WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Xen
Home Products Support Community News

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
<prev [Thread] next>

[Xen-devel] Invalid PDE entry in vmx domain will crash system.

from [Li, Xin B] [Permanent Link][Original]
To: <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] Invalid PDE entry in vmx domain will crash system.
From: "Li, Xin B" <xin.b.li@xxxxxxxxx>
Date: 2006年1月12日 20:53:28 +0800
Delivery-date: 2006年1月12日 13:00:06 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcYXdy7iJO2UDd7oSRyGUjHLZA8tYQ==
Thread-topic: Invalid PDE entry in vmx domain will crash system. 
Hi Keir, we found invalid PDE entry in vmx domain will crash the whole
system, the code is in update_hl2e():
static inline void
update_hl2e(struct vcpu *v, unsigned long va)
{
 int index = l2_table_offset(va);
 unsigned long mfn;
 l2_pgentry_t gl2e = v->arch.guest_vtable[index];
 l1_pgentry_t old_hl2e, new_hl2e;
 int need_flush = 0;
 ASSERT(shadow_mode_translate(v->domain));
 old_hl2e = v->arch.hl2_vtable[index];
 if ( (l2e_get_flags(gl2e) & _PAGE_PRESENT) &&
 VALID_MFN(mfn = get_mfn_from_pfn(l2e_get_pfn(gl2e))) )
 new_hl2e = l1e_from_pfn(mfn, __PAGE_HYPERVISOR);
 else
 new_hl2e = l1e_empty();
... ...
}
Here, if there is an invalid PDE entry in VMX domain (For example, a VMX
domain only has 512M RAM, but a PDE entry is 0x40000063, the pfn is
beyond 512M RAM), so this invalid PDE entry will cause mfn =
get_mfn_from_pfn(l2e_get_pfn(gl2e)) return the invalid mfn = 0xFFFFFFFF,
and then a bad PTE is set into hl2 table, and later while trying to get
the gl1e of VMX guest, a page fault happened in Xen, and crashed the
system.
The problem here is, even there is an invalid PDE entry in VMX guest,
xen HV should not crash. We need a patch to protect Xen HV here, two
pieces of code need change:
1) if VALID_MFN(mfn = get_mfn_from_pfn(l2e_get_pfn(gl2e))) is true, this
function should fail. But seems xenlinux also uses this function, will
such change impact on xenlinux? Or only fail when it's external mode.
2) Jun suggested when accessing linear_pg_table, we should use
copy_from_user, change 
 orig_gpte = gpte = linear_pg_table[l1_linear_offset(va)];
To
 if ( !(__copy_from_user(&gpte,
&linear_pg_table[l1_linear_offset(va)],
 sizeof(gpte)) == 0) )
 {
 printk("Bad guest PDE entry: gpde = 0x%x, va = 0x%lx\n",
 l2e_get_intpte(gpde), va);
 //fail handling...
 }
If you think it's OK, I will send a patch later.
-Xin
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date: RE: [Xen-devel] performance problems... , James Harper
Next by Date: [Xen-devel] Re: [RFC] [PATCH] sysfs support for Xen attributes , Gerd Hoffmann
Previous by Thread: [Xen-devel] connecting dom0 directly to the bridge (was: performance problems...) , Goetz Bock
Next by Thread: Re: [Xen-devel] Invalid PDE entry in vmx domain will crash system. , Keir Fraser
Indexes: [Date] [Thread] [Top] [All Lists]

Copyright ©, Citrix Systems Inc. All rights reserved. Legal and Privacy
Citrix This site is hosted by Citrix

AltStyle によって変換されたページ (->オリジナル) /