From: David Vrabel <david.vrabel@citrix.com>
To: Ian Campbell <Ian.Campbell@citrix.com>
Cc: xen-devel <xen-devel@lists.xenproject.org>,
Keir Fraser <keir@xen.org>, Jan Beulich <JBeulich@suse.com>
Subject: Re: [PATCH 3/3] evtchn/fifo: don't spin indefinitely when setting LINK
Date: Mon, 4 Nov 2013 15:11:51 +0000 [thread overview]
Message-ID: <5277B937.5060803@citrix.com> (raw)
In-Reply-To: <1383577632.8826.86.camel@kazak.uk.xensource.com>
On 04/11/13 15:07, Ian Campbell wrote:
> On Mon, 2013-11-04 at 14:52 +0000, David Vrabel wrote:
>> On 04/11/13 14:39, Jan Beulich wrote:
>>>>>> On 31.10.13 at 16:03, David Vrabel <david.vrabel@citrix.com> wrote:
>>>> From: David Vrabel <david.vrabel@citrix.com>
>>>>
>>>> A malicious or buggy guest can cause another domain to spin
>>>> indefinitely by repeatedly writing to an event word when the other
>>>> domain is trying to link a new event. The cmpxchg() in
>>>> evtchn_fifo_set_link() will repeatedly fail and the loop may never
>>>> terminate.
>>>
>>> So here you talk of two guests (with me not immediately seeing
>>> where that interaction comes from - is it that for an interdomain
>>> event the receiver could harm the sender?), ...
>>
>> Yes. Guest A notifies guest M which requires linking a new event into
>> one of guest B's event queue. While guest A is writing the guest M's
>> event array (to set the LINK field), guest M may repeatedly write to the
>> same event word, causing the cmpxchg() to repeatedly fail.
>
> M == B here?
Yes. I originally had B then changed it to M for Malicious to be clearer...
David
next prev parent reply other threads:[~2013-11-04 15:11 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-10-31 15:03 [PATCHv2 0/3] Xen: FIFO-based event channel ABI fixes David Vrabel
2013-10-31 15:03 ` [PATCH 1/3] MAINTAINERS: Add FIFO-based event channel ABI maintainer David Vrabel
2013-11-04 14:29 ` Jan Beulich
2013-11-05 21:06 ` Keir Fraser
2013-11-06 11:49 ` David Vrabel
2013-11-06 12:40 ` Jan Beulich
2013-10-31 15:03 ` [PATCH 2/3] evtchn: don't lose pending state if FIFO event array page is missing David Vrabel
2013-11-04 14:29 ` Jan Beulich
2013-11-05 21:07 ` Keir Fraser
2013-10-31 15:03 ` [PATCH 3/3] evtchn/fifo: don't spin indefinitely when setting LINK David Vrabel
2013-10-31 18:13 ` Boris Ostrovsky
2013-11-04 14:39 ` Jan Beulich
2013-11-04 14:52 ` David Vrabel
2013-11-04 14:57 ` Jan Beulich
2013-11-04 16:30 ` David Vrabel
2013-11-05 14:18 ` Jan Beulich
2013-11-04 15:07 ` Ian Campbell
2013-11-04 15:11 ` David Vrabel [this message]
2013-11-05 14:19 ` Jan Beulich
2013-11-05 14:25 ` Jan Beulich
2013-11-06 13:38 ` David Vrabel
2013-11-06 15:01 ` Boris Ostrovsky
2013-11-06 15:07 ` David Vrabel
2013-11-10 21:21 ` Matt Wilson
2013-10-31 15:13 ` [PATCHv2 0/3] Xen: FIFO-based event channel ABI fixes David Vrabel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5277B937.5060803@citrix.com \
--to=david.vrabel@citrix.com \
--cc=Ian.Campbell@citrix.com \
--cc=JBeulich@suse.com \
--cc=keir@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.