[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v2] x86/hvm/viridian: save APIC assist vector
> -----Original Message----- > From: Jan Beulich [mailto:JBeulich@xxxxxxxx] > Sent: 30 March 2016 07:19 > To: Paul Durrant > Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx > Subject: Re: [PATCH v2] x86/hvm/viridian: save APIC assist vector > > >>> On 29.03.16 at 11:30, <paul.durrant@xxxxxxxxxx> wrote: > > @@ -806,7 +808,8 @@ static int viridian_save_vcpu_ctxt(struct domain *d, > hvm_domain_context_t *h) > > for_each_vcpu( d, v ) { > > struct hvm_viridian_vcpu_context ctxt; > > > > - ctxt.apic_assist = v->arch.hvm_vcpu.viridian.apic_assist.msr.raw; > > + ctxt.apic_assist_msr = > > v->arch.hvm_vcpu.viridian.apic_assist.msr.raw; > > + ctxt.apic_assist_vector = v- > >arch.hvm_vcpu.viridian.apic_assist.vector; > > > > if ( hvm_save_entry(VIRIDIAN_VCPU, v->vcpu_id, h, &ctxt) != 0 ) > > return 1; > > While this went in already, I'm afraid there's further work needed: > There's an information leak here (since the padding field doesn't get > zeroed), and ... > Yes, sorry I didn't notice that the struct was not zeroed out before writing to it. > > @@ -829,13 +832,15 @@ static int viridian_load_vcpu_ctxt(struct domain > *d, hvm_domain_context_t *h) > > return -EINVAL; > > } > > > > - if ( hvm_load_entry(VIRIDIAN_VCPU, h, &ctxt) != 0 ) > > + if ( hvm_load_entry_zeroextend(VIRIDIAN_VCPU, h, &ctxt) != 0 ) > > return -EINVAL; > > > > - v->arch.hvm_vcpu.viridian.apic_assist.msr.raw = ctxt.apic_assist; > > + v->arch.hvm_vcpu.viridian.apic_assist.msr.raw = ctxt.apic_assist_msr; > > if ( v->arch.hvm_vcpu.viridian.apic_assist.msr.fields.enabled ) > > initialize_apic_assist(v); > > > > + v->arch.hvm_vcpu.viridian.apic_assist.vector = ctxt.apic_assist_vector; > > + > > return 0; > > } > > ... the padding field doesn't get checked to be zero here, > preventing us from later on assigning meaning to any parts of it. > Ok. I'll add that. Paul > Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |