WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [PATCH] Protect Xen against accessing NULL-pointer trigg

from [Yang, Xiaowei] [Permanent Link][Original]
To: "Santos, Jose Renato G" <joserenato.santos@xxxxxx>
Subject: Re: [Xen-devel] [PATCH] Protect Xen against accessing NULL-pointer triggered by Xenoprof Hypercall in dom0
From: "Yang, Xiaowei" <xiaowei.yang@xxxxxxxxx>
Date: Thu, 22 Jan 2009 08:50:25 +0800
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Wed, 21 Jan 2009 16:50:59 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <EF547E542C520A4D858CFEF5B404D0533DC37A7C0A@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <4976A436.7070704@xxxxxxxxx> <EF547E542C520A4D858CFEF5B404D0533DC37A7C0A@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.19 (X11/20090105) 
Santos, Jose Renato G wrote:

Xiaowei,

Could you please clarify what is the NULL pointer problem that you want to 
prevent with this patch?
Thanks
Oh, let me put more details. For late coming CPUs that Xenoprof doesn't support yet, pointers cpu_type and model could be unassigned at init time and remains as NULL. However almost all Xenoprof internal functions doesn't check it before using. If the hyercall handler doesn't take care of it, dom0 could exploit it (e.g. XENOPROF_reserve_counters) to trigger Xen NULL-pointer access. 

Thanks,
Xiaowei


Renato


-----Original Message-----
From: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
[mailto:xen-devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of
Yang, Xiaowei
Sent: Tuesday, January 20, 2009 8:28 PM
To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] [PATCH] Protect Xen against accessing
NULL-pointer triggered by Xenoprof Hypercall in dom0

Xenoprof Hypercall in dom0 could trigger Xen accessing
NULL-pointer and results in fatal page fault. The patch prevents it.

Signed-off-by: Xiaowei Yang <xiaowei.yang@xxxxxxxxx>

Thanks,
Xiaowei





_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] Mapping pci resources for graphics passthrough, Alexia Benington
Next by Date:  RE: [Xen-devel] RFC: Xen VMDq patch for ixgbe, Santos, Jose Renato G
Previous by Thread:  RE: [Xen-devel] [PATCH] Protect Xen against accessing NULL-pointer triggered by Xenoprof Hypercall in dom0, Santos, Jose Renato G
Next by Thread:  RE: [Xen-devel] [PATCH] Protect Xen against accessing NULL-pointer triggered by Xenoprof Hypercall in dom0, Santos, Jose Renato G
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy