Xen project Mailing List

[PATCH 1/2] domain: fix misaligned unmap address in unmap_guest_area()

From: Roger Pau Monne <roger.pau@xxxxxxxxxx>

Date: Fri, 6 Oct 2023 11:13:52 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PE02m+AHltxS0HWO+8PEn0CoBID2FzB2Ut853VBtHnw=; b=e9l6bJ/Rthon0E42ILP/PuF/piP0U/qOhrMQrjpaQMOQf0D7qLncQOjbJy6JsTQ2X6RGoofvZqpLzSo4b/NuXu30TregbiHuq9nrcGI27AX6xE0fhGRrsSD19a9LaBaaEE5yk6otpXmnbbL31aQJoXIKm3cikcpevYed5zjIYIiDXitIMA0mYKiCIzqNQVxoNwDoMDsIoawajCAri0yWGwmY/0ldFouwgI/0XFnmEGI/EPQX1WLi10BBAudkWQuvjhz6hwOoxFypqwq3IGnz/yIrOjZ1qgB9/gcXvAFNDTn1SzCNMmr42JpY8X/PKpiv/bfjaaLTDSdTDokLXrH/jA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FIpLkRX6814F2bBC3AidxvrNa6RtfyTlgtlFIm6WDIKnTo6ASrfADfTg1GAb2OsCygAAUhQ7R1xTe1SH8jCwJpkBkQdgTooVYlMc9K+xNiW3K6gwKhsddn8m8oCdJcRcNOOB/S76kr3OzyobGZ03FJKkw/ZH8SeYl3TPlKxZLH5597WqCdFprLrXyafK7wA0t8eOycTa56cqdxa3lJCbN9Cf0pePrB+GmO7PAMuZ3z0Zfi4Hfed45YY9Yk888Forb1y33DOnPKGDHqfZWCMAAbYegyHdX0DW3p8TQHQeD6/JPoiLvjhB4mBF2pIAXF3Bc0aRVAABhxFXfltC+N7GNw==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;

Cc: Henry Wang <Henry.Wang@xxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>

Delivery-date: Fri, 06 Oct 2023 09:16:53 +0000

Ironport-data: A9a23:TDwIZ6816Q72K+M01ySfDrUDWn+TJUtcMsCJ2f8bNWPcYEJGY0x3y jYbWGCPa/yLNGfze4x2Otuxox4Av5TVxtY1SwVqq3g8E34SpcT7XtnIdU2Y0wF+jCHgZBk+s 5hBMImowOQcFCK0SsKFa+C5xZVE/fjVAOK6UKidYnwZqTZMEE8JkQhkl/MynrlmiN24BxLlk d7pqojUNUTNNwRcawr40Ird7ks01BjOkGlA5AdnPagW5AW2e0Q9V/rzG4ngdxMUfaEMdgKKb 76r5K20+Grf4yAsBruN+losWhRXKlJ6FVHmZkt+A8BOsDAbzsAB+v9T2M4nQVVWk120c+VZk 72hg3ASpTABZcUgkMxFO/VR/roX0aduoNcrKlDn2SCfItGvn9IBDJyCAWlvVbD09NqbDklJ7 ORDFh09Xiuc2c+vw7+1Zc9+iM4aeZyD0IM34hmMzBn/JNN/G9XvZvuP4tVVmjAtmspJAPDSI dIDbiZiZwjBZBsJPUoLDJU5n6GjgXyXnz9w8QrJ4/ZopTWCilUujtABM/KMEjCObd9SkUuC4 HrP4kzyAw0ANczZwj2Amp6prraVwXOiA9tMRdVU8NZLqQC052UjUyQbXHe44t6yixCyRNJmf hl8Fi0G6PJaGFaQZsnwWVi0rWCJujYYWsFMCKsq5QeV0K3W7g2FQG8eQVZpSNEgrt5wejUs2 XeAhdavDjtq2JWXQ3+A8rafrRupJDMYa2QFYEcsTxYB4tTliJE+iFTIVNkLOLWuktT/FDX0w jaLhCsznbMeiYgMzarT1U/DqyKhoN7OVAFd2+nMdmes7wc8aIv7YYWtsALf9awZc9jfSUSdt n8ZncTY9PoJEZyGiC2KRqMKAa2t4PGGdjbbhDaDAqUcythkwFb7Fag43d20DB4B3hosEdMxX HLuhA==

Ironport-hdrordr: A9a23:yFQfraxM2lXHoQPCVmo3KrPw6L1zdoMgy1knxilNoHxuH/Bw9v re+cjzsCWftN9/Yh4dcLy7VpVoIkmsl6Kdg7NwAV7KZmCP1FdARLsI0WKI+UyCJ8SRzI9gPa cLSdkFNDXzZ2IK8PoTNmODYqodKNrsytHWuQ/HpU0dKT2D88tbnn9E4gDwKDwQeCB2QaAXOb C7/cR9qz+paR0sH7+G7ilsZZmkmzXT/qiWGCI7Ow==

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

unmap_domain_page_global() expects the provided address to be page aligned, or else some of the called functions will trigger assertions, like modify_xen_mappings() on x86 or destroy_xen_mappings() on Arm. The following assert has been reported by osstest arm 32bit tests: (XEN) Assertion 'IS_ALIGNED(s, PAGE_SIZE)' failed at arch/arm/mm.c:1243 (XEN) ----[ Xen-4.18-rc arm32 debug=y Not tainted ]---- (XEN) CPU: 0 (XEN) PC: 00271a38 destroy_xen_mappings+0x50/0x5c [...] (XEN) Xen call trace: (XEN) [<00271a38>] destroy_xen_mappings+0x50/0x5c (PC) (XEN) [<00235aa8>] vunmap+0x30/0x1a0 (LR) (XEN) [<0026ad88>] unmap_domain_page_global+0x10/0x20 (XEN) [<00208e38>] unmap_guest_area+0x90/0xec (XEN) [<00208f98>] domain_kill+0x104/0x180 (XEN) [<00239e3c>] do_domctl+0x8ac/0x14fc (XEN) [<0027ae34>] do_trap_guest_sync+0x570/0x66c (XEN) [<002019f0>] arch/arm/arm32/entry.o#return_from_trap+0/0x4 Fixes: eadc288cbb0d ('domain: map/unmap GADDR based shared guest areas') Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> --- unmap_domain_page_global() and vunmap() should likely have the same alignment asserts, as not all paths lead to detecting the misalignment of the provided linear address. Will do a separate patch. --- xen/common/domain.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xen/common/domain.c b/xen/common/domain.c index b8281d7cff9d..2dcc64e659cc 100644 --- a/xen/common/domain.c +++ b/xen/common/domain.c @@ -1634,7 +1634,7 @@ void unmap_guest_area(struct vcpu *v, struct guest_area *area) if ( pg ) { - unmap_domain_page_global(map); + unmap_domain_page_global((void *)((unsigned long)map & PAGE_MASK)); put_page_and_type(pg); } } -- 2.42.0

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.