WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] xen crash in tmem: checking a xen pfn for domain ownership

from [Dan Magenheimer] [Permanent Link][Original]
To: Keir Fraser <keir.fraser@xxxxxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxxxx>
Subject: [Xen-devel] xen crash in tmem: checking a xen pfn for domain ownership
From: Dan Magenheimer <dan.magenheimer@xxxxxxxxxx>
Date: Fri, 17 Sep 2010 09:29:54 -0700 (PDT)
Cc: Xen-devel <Xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Fri, 17 Sep 2010 09:33:37 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
Does the construct:

  xen_pfn_t gpfn;
  p2m_type_t t;
  unsigned long mfn;

  mfn = mfn_x(gfn_to_mfn(current->domain, gpfn, &t));
  if (t != p2m_ram_rw || cli_mfn == INVALID_MFN)
      return NULL; /* bad */
  return map_domain_page(mfn)

somehow check to ensure that pfn belongs to current->domain?
(See cli_mfn_to_va() in common/tmem_xen.c.)

If not, is there an easy way to perform that check?
(preferably one that works for both HVM and PV guests)

In debugging a tmem Linux-side guest patch, I discovered
that a bad mfn passed by the guest can crash Xen and
I think this assumption might be the problem.

Thanks,
Dan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] Re: [PATCH] nested virtualization: tools, Ian Jackson
Next by Date:  Re: [Xen-devel] kexec woes with 32-bit secondary kernel, Ian Jackson
Previous by Thread:  [Xen-devel] kexec woes with 32-bit secondary kernel, Jan Beulich
Next by Thread:  [Xen-devel] Re: xen crash in tmem: checking a xen pfn for domain ownership, Keir Fraser
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy