_BASE=3D0 does not fix.

You are right. The experiment I was trying with Mini-OS was flawed. I
had forgotten to fix up the minios_x86_64.lds file to reflect 0x0 (bang
head on table). Once I did that things worked fine.=20

Do we care about the situation where there is a mismatch in ELF header
and __xen_guest section? When this happens the var "pa" is calculated
incorrectly causing "parray" to go out of bounds.

pa =3D (phdr->p_paddr + done) - dsi->elf_paddr_offset;=20
va =3D xc_map_foreign_range(xch, dom, PAGE_SIZE, PROT_WRITE,=20
                          parray[pa>>PAGE_SHIFT]);

[line 227-228 xc_load_elf.c loadelfimage()]

(In my flawed test, p_addr was 0xffffffff80000000 and elf_paddr_offset
was 0 due to obvious reasons)

I know this is rarely possible unless someone does something stupid like
I did :-) which is why I am wondering if we should test for this case.=20

[ASIDE]
Due to this I think I should fix x86_xx.S in Mini-OS so that it picks up
&_text from minios_x86_xx.lds.

Cheers,
Aravindh



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.