WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-changelog

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-changelog] [xen-unstable] [HVM] Mov to/from CR8 must be gated on wh

from [Xen patchbot-unstable] [Permanent Link][Original]
To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] [HVM] Mov to/from CR8 must be gated on whether VLAPIC device is created.
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Sat, 30 Sep 2006 13:20:15 +0000
Delivery-date: Sat, 30 Sep 2006 06:20:34 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx 
# HG changeset patch
# User kaf24@xxxxxxxxxxxxxxxxxxxx
# Node ID 82983c636549fdbae3868f44da8b4191b606bec9
# Parent  96a6649fa691b78fcc6af0bb6618940982d72537
[HVM] Mov to/from CR8 must be gated on whether VLAPIC device is created.

If APIC=0 in VMX configuration file, VLAPIC(v) in
mov_from_cr()/mov_to_cr() will be NULL, so calling
vlapic_get_reg()/vlapic_set_reg()/vlapic_update_ppr()
would crash Xen.

Original patch from Dexuan Cui <dexuan.cui@xxxxxxxxx>
Signed-off-by: Keir Fraser <keir@xxxxxxxxxxxxx>
---
 xen/arch/x86/hvm/svm/svm.c |   27 ++++++++++++++++-----------
 xen/arch/x86/hvm/vmx/vmx.c |   29 ++++++++++++++++++-----------
 2 files changed, 34 insertions(+), 22 deletions(-)

diff -r 96a6649fa691 -r 82983c636549 xen/arch/x86/hvm/svm/svm.c
--- a/xen/arch/x86/hvm/svm/svm.c        Sat Sep 30 11:11:54 2006 +0100
+++ b/xen/arch/x86/hvm/svm/svm.c        Sat Sep 30 11:30:09 2006 +0100
@@ -57,7 +57,7 @@ extern void do_nmi(struct cpu_user_regs 
 extern void do_nmi(struct cpu_user_regs *, unsigned long);
 extern int inst_copy_from_guest(unsigned char *buf, unsigned long guest_eip,
                                 int inst_len);
- extern uint32_t vlapic_update_ppr(struct vlapic *vlapic);
+extern uint32_t vlapic_update_ppr(struct vlapic *vlapic);
 extern asmlinkage void do_IRQ(struct cpu_user_regs *);
 extern void send_pio_req(struct cpu_user_regs *regs, unsigned long port,
                          unsigned long count, int size, long value, int dir, 
int pvalid);
@@ -904,9 +904,9 @@ static void svm_relinquish_guest_resourc
 
         destroy_vmcb(&v->arch.hvm_svm);
         kill_timer(&v->arch.hvm_vcpu.hlt_timer);
-        if ( hvm_apic_support(v->domain) && (VLAPIC(v) != NULL) ) 
-        {
-            kill_timer( &(VLAPIC(v)->vlapic_timer) );
+        if ( VLAPIC(v) != NULL )
+        {
+            kill_timer(&VLAPIC(v)->vlapic_timer);
             unmap_domain_page_global(VLAPIC(v)->regs);
             free_domheap_page(VLAPIC(v)->regs_page);
             xfree(VLAPIC(v));
@@ -930,12 +930,13 @@ static void svm_migrate_timers(struct vc
     struct periodic_time *pt = 
         &(v->domain->arch.hvm_domain.pl_time.periodic_tm);
 
-    if ( pt->enabled ) {
-        migrate_timer( &pt->timer, v->processor );
-        migrate_timer( &v->arch.hvm_vcpu.hlt_timer, v->processor );
-    }
-    if ( hvm_apic_support(v->domain) && VLAPIC( v ))
-        migrate_timer( &(VLAPIC(v)->vlapic_timer ), v->processor );
+    if ( pt->enabled )
+    {
+        migrate_timer(&pt->timer, v->processor);
+        migrate_timer(&v->arch.hvm_vcpu.hlt_timer, v->processor);
+    }
+    if ( VLAPIC(v) != NULL )
+        migrate_timer(&VLAPIC(v)->vlapic_timer, v->processor);
 }
 
