[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH V4 1/4] x86/mm: Add array_index_nospec to guest provided index values

To: Alexandru Stefan ISAILA <aisaila@xxxxxxxxxxxxxxx>
From: Jan Beulich <jbeulich@xxxxxxxx>
Date: Wed, 18 Dec 2019 10:59:16 +0100
Cc: Petre Ovidiu PIRCALABU <ppircalabu@xxxxxxxxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, Tamas K Lengyel <tamas@xxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Razvan COJOCARU <rcojocaru@xxxxxxxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
Delivery-date: Wed, 18 Dec 2019 09:59:02 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 18.12.2019 09:06, Alexandru Stefan ISAILA wrote:
> On 17.12.2019 18:50, Jan Beulich wrote:
>> On 17.12.2019 16:12, Alexandru Stefan ISAILA wrote:
>>> --- a/xen/arch/x86/mm/mem_access.c
>>> +++ b/xen/arch/x86/mm/mem_access.c
>>> @@ -367,10 +367,11 @@ long p2m_set_mem_access(struct domain *d, gfn_t gfn, 
>>> uint32_t nr,
>>>       if ( altp2m_idx )
>>>       {
>>>           if ( altp2m_idx >= MAX_ALTP2M ||
>>> -             d->arch.altp2m_eptp[altp2m_idx] == mfn_x(INVALID_MFN) )
>>> +             d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_EPTP)] 
>>> ==
>>
>> The bounds check is against MAX_ALTP2M. Both MAX_ values look to be
>> independent, which means bounds check and value passed to the
>> helper need to match up (not just here).
> 
> I will have both checks against MAX_ALTP2M.

An alternative would be something along the lines of

           if ( altp2m_idx >= min(MAX_ALTP2M, MAX_EPTP) ||

Jan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

References:
- [Xen-devel] [PATCH V4 1/4] x86/mm: Add array_index_nospec to guest provided index values
  - From: Alexandru Stefan ISAILA
- Re: [Xen-devel] [PATCH V4 1/4] x86/mm: Add array_index_nospec to guest provided index values
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH V4 1/4] x86/mm: Add array_index_nospec to guest provided index values
  - From: Alexandru Stefan ISAILA

Prev by Date: Re: [Xen-devel] [PATCH V4 1/4] x86/mm: Add array_index_nospec to guest provided index values
Next by Date: Re: [Xen-devel] [PATCH V4 1/4] x86/mm: Add array_index_nospec to guest provided index values
Previous by thread: Re: [Xen-devel] [PATCH V4 1/4] x86/mm: Add array_index_nospec to guest provided index values
Next by thread: [Xen-devel] [PATCH] xsm: hide detailed Xen version from unprivileged guests
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.