From mboxrd@z Thu Jan  1 00:00:00 1970
From: Razvan Cojocaru <rcojocaru@bitdefender.com>
Subject: Re: [PATCH 0/2] Xen/mem_event: Do not rely on the
 toolstack being bug-free
Date: Thu, 17 Jul 2014 23:26:36 +0300
Message-ID: <53C8317C.6020807@bitdefender.com>
References: <1405602637-8321-1-git-send-email-andrew.cooper3@citrix.com>	<CAGU+auuzOr5HSErrxmyhtxtP74gn=0L5TAZGR8FWBF6MeGFxUA@mail.gmail.com>
	<97A500D504438F4ABC02EBA81613CC6331885B2C@xmb-aln-x02.cisco.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <97A500D504438F4ABC02EBA81613CC6331885B2C@xmb-aln-x02.cisco.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: "Aravindh Puthiyaparambil (aravindp)" <aravindp@cisco.com>, Andrew Cooper <andrew.cooper3@citrix.com>
Cc: Xen-devel <xen-devel@lists.xen.org>
List-Id: xen-devel@lists.xenproject.org

On 07/17/2014 10:01 PM, Aravindh Puthiyaparambil (aravindp) wrote:
>> Xen performs insufficient validation of the contents of mem_event responses
>>from the toolstack.  As a result, a buggy toolstack could cause Xen to walk off
>> the end of a domain's vcpu list, and get out of sync with vcpu pause reference
>> counts.
>>
>> These two fixes are compile tested only, as I have no way to plausibly test the
>> mem-event functionality itself.
> 
> One easy way of testing is to use the tools/tests/xen-access test program which exercises mem_access and thereby mem_event. It is fairly easy to run. Bring up a domain and execute " xen-access <domain_id> write|exec". But I understand if you are under time constraints and cannot do it. If you Cc me on these patches, I will gladly test them for you.

Indeed, our application is very xen-access-like (except quite a bit more
involved), and I've tested the original patches with 5 different domains
3 times over - but it's a well-behaved citizen of the Xen ecosystem and
there were no gimmicks involved. No mem_events piled up, and there was
always just one mem_event handler per domain.

Everything went without a hitch, but I did not try to pause the domain
while it was running or try to trick the hypervisor in any way.


Thanks,
Razvan Cojocaru