WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-bugs

[Xen-bugs] [Bug 687] New: x86-64 Dom0 and DomU kernel crashes in page fa

To: xen-bugs@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-bugs] [Bug 687] New: x86-64 Dom0 and DomU kernel crashes in page fault handler if alignment checking is enabled in eflags
From: bugzilla-daemon@xxxxxxxxxxxxxxxxxxx
Date: Wed, 21 Jun 2006 16:36:39 -0700
Delivery-date: Wed, 21 Jun 2006 16:37:43 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-bugs-request@lists.xensource.com?subject=help>
List-id: Xen Bugzilla <xen-bugs.lists.xensource.com>
List-post: <mailto:xen-bugs@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-bugs>, <mailto:xen-bugs-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-bugs>, <mailto:xen-bugs-request@lists.xensource.com?subject=unsubscribe>
Reply-to: bugs@xxxxxxxxxxxxxxxxxx
Sender: xen-bugs-bounces@xxxxxxxxxxxxxxxxxxx
http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=687

           Summary: x86-64 Dom0 and DomU kernel crashes in page fault
                    handler if alignment checking is enabled in eflags
           Product: Xen
           Version: 3.0.2
          Platform: x86-64
        OS/Version: Linux-2.6
            Status: NEW
          Severity: major
          Priority: P2
         Component: Guest-OS
        AssignedTo: xen-bugs@xxxxxxxxxxxxxxxxxxx
        ReportedBy: gareth@xxxxxxxxxxxxxx


x86-64 kernel crashes in page fault handler if a user space application has
enabled alignment checking in the eflags register (i.e X86_EFLAGS_AC 
0x00040000).  The first page fault to be handled after enabling alignment
checking causes the crash.

I suspect the cause is that entry-Xen.s does not preserve / restore the eflags
in the same way as the stock Linux kernel would.

I've marked this as a major bug as it causes the DomU (or Dom0) kernel to panic
and crash immediately and could be a potential denial of service attack as it
does not require any special priveleges to cause.

Will attach a testcase shortly


-- 
Configure bugmail: 
http://bugzilla.xensource.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

_______________________________________________
Xen-bugs mailing list
Xen-bugs@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-bugs

<Prev in Thread] Current Thread [Next in Thread>