WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] [PATCH] X86 MCE: Prevent malicious guest access broken page

from [Liu, Jinsong] [Permanent Link][Original]
To: Keir Fraser <keir.xen@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] [PATCH] X86 MCE: Prevent malicious guest access broken page again
From: "Liu, Jinsong" <jinsong.liu@xxxxxxxxx>
Date: Thu, 29 Sep 2011 23:22:00 +0800
Accept-language: en-US
Acceptlanguage: en-US
Cc: "Jiang, Yunhong" <yunhong.jiang@xxxxxxxxx>
Delivery-date: Thu, 29 Sep 2011 08:25:14 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Acx+u4i3DTnHPNCrTHGpE8IgVH6K2w==
Thread-topic: [PATCH] X86 MCE: Prevent malicious guest access broken page again 
X86 MCE: Prevent malicious guest access broken page again

To avoid recursive mce.

Signed-off-by: Liu, Jinsong <jinsong.liu@xxxxxxxxx>

diff -r 753cbb4f4416 xen/arch/x86/cpu/mcheck/mce_intel.c
--- a/xen/arch/x86/cpu/mcheck/mce_intel.c       Sat Aug 20 23:53:03 2011 +0800
+++ b/xen/arch/x86/cpu/mcheck/mce_intel.c       Sun Aug 21 00:45:44 2011 +0800
@@ -665,6 +665,8 @@ static void intel_memerr_dhandler(
     /* This is free page */
     if (status & PG_OFFLINE_OFFLINED)
         *result = MCER_RECOVERED;
+    else if (status & PG_OFFLINE_AGAIN)
+        *result = MCER_CONTINUE;
     else if (status & PG_OFFLINE_PENDING) {
         /* This page has owner */
         if (status & PG_OFFLINE_OWNED) {
diff -r 753cbb4f4416 xen/common/page_alloc.c
--- a/xen/common/page_alloc.c   Sat Aug 20 23:53:03 2011 +0800
+++ b/xen/common/page_alloc.c   Sun Aug 21 00:45:44 2011 +0800
@@ -38,6 +38,7 @@
 #include <xen/tmem.h>
 #include <xen/tmem_xen.h>
 #include <public/sysctl.h>
+#include <public/sched.h>
 #include <asm/page.h>
 #include <asm/numa.h>
 #include <asm/flushtlb.h>
@@ -708,6 +709,19 @@ int offline_page(unsigned long mfn, int 
         return -EINVAL;
     }
 
+    /*
+     * NB. When broken page belong to guest, usually hypervisor will
+     * notify the guest to handle the broken page. However, hypervisor
+     * need to prevent malicious guest access the broken page again.
+     * Under such case, hypervisor shutdown guest, preventing recursive mce.
+     */
+    if ( (pg->count_info & PGC_broken) && (owner = page_get_owner(pg)) )
+    {
+        *status = PG_OFFLINE_AGAIN;
+        domain_shutdown(owner, SHUTDOWN_crash);
+        return 0;
+    }
+
     spin_lock(&heap_lock);
 
     old_info = mark_page_offline(pg, broken);
diff -r 753cbb4f4416 xen/include/public/sysctl.h
--- a/xen/include/public/sysctl.h       Sat Aug 20 23:53:03 2011 +0800
+++ b/xen/include/public/sysctl.h       Sun Aug 21 00:45:44 2011 +0800
@@ -399,6 +399,7 @@ struct xen_sysctl_page_offline_op {
 #define PG_OFFLINE_OFFLINED  (0x1UL << 1)
 #define PG_OFFLINE_PENDING   (0x1UL << 2)
 #define PG_OFFLINE_FAILED    (0x1UL << 3)
+#define PG_OFFLINE_AGAIN     (0x1UL << 4)
 
 #define PG_ONLINE_FAILED     PG_OFFLINE_FAILED
 #define PG_ONLINE_ONLINED    PG_OFFLINE_OFFLINED

Attachment: srar-2.patch
Description: srar-2.patch

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-devel] [PATCH] X86 MCE: Prevent malicious guest access broken page again, Liu, Jinsong <=
Previous by Date:  [Xen-devel] [PATCH] X86 MCE: Add SRAR handler, Liu, Jinsong
Next by Date:  Re: [Xen-devel] [PATCH V9 0/7] Introduce a QMP client, Ian Jackson
Previous by Thread:  [Xen-devel] [PATCH] X86 MCE: Add SRAR handler, Liu, Jinsong
Next by Thread:  [Xen-devel] [PATCH 0/4] xen: map foreign pages for shared rings by updating the PTEs directly, David Vrabel
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy