[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 06/10] tools/insn-fuzz: Correct hook prototypes, and assert() appropriate segments

To: Jan Beulich <JBeulich@xxxxxxxx>
From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date: Mon, 27 Mar 2017 13:49:22 +0100
Cc: George Dunlap <george.dunlap@xxxxxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxx>
Delivery-date: Mon, 27 Mar 2017 12:49:36 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 27/03/17 12:48, Jan Beulich wrote:
>>>> On 27.03.17 at 11:56, <andrew.cooper3@xxxxxxxxxx> wrote:
>> The correct prototypes for the hooks are to use enum x86_segment rather than
>> unsigned int.  It is implementation specific as to whether this compiles.
> I'm actually surprised this has worked so far. We should fix the test
> harness in the same way.

Oh yes.  I will fix that as well.

>
>> @@ -235,27 +246,37 @@ static int fuzz_rep_stos(
>>      unsigned long *reps,
>>      struct x86_emulate_ctxt *ctxt)
>>  {
>> +    /*
>> +     * STOS itself may only have an %es segment, but the stos() hook is 
>> reused
>> +     * for CLZERO.
>> +     */
>> +    assert(is_x86_user_segment(seg));
> Perhaps worth looking at ctxt->opcode?

I considered that but chose not to.  I think starting to special case
like that might get unwieldy.

>
>>  static int fuzz_cmpxchg(
>> -    unsigned int seg,
>> +    enum x86_segment seg,
>>      unsigned long offset,
>>      void *old,
>>      void *new,
>>      unsigned int bytes,
>>      struct x86_emulate_ctxt *ctxt)
>>  {
>> +    assert((unsigned int)seg < x86_seg_none);
> I guess this could be slightly more strict, not allowing IDTR and TR.
> Perhaps then also for the write handler.

Hmm - good point.  We have no architectural reason to perform a
cmpxchg() targeting the IDT or TR.

OTOH, we have no architectural reason to ever write to any of the system
segments, so that side of things can be stricter.

~Andrew

>
> Other than the above (which are only suggestions)
> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
>
> Jan
>


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH 00/10] x86 emulation bugfixes and fuzzer improvements
  - From: Andrew Cooper
- [Xen-devel] [PATCH 06/10] tools/insn-fuzz: Correct hook prototypes, and assert() appropriate segments
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH 06/10] tools/insn-fuzz: Correct hook prototypes, and assert() appropriate segments
  - From: Jan Beulich

Prev by Date: Re: [Xen-devel] [PATCH v4 1/8] xen: import ring.h from xen
Next by Date: [Xen-devel] [xen-unstable-smoke test] 106935: tolerable trouble: broken/fail/pass - PUSHED
Previous by thread: Re: [Xen-devel] [PATCH 06/10] tools/insn-fuzz: Correct hook prototypes, and assert() appropriate segments
Next by thread: [Xen-devel] [PATCH 04/10] tools/insn-fuzz: Avoid making use of static data
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.