[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 1/3] x86/IRQ: conditionally preserve access permission on map error paths

To: Jan Beulich <JBeulich@xxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date: Mon, 4 Dec 2017 16:07:15 +0000
Delivery-date: Mon, 04 Dec 2017 16:08:19 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 04/12/17 10:32, Jan Beulich wrote:
> Permissions that had been granted before should not be revoked when
> handling unrelated errors.
>
> Reported-by: HW42 <hw42@xxxxxxxxx>
> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
>
> --- a/xen/arch/x86/irq.c
> +++ b/xen/arch/x86/irq.c
> @@ -1918,6 +1918,7 @@ int map_domain_pirq(
>      struct irq_desc *desc;
>      unsigned long flags;
>      DECLARE_BITMAP(prepared, MAX_MSI_IRQS) = {};
> +    DECLARE_BITMAP(granted, MAX_MSI_IRQS) = {};
>  
>      ASSERT(spin_is_locked(&d->event_lock));
>  
> @@ -1951,13 +1952,17 @@ int map_domain_pirq(
>          return ret;
>      }
>  
> -    ret = irq_permit_access(d, irq);
> -    if ( ret )
> +    if ( likely(!irq_access_permitted(d, irq)) )
>      {
> -        printk(XENLOG_G_ERR
> -               "dom%d: could not permit access to IRQ%d (pirq %d)\n",
> -               d->domain_id, irq, pirq);
> -        return ret;
> +        ret = irq_permit_access(d, irq);
> +        if ( ret )
> +        {
> +            printk(XENLOG_G_ERR
> +                   "dom%d: could not permit access to IRQ%d (pirq %d)\n",
> +                  d->domain_id, irq, pirq);
> +            return ret;
> +        }
> +        __set_bit(0, granted);
>      }
>  
>      ret = prepare_domain_irq_pirq(d, irq, pirq, &info);
> @@ -2042,10 +2047,15 @@ int map_domain_pirq(
>                  __set_bit(nr, prepared);
>              msi_desc[nr].irq = irq;
>  
> -            if ( irq_permit_access(d, irq) != 0 )
> -                printk(XENLOG_G_WARNING
> -                       "dom%d: could not permit access to IRQ%d (pirq %d)\n",
> -                       d->domain_id, irq, pirq);
> +            if ( likely(!irq_access_permitted(d, irq)) )
> +            {
> +                if ( irq_permit_access(d, irq) )
> +                    printk(XENLOG_G_WARNING
> +                           "dom%d: could not permit access to IRQ%d (pirq 
> %d)\n",
> +                           d->domain_id, irq, pirq);
> +                else
> +                    __set_bit(0, granted);
> +            }
>  
>              desc = irq_to_desc(irq);
>              spin_lock_irqsave(&desc->lock, flags);
> @@ -2074,7 +2084,8 @@ int map_domain_pirq(
>              }
>              while ( nr )
>              {
> -                if ( irq >= 0 && irq_deny_access(d, irq) )
> +                if ( irq >= 0 && test_bit(nr, granted) &&

You only ever set bit 0 of granted, but you test each of them here. 
Something seems wrong.

Should the previous hunk be __set_bit(nr, granted) ?

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 1/3] x86/IRQ: conditionally preserve access permission on map error paths
  - From: Jan Beulich

References:
- [Xen-devel] [PATCH 0/3] XSA-237 follow-up
  - From: Jan Beulich
- [Xen-devel] [PATCH 1/3] x86/IRQ: conditionally preserve access permission on map error paths
  - From: Jan Beulich

Prev by Date: Re: [Xen-devel] [PATCH 3/3] x86/p2m: force return value checking of p2m_set_entry()
Next by Date: [Xen-devel] [qemu-upstream-4.8-testing baseline-only test] 72514: regressions - FAIL
Previous by thread: [Xen-devel] [PATCH 1/3] x86/IRQ: conditionally preserve access permission on map error paths
Next by thread: Re: [Xen-devel] [PATCH 1/3] x86/IRQ: conditionally preserve access permission on map error paths
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.