|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [PATCH V1 14/16] xen/ioreq: Use guest_cmpxchg64() instead of cmpxchg()
From: Oleksandr Tyshchenko <oleksandr_tyshchenko@xxxxxxxx> The cmpxchg() in hvm_send_buffered_ioreq() operates on memory shared with the emulator. In order to be on the safe side we need to switch to guest_cmpxchg64() to prevent a domain to DoS Xen on Arm. CC: Julien Grall <jgrall@xxxxxxxxxx> Signed-off-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@xxxxxxxx> --- Please note, this patch depends on the following patch on a review: https://patchwork.kernel.org/patch/11715559/ Changes RFC -> V1: - new patch --- --- xen/common/ioreq.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/xen/common/ioreq.c b/xen/common/ioreq.c index e24a481..645d8a1 100644 --- a/xen/common/ioreq.c +++ b/xen/common/ioreq.c @@ -30,6 +30,8 @@ #include <xen/trace.h> #include <xen/vpci.h> +#include <asm/guest_atomics.h> + #include <public/hvm/dm_op.h> #include <public/hvm/ioreq.h> #include <public/hvm/params.h> @@ -1325,7 +1327,7 @@ static int hvm_send_buffered_ioreq(struct hvm_ioreq_server *s, ioreq_t *p) new.read_pointer = old.read_pointer - n * IOREQ_BUFFER_SLOT_NUM; new.write_pointer = old.write_pointer - n * IOREQ_BUFFER_SLOT_NUM; - cmpxchg(&pg->ptrs.full, old.full, new.full); + guest_cmpxchg64(d, &pg->ptrs.full, old.full, new.full); } notify_via_xen_event_channel(d, s->bufioreq_evtchn); -- 2.7.4
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |