From: Jan Beulich <jbeulich@suse.com>
To: Roger Pau Monne <roger.pau@citrix.com>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>,
xen-devel@lists.xenproject.org
Subject: Re: [PATCH v4 1/3] x86/vmx: fix posted interrupts usage of msi_desc->msg field
Date: Tue, 11 Mar 2025 14:10:04 +0100 [thread overview]
Message-ID: <369daf2d-63de-4375-a11e-401135ede43b@suse.com> (raw)
In-Reply-To: <20250311120652.61366-2-roger.pau@citrix.com>
On 11.03.2025 13:06, Roger Pau Monne wrote:
> --- a/xen/arch/x86/hvm/vmx/vmx.c
> +++ b/xen/arch/x86/hvm/vmx/vmx.c
> @@ -396,6 +396,13 @@ static int cf_check vmx_pi_update_irte(const struct vcpu *v,
> const struct pi_desc *pi_desc = v ? &v->arch.hvm.vmx.pi_desc : NULL;
> struct irq_desc *desc;
> struct msi_desc *msi_desc;
> + /*
> + * vmx_pi_update_irte() relies on the IRTE already being setup, and just
> + * updates the guest vector, but not the other IRTE fields. As such the
> + * contents of msg are not consumed by iommu_update_ire_from_msi(). Even
> + * if not consumed, zero the contents to avoid possible stack leaks.
> + */
> + struct msi_msg msg = {};
What the comment says is true only when pi_desc != NULL. As can be seen in
context above, it can very well be NULL here, though (which isn't to say
that I'm convinced the NULL case is handled correctly here). I'd view it as
more safe anyway if you set msg from msi_desc->msg.
Jan
next prev parent reply other threads:[~2025-03-11 13:10 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-11 12:06 [PATCH v4 0/3] x86/pci: reduce PCI accesses Roger Pau Monne
2025-03-11 12:06 ` [PATCH v4 1/3] x86/vmx: fix posted interrupts usage of msi_desc->msg field Roger Pau Monne
2025-03-11 13:10 ` Jan Beulich [this message]
2025-03-11 14:15 ` Roger Pau Monné
2025-03-11 15:27 ` [PATCH v5 " Roger Pau Monne
2025-03-11 15:46 ` Jan Beulich
2025-03-11 12:06 ` [PATCH v4 2/3] x86/hvm: check return code of hvm_pi_update_irte when binding Roger Pau Monne
2025-03-11 13:17 ` Jan Beulich
2025-03-11 12:06 ` [PATCH v4 3/3] x86/iommu: avoid MSI address and data writes if IRT index hasn't changed Roger Pau Monne
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=369daf2d-63de-4375-a11e-401135ede43b@suse.com \
--to=jbeulich@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=roger.pau@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.