[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 1/3] xen: fix XEN_DOMCTL_gdbsx_guestmemio crash

  • To: Juergen Gross <jgross@xxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Tue, 19 Apr 2022 16:32:28 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jyUVBA/RyGgqAt0kBQqMaTjuuJfYNowncXU9CRendHQ=; b=YbL0imiQDFtW8pQdOGJnyMk4wvMrqxLt2rTQRGYeHhzGHlHhgcCkvW12rGHywkp3+aT9KNTmoRxM/kxcCo6ag3VRz7Fitf7kzMDprV64NgtaX1NMUYeGJUeVNaobBs0jesdLUysDca+69lvYutbdaBOr6zLyZMl1yuuYfJ7JVam5dlufvVRvXOEfX2huTo2wd8FysHeMYgKxzTAvG1FxzwBjCklxa4+VOd7o11517HFNnkMLPAi+a0ek9yL8EMW8hcFdQ0laC4/aMtdDbdnPbLJMsP44QJIqTFmDJ93mBXFCDSTPILp4FGc1+hQN+hWrHW8MOBFNizFHS42uVjIHUw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TiA+V9aLCeIjoOnVMT8Nfg/XJVQEM26ZJyWbEQB+oBZQTfoNUaFO47ibe12FsJ4sfLxOT4dQYqeK260Pd0JFZOj0NDLvBcSqAXaX+6cpU/xOusavWEofIi9OIUQ4Jo9IzdFCUhn6YOQYblCKs2HQ3msOPmxviyHdfc1to0WEybP9FRu7lMalcsSDzp786QHchI0CJlAaZXon9ykM0MirZIWtNuv2pwUGiX8oUwscz3SRNYCFeaNEW5B+lCDrjdCI0wbWR75YCvkRNrPYfShDWzMHpz6kuLs2o+EEnn3xiX2vA4DbsRegzUQ1v+YT6K6217L8PJTBqA0GjzUlppZfGA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Cheyenne Wills <cheyenne.wills@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Tue, 19 Apr 2022 14:32:40 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 19.04.2022 15:52, Juergen Gross wrote:
> A hypervisor built without CONFIG_GDBSX will crash in case the
> XEN_DOMCTL_gdbsx_guestmemio domctl is being called, as the call will
> end up in iommu_do_domctl() with d == NULL:
> 
> (XEN) CPU:    6
> (XEN) RIP:    e008:[<ffff82d040269984>] iommu_do_domctl+0x4/0x30
> (XEN) RFLAGS: 0000000000010202   CONTEXT: hypervisor (d0v0)
> (XEN) rax: 00000000000003e8   rbx: ffff830856277ef8   rcx: ffff830856277fff
> ...
> (XEN) Xen call trace:
> (XEN)    [<ffff82d040269984>] R iommu_do_domctl+0x4/0x30
> (XEN)    [<ffff82d04035cd5f>] S arch_do_domctl+0x7f/0x2330
> (XEN)    [<ffff82d040239e46>] S do_domctl+0xe56/0x1930
> (XEN)    [<ffff82d040238ff0>] S do_domctl+0/0x1930
> (XEN)    [<ffff82d0402f8c59>] S pv_hypercall+0x99/0x110
> (XEN)    [<ffff82d0402f5161>] S 
> arch/x86/pv/domain.c#_toggle_guest_pt+0x11/0x90
> (XEN)    [<ffff82d040366288>] S lstar_enter+0x128/0x130
> (XEN)
> (XEN) Pagetable walk from 0000000000000144:
> (XEN)  L4[0x000] = 0000000000000000 ffffffffffffffff
> (XEN)
> (XEN) ****************************************
> (XEN) Panic on CPU 6:
> (XEN) FATAL PAGE FAULT
> (XEN) [error_code=0000]
> (XEN) Faulting linear address: 0000000000000144
> 
> Fix this issue by making sure the domain pointer has a sane value.
> 
> Reported-by: Cheyenne Wills <cheyenne.wills@xxxxxxxxx>
> Fixes: e726a82ca0dc ("xen: make gdbsx support configurable")
> Signed-off-by: Juergen Gross <jgross@xxxxxxxx>

Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.