WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] Xen 4.0.0x allows for data corruption in Dom0

from [Keir Fraser] [Permanent Link][Original]
To: Jan Beulich <JBeulich@xxxxxxxxxx>, Pasi Kärkkäinen <pasik@xxxxxx>
Subject: Re: [Xen-devel] Xen 4.0.0x allows for data corruption in Dom0
From: Keir Fraser <keir.fraser@xxxxxxxxxxxxx>
Date: Tue, 09 Mar 2010 10:15:45 +0000
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>, Joanna Rutkowska <joanna@xxxxxxxxxxxxxxxxxxxxxx>, Daniel Stodden <Daniel.Stodden@xxxxxxxxxx>
Delivery-date: Tue, 09 Mar 2010 02:18:06 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4B9624FD02000078000336EA@xxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Acq/bDGQE464uO/jRqmaoQnOk7wANgABUl4k
Thread-topic: [Xen-devel] Xen 4.0.0x allows for data corruption in Dom0
User-agent: Microsoft-Entourage/12.23.0.091001 
On 09/03/2010 09:37, "Jan Beulich" <JBeulich@xxxxxxxxxx> wrote:

>> 7dc2000: 5a02 0000 0000 0000 760d d90c c500 0000  Z.......v.......
>> 7dc2010: 3785 8def 8003 0000 1eb2 27b5 ff00 0000  7.........'.....
>> 2dc0d000:7802 0000 0000 0000 ec70 d8eb ce00 0000  x........p......
>> 2dc0d010:6fb9 a66d 8403 0000 1eb2 27b5 ff00 0000  o..m......'.....
> 
> How about these being vcpu_time_info structures? The fields
> appear to all make sense. The only thing not matching this would
> be a few differently looking corruption entries sent earlier by Joanna,
> so this may not be the only thing. But it would explain why with 3.4.2
> the issue is not present.

Pasi, can you try the attached patch (which simply stubs out the new
VCPUOP_register_vcpu_time_memory_area hypercall)? I'm pretty sure this is
it: just look at the implementation of __update_vcpu_system_time: when
v!=current it will write to a virtual address in v, using current's page
tables. This will happen on context switch dom0->domU for example.

A quite suitable fix for 4.0.0 is to leave the hypercall stubbed out imo.

 -- Keir



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] Xen 4.0.0x allows for data corruption in Dom0, Jan Beulich
Next by Date:  Re: [Xen-devel] Xen 4.0.0x allows for data corruption in Dom0, Keir Fraser
Previous by Thread:  Re: [Xen-devel] Xen 4.0.0x allows for data corruption in Dom0, Keir Fraser
Next by Thread:  Re: [Xen-devel] Xen 4.0.0x allows for data corruption in Dom0, Pasi Kärkkäinen
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy