|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] x86: fold code in load_segments()
>>> On 14.09.16 at 19:12, <andrew.cooper3@xxxxxxxxxx> wrote:
> On 14/09/16 16:24, Jan Beulich wrote:
>> --- a/xen/arch/x86/domain.c
>> +++ b/xen/arch/x86/domain.c
>> @@ -1745,22 +1745,22 @@ static void load_segments(struct vcpu *n
>> (unsigned long *)pv->kernel_sp;
>> unsigned long cs_and_mask, rflags;
>>
>> + /* Fold upcall mask and architectural IOPL into RFLAGS.IF. */
>> + rflags = regs->rflags & ~(X86_EFLAGS_IF|X86_EFLAGS_IOPL);
>> + rflags |= !vcpu_info(n, evtchn_upcall_mask) << 9;
>> + if ( VM_ASSIST(n->domain, architectural_iopl) )
>> + rflags |= n->arch.pv_vcpu.iopl;
>> +
>> if ( is_pv_32bit_vcpu(n) )
>> {
>> unsigned int *esp = ring_1(regs) ?
>> (unsigned int *)regs->rsp :
>> (unsigned int *)pv->kernel_sp;
>> - unsigned int cs_and_mask, eflags;
>
> The unshadowed cs_and_mask is unsigned long, not int, which means the
> put_user() below will clobber a 32bit PV guests stack frame.
No, put_user() determines the access size from its second (pointer)
argument.
> Other than that, Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> for the intended change.
Well, with the above (it not being clear what change you would have
expected, should one be needed in the first place) I'll have to wait
for clarification.
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |