From mboxrd@z Thu Jan 1 00:00:00 1970 From: Huaitong Han Subject: [PATCH V2] x86/xsaves: get_xsave_addr, check xsave header and support uncompressed format Date: Fri, 18 Dec 2015 23:03:03 +0800 Message-ID: <1450450983-6095-1-git-send-email-huaitong.han@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: jbeulich@suse.com, andrew.cooper3@citrix.com, keir@xen.org Cc: Huaitong Han , shuai.ruan@linux.intel.com, xen-devel@lists.xen.org List-Id: xen-devel@lists.xenproject.org The check needs to be against the xsave header in the area, rather than Xen's maximum xfeature_mask. A guest might easily have a smaller xcr0 than the maximum Xen is willing to allow, causing the pointer below to be bogus. The get_xsave_addr() is modified to support uncompressed xstate areas. Signed-off-by: Huaitong Han --- xen/arch/x86/xstate.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/xen/arch/x86/xstate.c b/xen/arch/x86/xstate.c index b65da38..4e87ab3 100644 --- a/xen/arch/x86/xstate.c +++ b/xen/arch/x86/xstate.c @@ -146,12 +146,15 @@ static void __init setup_xstate_comp(void) } } -static void *get_xsave_addr(void *xsave, unsigned int xfeature_idx) +static void *get_xsave_addr(struct xsave_struct *xsave, + unsigned int xfeature_idx) { - if ( !((1ul << xfeature_idx) & xfeature_mask) ) + if ( !((1ul << xfeature_idx) & xsave->xsave_hdr.xstate_bv) ) return NULL; - return xsave + xstate_comp_offsets[xfeature_idx]; + return (void *)xsave + (xsave_area_compressed(xsave) + ? xstate_comp_offsets + : xstate_offsets)[xfeature_idx]; } void expand_xsave_states(struct vcpu *v, void *dest, unsigned int size) -- 2.4.3