* [PATCH][STABLE] KVM: x86: Fix TSS size check for 16-bit tasks
@ 2010-04-14 14:57 Jan Kiszka
2010-04-21 9:16 ` Avi Kivity
0 siblings, 1 reply; 4+ messages in thread
From: Jan Kiszka @ 2010-04-14 14:57 UTC (permalink / raw)
To: Avi Kivity, Marcelo Tosatti; +Cc: kvm
A 16-bit TSS is only 44 bytes long. So make sure to test for the correct
size on task switch.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
This is a backport of 8f2d524 from master. It applies at least down to
2.6.32 and should be considered for the stable queues.
arch/x86/kvm/x86.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index e46282a..35eabd8 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -5145,6 +5145,7 @@ int kvm_task_switch(struct kvm_vcpu *vcpu, u16 tss_selector, int reason)
int ret = 0;
u32 old_tss_base = get_segment_base(vcpu, VCPU_SREG_TR);
u16 old_tss_sel = get_segment_selector(vcpu, VCPU_SREG_TR);
+ u32 desc_limit;
old_tss_base = kvm_mmu_gva_to_gpa_write(vcpu, old_tss_base, NULL);
@@ -5167,7 +5168,10 @@ int kvm_task_switch(struct kvm_vcpu *vcpu, u16 tss_selector, int reason)
}
}
- if (!nseg_desc.p || get_desc_limit(&nseg_desc) < 0x67) {
+ desc_limit = get_desc_limit(&nseg_desc);
+ if (!nseg_desc.p ||
+ ((desc_limit < 0x67 && (nseg_desc.type & 8)) ||
+ desc_limit < 0x2b)) {
kvm_queue_exception_e(vcpu, TS_VECTOR, tss_selector & 0xfffc);
return 1;
}
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH][STABLE] KVM: x86: Fix TSS size check for 16-bit tasks
2010-04-14 14:57 [PATCH][STABLE] KVM: x86: Fix TSS size check for 16-bit tasks Jan Kiszka
@ 2010-04-21 9:16 ` Avi Kivity
2010-04-21 10:25 ` Jan Kiszka
0 siblings, 1 reply; 4+ messages in thread
From: Avi Kivity @ 2010-04-21 9:16 UTC (permalink / raw)
To: Jan Kiszka; +Cc: Marcelo Tosatti, kvm
On 04/14/2010 05:57 PM, Jan Kiszka wrote:
> A 16-bit TSS is only 44 bytes long. So make sure to test for the correct
> size on task switch.
>
> Signed-off-by: Jan Kiszka<jan.kiszka@siemens.com>
> ---
>
> This is a backport of 8f2d524 from master. It applies at least down to
> 2.6.32 and should be considered for the stable queues.
>
>
This (and the exception thing) does not qualify under the usual stable
rules (regression or host security: in, otherwise out). I prefer to
delay brining up a new guest for one release rather than risk a
regression. If you have a special requirement for it this can be relaxed.
--
error compiling committee.c: too many arguments to function
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH][STABLE] KVM: x86: Fix TSS size check for 16-bit tasks
2010-04-21 9:16 ` Avi Kivity
@ 2010-04-21 10:25 ` Jan Kiszka
2010-04-21 10:47 ` Avi Kivity
0 siblings, 1 reply; 4+ messages in thread
From: Jan Kiszka @ 2010-04-21 10:25 UTC (permalink / raw)
To: Avi Kivity; +Cc: Marcelo Tosatti, kvm
Avi Kivity wrote:
> On 04/14/2010 05:57 PM, Jan Kiszka wrote:
>> A 16-bit TSS is only 44 bytes long. So make sure to test for the correct
>> size on task switch.
>>
>> Signed-off-by: Jan Kiszka<jan.kiszka@siemens.com>
>> ---
>>
>> This is a backport of 8f2d524 from master. It applies at least down to
>> 2.6.32 and should be considered for the stable queues.
>>
>>
>
> This (and the exception thing) does not qualify under the usual stable
> rules (regression or host security: in, otherwise out). I prefer to
> delay brining up a new guest for one release rather than risk a
> regression. If you have a special requirement for it this can be relaxed.
>
In the end, we have to convince the customer's distro provider to
include this. It would have been easier with an upstream merge, but it
also is not impossible without it.
But I'm not 100% convinced that the criteria you mentioned match all the
merged stable patches. There have been feature fixes before - though
they had more impact on common guests. I can understand your concerns
regarding the exception fix (which diverges from master after recent
refactorings), but I can't see what makes this obvious fix problematic.
Jan
--
Siemens AG, Corporate Technology, CT T DE IT 1
Corporate Competence Center Embedded Linux
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH][STABLE] KVM: x86: Fix TSS size check for 16-bit tasks
2010-04-21 10:25 ` Jan Kiszka
@ 2010-04-21 10:47 ` Avi Kivity
0 siblings, 0 replies; 4+ messages in thread
From: Avi Kivity @ 2010-04-21 10:47 UTC (permalink / raw)
To: Jan Kiszka; +Cc: Marcelo Tosatti, kvm
On 04/21/2010 01:25 PM, Jan Kiszka wrote:
>
>> This (and the exception thing) does not qualify under the usual stable
>> rules (regression or host security: in, otherwise out). I prefer to
>> delay brining up a new guest for one release rather than risk a
>> regression. If you have a special requirement for it this can be relaxed.
>>
>>
> In the end, we have to convince the customer's distro provider to
> include this. It would have been easier with an upstream merge, but it
> also is not impossible without it.
>
> But I'm not 100% convinced that the criteria you mentioned match all the
> merged stable patches. There have been feature fixes before - though
> they had more impact on common guests.
Right, we try to balance risk and pain.
> I can understand your concerns
> regarding the exception fix (which diverges from master after recent
> refactorings), but I can't see what makes this obvious fix problematic.
>
The TSS fix is indeed trivial. I'll queue it up. Nevertheless, even
trivial fixes have risks.
--
error compiling committee.c: too many arguments to function
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2010-04-21 10:47 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-04-14 14:57 [PATCH][STABLE] KVM: x86: Fix TSS size check for 16-bit tasks Jan Kiszka
2010-04-21 9:16 ` Avi Kivity
2010-04-21 10:25 ` Jan Kiszka
2010-04-21 10:47 ` Avi Kivity
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox