[Xen-devel] [PATCH] Don't crash guest when HVM guest attempts to access HPET registers across boundaries.

["Cui, Dexuan" <dexuan.cui@xxxxxxxxx>]

HPET sepc says
"Software must not attempt to read or write across register boundaries.
For example, a 32-bit access
must be to offset 00h, 04h, 08h, or 0Ch. 32-bit accesses must not be to
01h, 02h, 03h, 05h, 06h, 07h,
09h, 0Ah, 0Bh, 0Dh, 0Eh, or 0Fh. 64-bit accesses can only be to 00h or
08h and must not cross 64-bit
boundaries."

ICH9 spec says
"Software must not attempt to read or write across register boundaries.
For example, a 32-bit
access should be to offset x0h, x4h, x8h, or xCh. 32-bit accesses should
not be to 01h, 02h,
03h, 05h, 06h, 07h, 09h, 0Ah, 0Bh, 0Dh, 0Eh, or 0Fh. Any accesses to
these offsets will result
in an unexpected behavior, and may result in a master abort. However,
these accesses should
not result in system hangs. 64-bit accesses can only be to x0h and must
not cross 64-bit
boundaries"

Normally no OS would break the Specs.
However, the "CrashMe" test attempts a 32-bit access to an
non-32-bit-aligned address.
To pass the test, let us apply the following patch (it just ignores the
non-aligned write, and returns ~0UL for unaligned read).

diff -r ba69fe2dce91 xen/arch/x86/hvm/hpet.c
--- a/xen/arch/x86/hvm/hpet.c   Tue Nov 13 20:13:50 2007 +0000
+++ b/xen/arch/x86/hvm/hpet.c   Wed Nov 21 11:53:43 2007 +0800
@@ -129,7 +129,6 @@ static inline int hpet_check_access_leng
     {
         gdprintk(XENLOG_ERR, "HPET: access across register boundary: "
                  "%lx %lx\n", addr, len);
-        domain_crash(current->domain);
         return -EINVAL;
     }


-- -- Dexuan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel