[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/4] xen: Introduce non-broken hypercalls for the paging mempool size
- To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- From: Anthony PERARD <anthony.perard@xxxxxxxxxx>
- Date: Thu, 17 Nov 2022 14:10:02 +0000
- Authentication-results: esa6.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none
- Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Henry Wang <Henry.Wang@xxxxxxx>
- Delivery-date: Thu, 17 Nov 2022 14:10:25 +0000
- Ironport-data: A9a23:xUV/yKL52nx9KfIpFE+RJpUlxSXFcZb7ZxGr2PjKsXjdYENS0WRRy DEaDDvTMqrbYmejet4lPI7i8U0FvZ6Gx4BnSgFlqX01Q3x08seUXt7xwmUcnc+xBpaaEB84t ZV2hv3odp1coqr0/0/1WlTZhSAgk/rOHv+kUrWs1hlZHWdMUD0mhQ9oh9k3i4tphcnRKw6Ws Jb5rta31GWNglaYCUpJrfPdwP9TlK6q4mlB5wVhPaojUGL2zBH5MrpOfcldEFOgKmVkNrbSb /rOyri/4lTY838FYj9yuu+mGqGiaue60Tmm0hK6aYD76vRxjnVaPpIAHOgdcS9qZwChxLid/ jnvWauYEm/FNoWU8AgUvoIx/ytWZcWq85efSZSzXFD6I+QrvBIAzt03ZHzaM7H09c53WVwW8 L8VMgsqTRDTp+Cm/YP8c+Bj05FLwMnDZOvzu1llxDDdS/0nXYrCU+PB4towMDUY354UW6yEP oxANGQpPE+ojx5nYz/7DLo3mvuogX/uNSVVsluPqYI84nTJzRw327/oWDbQUozWG5wJwxrJz o7A13zIAQAhO/yf8DaA6nT22NLUoyHVV41HQdVU8dY12QbOlwT/EiY+V0a/oPS/ol6zXZRYM UN80jE1saE4+UivT9/8dx61uniJulgbQdU4O9M97AaB26/F+TGzD2IPTiNCQNE+vcpwTjsvv nepktXzFHpQubuaYXuH8/GfqjbaESIYN3MYbCkICw4M+cD+oZobhwjKCN1kFcadntDzXD393 T2OhCw/nKkIy94G0b2h+lLKiC7qoYLGJiYXzAjKWmOu7itieZWoIYev7DDz8vJoPIufCF6bs xA5d9O2tb5US8vXzWrUHbtLTOrBC+u53CP0gQZSR5xi+i6W3F2jLaBS8AxPY35gPZNREdP2W 3P7tQRU7Z5VGXKla65rfo68Y/gXIbjc+cfNDa6NMIcXCnRlXErepXw1OxbMt4z4uBJ0+ZzTL 6t3ZipF4ZwyLa18hAS7SO4GuVPA7nBvnDiDLXwXIvnO7FZ/WJJ3Ye1bWLdtRrpjhE9hnOky2 4g3Cidy408DONASmwGOmWPTRHhTRZTBObj4qtZMasmIKRd8FWcqBpf5mO1/K9I/xPgKzLmXp BlRv3O0LnKk3BUrzi3TNBhehE7HB84j/RrXwwRxVbpX55TTSdn2t/pOH3fGVbIm6PZi3ZZJo wotIq297zUmYmqvxgnxmrGn/dA8K0n23lrUV8dnCRBmF6Ndq8Xy0oeMVmPSGOMmVEJbaeNWT 2Wc6z7m
- Ironport-hdrordr: A9a23:DmDCm6FWL5ODQ/5UpLqE6MeALOsnbusQ8zAXP0AYc3Jom+ij5q STdZUgpHrJYVkqNU3I9ertBEDEewK6yXcX2/hyAV7BZmnbUQKTRekIh7cKgQeQeBEWntQts5 uIGJIeNDSfNzdHsfo=
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Thu, Nov 17, 2022 at 01:08:01AM +0000, Andrew Cooper wrote:
> The existing XEN_DOMCTL_SHADOW_OP_{GET,SET}_ALLOCATION have problems:
>
> * All set_allocation() flavours have an overflow-before-widen bug when
> calculating "sc->mb << (20 - PAGE_SHIFT)".
> * All flavours have a granularity of 1M. This was tolerable when the size of
> the pool could only be set at the same granularity, but is broken now that
> ARM has a 16-page stopgap allocation in use.
> * All get_allocation() flavours round up, and in particular turn 0 into 1,
> meaning the get op returns junk before a successful set op.
> * The x86 flavours reject the hypercalls before the VM has vCPUs allocated,
> despite the pool size being a domain property.
> * Even the hypercall names are long-obsolete.
>
> Implement a better interface, which can be first used to unit test the
> behaviour, and subsequently correct a broken implementation. The old
> interface will be retired in due course.
>
> The unit of bytes (as opposed pages) is a deliberate API/ABI improvement to
> more easily support multiple page granularities.
>
> This is part of XSA-409 / CVE-2022-33747.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> Release-acked-by: Henry Wang <Henry.Wang@xxxxxxx>
Acked-by: Anthony PERARD <anthony.perard@xxxxxxxxxx>
Thanks,
--
Anthony PERARD
|
