[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [GSoC] GSoC Introduction : Fuzzing Xen hypercall interface

On Wed, Mar 22, 2017 at 09:47:06AM +0100, Felix Schmoll wrote:
> 2017-03-21 17:14 GMT+01:00 Wei Liu <wei.liu2@xxxxxxxxxx>:
> 
> > On Tue, Mar 21, 2017 at 04:13:24PM +0000, Wei Liu wrote:
> > > On Mon, Mar 20, 2017 at 09:12:54AM +0100, Felix Schmoll wrote:
> > > [...]
> > > > From 7e50f50b2a1e95cbc813354d68c71315d4d1394b Mon Sep 17 00:00:00 2001
> > > > From: Felix Schmoll <eggi.innovations@xxxxxxxxx>
> > > > Date: Thu, 16 Mar 2017 07:11:00 +0100
> > > > Subject: [PATCH 1/2] First idea on domain_id-hypercall implementation
> > > >
> > > > ---
> > > >  xen/arch/x86/hypercall.c    | 1 +
> > > >  xen/common/kernel.c         | 6 ++++++
> > > >  xen/include/public/xen.h    | 1 +
> > > >  xen/include/xen/hypercall.h | 5 +++++
> > > >  4 files changed, 13 insertions(+)
> > > >
> > > > diff --git a/xen/arch/x86/hypercall.c b/xen/arch/x86/hypercall.c
> > > > index e30181817a..caf8565809 100644
> > > > --- a/xen/arch/x86/hypercall.c
> > > > +++ b/xen/arch/x86/hypercall.c
> > > > @@ -69,6 +69,7 @@ const hypercall_args_t
> > > > hypercall_args_table[NR_hypercalls] =
> > > >      ARGS(dm_op, 3),
> > > >      ARGS(mca, 1),
> > > >      ARGS(arch_1, 1),
> > > > +    ARGS(domain_id, 2),
> > > >  };
> > > >
> > >
> > > I know now.
> > >
> > > You did add your hypercall to pv/hypercall.c and hvm/hypercall.c.
> >
> > "didn't"
> >
> 
> I also noticed that, but it still doesn't work. Here is what I last tried
> (I removed the unused arguments and made it a little simpler), relative to
> "staging":
> 
>  diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h
> index 2d97d36c38..1e152c8a07 100644
> --- a/tools/libxc/include/xenctrl.h
> +++ b/tools/libxc/include/xenctrl.h
> @@ -1569,6 +1569,7 @@ int xc_domctl(xc_interface *xch, struct xen_domctl
> *domctl);
>  int xc_sysctl(xc_interface *xch, struct xen_sysctl *sysctl);
> 
>  int xc_version(xc_interface *xch, int cmd, void *arg);
> +int xc_domid(xc_interface *xch);
> 
>  int xc_flask_op(xc_interface *xch, xen_flask_op_t *op);
> 
> diff --git a/tools/libxc/xc_private.c b/tools/libxc/xc_private.c
> index 72e6242417..37b11e41a9 100644
> --- a/tools/libxc/xc_private.c
> +++ b/tools/libxc/xc_private.c
> @@ -530,6 +530,12 @@ int xc_version(xc_interface *xch, int cmd, void *arg)
>      return rc;
>  }
> 
> +int xc_domid(xc_interface *xch)
> +{
> +    return xencall0(xch->xcall, __HYPERVISOR_domain_id);
> +}
> +
> +
>  unsigned long xc_make_page_below_4G(
>      xc_interface *xch, uint32_t domid, unsigned long mfn)
>  {
> diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c
> index 614501f761..eddb264f2d 100644
> --- a/xen/arch/arm/traps.c
> +++ b/xen/arch/arm/traps.c
> @@ -1297,6 +1297,7 @@ static arm_hypercall_t arm_hypercall_table[] = {
>      HYPERCALL(platform_op, 1),
>      HYPERCALL_ARM(vcpu_op, 3),
>      HYPERCALL(vm_assist, 2),
> +    HYPERCALL(domain_id, 0),
>  };
> 
>  #ifndef NDEBUG
> diff --git a/xen/arch/x86/hvm/hypercall.c b/xen/arch/x86/hvm/hypercall.c
> index e7238ce293..7677520290 100644
> --- a/xen/arch/x86/hvm/hypercall.c
> +++ b/xen/arch/x86/hvm/hypercall.c
> @@ -125,6 +125,7 @@ static const hypercall_table_t hvm_hypercall_table[] = {
>      HYPERCALL(hvm_op),
>      HYPERCALL(sysctl),
>      HYPERCALL(domctl),
> +    HYPERCALL(domain_id),
>  #ifdef CONFIG_TMEM
>      HYPERCALL(tmem_op),
>  #endif
> diff --git a/xen/arch/x86/hypercall.c b/xen/arch/x86/hypercall.c
> index e30181817a..b68d0aef40 100644
> --- a/xen/arch/x86/hypercall.c
> +++ b/xen/arch/x86/hypercall.c
> @@ -45,6 +45,7 @@ const hypercall_args_t
> hypercall_args_table[NR_hypercalls] =
>      COMP(set_timer_op, 1, 2),
>      ARGS(event_channel_op_compat, 1),
>      ARGS(xen_version, 2),
> +    ARGS(domain_id, 0),
>      ARGS(console_io, 3),
>      ARGS(physdev_op_compat, 1),
>      ARGS(grant_table_op, 3),
> diff --git a/xen/arch/x86/pv/hypercall.c b/xen/arch/x86/pv/hypercall.c
> index 9d29d2f088..1e67eb3312 100644
> --- a/xen/arch/x86/pv/hypercall.c
> +++ b/xen/arch/x86/pv/hypercall.c
> @@ -50,6 +50,7 @@ static const hypercall_table_t pv_hypercall_table[] = {
>      COMPAT_CALL(set_timer_op),
>      HYPERCALL(event_channel_op_compat),
>      COMPAT_CALL(xen_version),
> +    HYPERCALL(domain_id),
>      HYPERCALL(console_io),
>      COMPAT_CALL(physdev_op_compat),
>      COMPAT_CALL(grant_table_op),


You also need to put the pointer into the correct slot in various
tables. The hypercall dispatching machinery uses table[HYPERCALL_NUM] to
look up the function to call.

From the look of your patch you failed to do that. I haven't done
through checking though.

Wei.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.