>>> On 18.07.18 at 14:30, <andrew.coop...@citrix.com> wrote:
> If valid_xcr0() accepts a new_bv which exceeds xfeature_mask, then something
> is broken with the CPUID policiy derivation or auditing logic.  If hardware
> rejects new_bv, then something is broken with Xen's xstate logic.

With what I've said about valid_xcr0() in reply to patch 1, this is
incorrect, and hence both text and first half of the code change
need re-doing. Provided that's what we want in the first place,
but I'd have to see the new version in order to be able to sensibly
judge.

Jan

> In both cases, crash the domain with an obvious error message, to help
> highlight the issues.
> 
> Signed-off-by: Andrew Cooper <andrew.coop...@citrix.com>
> ---
> CC: Jan Beulich <jbeul...@suse.com>
> ---
>  xen/arch/x86/xstate.c | 18 +++++++++++++++++-
>  1 file changed, 17 insertions(+), 1 deletion(-)
> 
> diff --git a/xen/arch/x86/xstate.c b/xen/arch/x86/xstate.c
> index 44b993f..06c94f8 100644
> --- a/xen/arch/x86/xstate.c
> +++ b/xen/arch/x86/xstate.c
> @@ -708,11 +708,27 @@ int handle_xsetbv(u32 index, u64 new_bv)
>      if ( index != XCR_XFEATURE_ENABLED_MASK )
>          return -EOPNOTSUPP;
>  
> -    if ( (new_bv & ~xfeature_mask) || !valid_xcr0(curr->domain, new_bv) )
> +    if ( !valid_xcr0(curr->domain, new_bv) )
>          return -EINVAL;
>  
> +    if ( new_bv & ~xfeature_mask )
> +    {
> +        gprintk(XENLOG_ERR,
> +                "new_bv %016" PRIx64 " exceeds hardware max %016" PRIx64 
> "\n",
> +                new_bv, xfeature_mask);
> +        domain_crash(curr->domain);
> +
> +        return -EINVAL;
> +    }
> +
>      if ( !set_xcr0(new_bv) )
> +    {
> +        gprintk(XENLOG_ERR, "new_bv %016" PRIx64 " rejected by hardware\n",
> +                new_bv);
> +        domain_crash(curr->domain);
> +
>          return -EFAULT;
> +    }
>  
>      mask = new_bv & ~curr->arch.xcr0_accum;
>      curr->arch.xcr0 = new_bv;
> -- 
> 2.1.4





_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

Reply via email to