 
@@ -1634,9 +1635,11 @@ static void mov_from_cr(int cr, int gp, 
     case 4:
         value = (unsigned long) v->arch.hvm_svm.cpu_shadow_cr4;
         if (svm_dbg_on)
-            printk( "CR4 read=%lx\n", value );
+            printk("CR4 read=%lx\n", value);
         break;
     case 8:
+        if ( vlapic == NULL )
+            break;
         value = (unsigned long)vlapic_get_reg(vlapic, APIC_TASKPRI);
         value = (value & 0xF0) >> 4;
         break;
@@ -1814,6 +1817,8 @@ static int mov_to_cr(int gpreg, int cr, 
 
     case 8:
     {
+        if ( vlapic == NULL )
+            break;
         vlapic_set_reg(vlapic, APIC_TASKPRI, ((value & 0x0F) << 4));
         vlapic_update_ppr(vlapic);
         break;
diff -r 96a6649fa691 -r 82983c636549 xen/arch/x86/hvm/vmx/vmx.c
--- a/xen/arch/x86/hvm/vmx/vmx.c        Sat Sep 30 11:11:54 2006 +0100
+++ b/xen/arch/x86/hvm/vmx/vmx.c        Sat Sep 30 11:30:09 2006 +0100
@@ -135,7 +135,7 @@ static void vmx_relinquish_guest_resourc
         if ( !test_bit(_VCPUF_initialised, &v->vcpu_flags) )
             continue;
         kill_timer(&v->arch.hvm_vcpu.hlt_timer);
-        if ( hvm_apic_support(v->domain) && (VLAPIC(v) != NULL) )
+        if ( VLAPIC(v) != NULL )
         {
             kill_timer(&VLAPIC(v)->vlapic_timer);
             unmap_domain_page_global(VLAPIC(v)->regs);
@@ -495,12 +495,13 @@ void vmx_migrate_timers(struct vcpu *v)
 {
     struct periodic_time *pt = 
&(v->domain->arch.hvm_domain.pl_time.periodic_tm);
 
-    if ( pt->enabled ) {
+    if ( pt->enabled )
+    {
         migrate_timer(&pt->timer, v->processor);
         migrate_timer(&v->arch.hvm_vcpu.hlt_timer, v->processor);
     }
-    if ( hvm_apic_support(v->domain) && VLAPIC(v))
-        migrate_timer(&(VLAPIC(v)->vlapic_timer), v->processor);
+    if ( VLAPIC(v) != NULL )
+        migrate_timer(&VLAPIC(v)->vlapic_timer, v->processor);
 }
 
 static void vmx_store_cpu_guest_regs(
@@ -1767,6 +1768,8 @@ static int mov_to_cr(int gp, int cr, str
     }
     case 8:
     {
+        if ( vlapic == NULL )
+            break;
         vlapic_set_reg(vlapic, APIC_TASKPRI, ((value & 0x0F) << 4));
         vlapic_update_ppr(vlapic);
         break;
@@ -1788,15 +1791,19 @@ static void mov_from_cr(int cr, int gp, 
     struct vcpu *v = current;
     struct vlapic *vlapic = VLAPIC(v);
 
-    if ( cr != 3 && cr != 8)
-        __hvm_bug(regs);
-
-    if ( cr == 3 )
-        value = (unsigned long) v->arch.hvm_vmx.cpu_cr3;
-    else if ( cr == 8 )
-    {
+    switch ( cr )
+    {
+    case 3:
+        value = (unsigned long)v->arch.hvm_vmx.cpu_cr3;
+        break;
+    case 8:
+        if ( vlapic == NULL )
+            break;
         value = (unsigned long)vlapic_get_reg(vlapic, APIC_TASKPRI);
         value = (value & 0xF0) >> 4;
+        break;
+    default:
+        __hvm_bug(regs);
     }
 
     switch ( gp ) {

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] [HVM] Mov to/from CR8 must be gated on whether VLAPIC device is created., Xen patchbot-unstable <=
Previous by Date:  [Xen-changelog] [xen-unstable] [HVM] Add RDMSR/WRMSR instruction emulation to VMXAssist decoder, Xen patchbot-unstable
Next by Date:  [Xen-changelog] [xen-unstable] [HVM][TOOLS] Improve warnign message when trying to create, Xen patchbot-unstable
Previous by Thread:  [Xen-changelog] [xen-unstable] [HVM] Add RDMSR/WRMSR instruction emulation to VMXAssist decoder, Xen patchbot-unstable
Next by Thread:  [Xen-changelog] [xen-unstable] [HVM][TOOLS] Improve warnign message when trying to create, Xen patchbot-unstable
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy