From mboxrd@z Thu Jan 1 00:00:00 1970 From: Joanna Rutkowska Subject: Re: Xen 4.0.0x allows for data corruption in Dom0 Date: Tue, 09 Mar 2010 00:30:30 +0100 Message-ID: <4B958896.4090004@invisiblethingslab.com> References: <20100307143631.GO2580@reaktio.net> <20100307161256.GQ2580@reaktio.net> <1268090552.27980.288.camel@agari.van.xensource.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2062023283==" Return-path: In-Reply-To: <1268090552.27980.288.camel@agari.van.xensource.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Daniel Stodden Cc: "xen-devel@lists.xensource.com" , Keir Fraser List-Id: xen-devel@lists.xenproject.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============2062023283== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig7B501D69DDC1D68B1D427599" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig7B501D69DDC1D68B1D427599 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 03/09/2010 12:22 AM, Daniel Stodden wrote: > On Sun, 2010-03-07 at 11:12 -0500, Pasi K=E4rkk=E4inen wrote: >> On Sun, Mar 07, 2010 at 02:39:09PM +0000, Keir Fraser wrote: >>> On 07/03/2010 14:36, "Pasi K=E4rkk=E4inen" wrote: >>> >>>>> Tried a few times and no luck reproducing so far. I hope some other= people >>>>> on the list also will give it a go, since it's so easy to try it ou= t. >>>>> >>>> >>>> I'm able to reproduce this with xen/master 2.6.31.6 dom0 kernel (fro= m >>>> 2010-02-20), >>>> but I'm not able to reproduce it with the current xen/stable 2.6.32.= 9. >>>> >>>> I'll try with the most recent 2.6.31.6 dom0 kernel aswell.. >>> >>> Thanks Pasi! >>> >> >> It seems to happen with the latest xen/master 2.6.31.6 aswell! >=20 > Does this look to you like we're corrupting memory or on-disk storage? >=20 > E.g. does a > $ dd if=3D/dev/zero bs=3D1M | hexdump -C=20 > have the same issue? >=20 I think there might be a chance that the above executes correctly, even if we have memory corruption -- this might be e.g. because the actual "dest" buffer here would be much smaller than the fs cache buffer used when we copy onto disk. And so our small dest buffer might just not be so likely to be hit with this presumably random corruption. Perhaps dd'ing onto /dev/shm would be a better way to check this? joanna. --------------enig7B501D69DDC1D68B1D427599 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkuViJcACgkQORdkotfEW86cuACguUqOEpFjvrmZHHMJ82HxlT7B jngAn1cKTbZHHFi/AxckYcQlVOdQVX3a =TnxM -----END PGP SIGNATURE----- --------------enig7B501D69DDC1D68B1D427599-- --===============2062023283== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel --===============2062023283==--