From: Stefan Bader <stefan.bader@canonical.com>
To: Jan Beulich <JBeulich@suse.com>
Cc: xen-devel <xen-devel@lists.xenproject.org>
Subject: Re: Fwd: Xen-4.1.6.1 backport for XSA156
Date: Fri, 20 Nov 2015 17:15:07 +0100 [thread overview]
Message-ID: <564F470B.2030908@canonical.com> (raw)
In-Reply-To: <564F45DE.1010504@canonical.com>
[-- Attachment #1.1: Type: text/plain, Size: 2531 bytes --]
On 20.11.2015 17:10, Stefan Bader wrote:
> On 20.11.2015 16:59, Jan Beulich wrote:
>>>>> On 20.11.15 at 16:03, <stefan.bader@canonical.com> wrote:
>>> I am currently trying to backport the changes of XSA156 back to Xen-4.1.x and I
>>> am struggling with the VMX side. I did see the backports made for 4.2 and 3.4 on
>>> the security mailing list but I am not sure the 3.4 backport is not having the
>>> same issues (or similar ones).
>>>
>>> Trying to write down my understanding of the changes: For the 3.4 backport there
>>> are only changes to the toggles for debugging and the general trap mask. So if I
>>> understand this right, before the change, TRAP_debug and TRAP_int3 were only
>>> handled in vmexit when a debugger was attached to the domain. Now, only
>>> TRAP_int3 will be toggled and TRAP_debug is always handled.
>>
>> I've never looked at that 3.4 backport, but not changing the VMEXIT
>> handling certainly sounds wrong. I'll attach what I have done for 4.1.
>> Please report back any problems you encounter.
>
> If I am not missing any detail your 4.1 patch looks exactly the same as the
> version I ended up with (basically dropping some trace).
> Have you tested the resulting HV on an Intel/VMX box and tried to use ptrace
> inside the HVM guest?
>
> This is where my problems come from. Or potentially your vmx_inject_hw_exception
> has been modified since stable-4.1.6.1?
So this is a quick hack I just tried and that keeps the HVM alive:
@@ -1294,7 +1288,6 @@ void vmx_inject_hw_exception(int trap, i
switch ( trap )
{
case TRAP_debug:
- type = X86_EVENTTYPE_SW_EXCEPTION;
if ( guest_cpu_user_regs()->eflags & X86_EFLAGS_TF )
{
__restore_debug_registers(curr);
@@ -1302,6 +1295,13 @@ void vmx_inject_hw_exception(int trap, i
}
if ( cpu_has_monitor_trap_flag )
break;
+ if ( curr->domain->debugger_attached )
+ {
+ /* Debug/Int3: Trap to debugger. */
+ domain_pause_for_debugger();
+ return;
+ }
+ break;
case TRAP_int3:
if ( curr->domain->debugger_attached )
{
Though this looks like an ugly hack and probably is wrong in the other case of
TRAP_debug caused by an opcode...
-Stefan
>
> -Stefan
>>
>> Jan
>>
>
>
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel
>
[-- Attachment #1.2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2015-11-20 16:15 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <564F0603.2080708@canonical.com>
2015-11-20 15:03 ` Fwd: Xen-4.1.6.1 backport for XSA156 Stefan Bader
2015-11-20 15:59 ` Jan Beulich
2015-11-20 16:10 ` Stefan Bader
2015-11-20 16:15 ` Stefan Bader [this message]
2015-11-20 16:54 ` Jan Beulich
2015-11-20 17:07 ` Stefan Bader
2015-11-23 7:37 ` Jan Beulich
2015-11-23 7:51 ` Jan Beulich
2015-11-23 8:45 ` Stefan Bader
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=564F470B.2030908@canonical.com \
--to=stefan.bader@canonical.com \
--cc=JBeulich@suse.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.