WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] [PATCH] Bug in HVM rtc emulation: wrongly placed return stat

from [Trolle Selander] [Permanent Link][Original]
To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] [PATCH] Bug in HVM rtc emulation: wrongly placed return statement in rtc_ioport_write. Also comment on possible flaw in current io intercept logic.
From: "Trolle Selander" <trolle.selander@xxxxxxxxx>
Date: Thu, 16 Nov 2006 12:37:36 +0100
Delivery-date: Thu, 16 Nov 2006 03:37:44 -0800
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=fcA1VgPHPHG9tyZwODPMYwfzHfUO3ckjuSQpHmitlhtwtpFdXVzh5izmCwXX5KpGHwq83IBzC95I1RJg0fy6rsqZfXr03jTcBysi4RhPwRUY9N2ovWXMqEIEuyP58iOcMlnzNzRYxiHEl6831MFSzOuKCr2SgEGJAsyKXZeOP0E=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
The rtc emulation currently has a mis-nested return statement, causing rtc_ioport_write to return 0 instead of 1 after doing an rtc cmos memory write.

This also exposed what looks to me like a fairly flaw in the io intercept handling; currently, if there's a handler set up, hvm_io_intercept returns the return value of the call to that handler, meaning that a handler that runs but returns 0 will get interpreted the same as an io which has no handler (and thus should be handled in qemu-dm rather than the hypervisor). This means that the io gets passed on to hvm_send_assist_req (in the case of the rtc bug this happened even though it had already been successfully handled) and ends up in qemu-dm.
I'm not sure if this is merely a "thinko", or if it's designed this way to have io ranges that are "partially" handled in the hypervisor and partially in qemu. Even if it's the latter, I think there needs to be a mechanism in place to distinguish the failure of a handler for an intercepted io from the nonexistence of a handler.

/Trolle


Attachment: rtc_return_nesting_fix.patch
Description: Binary data

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] Disk configuration problem, Ewan Mellor
Next by Date:  Re: [Xen-devel] [PATCH 0/2] PV framebuffer, Markus Armbruster
Previous by Thread:  [Xen-devel] [PATCH ]Fix of floppy disk configuration check, Kasai Takanori
Next by Thread:  Re: [Xen-devel] [PATCH] Bug in HVM rtc emulation: wrongly placed return statement in rtc_ioport_write. Also comment on possible flaw in current io intercept logic., Keir Fraser
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy