From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andrew Cooper <andrew.cooper3@citrix.com>
Subject: Re: [PATCH 5/5] x86/PV: don't commit debug register
 values early in arch_set_info_guest()
Date: Tue, 10 Dec 2013 17:23:45 +0000
Message-ID: <52A74E21.6050003@citrix.com>
References: <52A744B7020000780010BEF1@nat28.tlf.novell.com>
	<52A745FA020000780010BF2E@nat28.tlf.novell.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="===============7860477313179440685=="
Return-path: <xen-devel-bounces@lists.xen.org>
Received: from mail6.bemta5.messagelabs.com ([195.245.231.135])
	by lists.xen.org with esmtp (Exim 4.72)
	(envelope-from <Andrew.Cooper3@citrix.com>) id 1VqR2D-0003Ii-By
	for xen-devel@lists.xenproject.org; Tue, 10 Dec 2013 17:23:49 +0000
In-Reply-To: <52A745FA020000780010BF2E@nat28.tlf.novell.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Jan Beulich <JBeulich@suse.com>
Cc: George Dunlap <George.Dunlap@eu.citrix.com>, xen-devel <xen-devel@lists.xenproject.org>, Keir Fraser <keir@xen.org>
List-Id: xen-devel@lists.xenproject.org

--===============7860477313179440685==
Content-Type: multipart/alternative;
	boundary="------------000709030605060803090307"

--------------000709030605060803090307
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit

On 10/12/13 15:48, Jan Beulich wrote:
> They're being taken care of later (via set_debugreg()), and temporarily
> copying them into struct vcpu means that bad values may end up getting
> loaded during context switch if the vCPU is already running and the
> function errors out between the premature and real commit step, leading
> to the same issue that XSA-12 dealt with.
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> Acked-by: Ian Campbell <ian.campbell@citrix.com>

Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>

>
> --- a/xen/arch/x86/domain.c
> +++ b/xen/arch/x86/domain.c
> @@ -740,11 +740,12 @@ int arch_set_info_guest(
>              XLAT_trap_info(v->arch.pv_vcpu.trap_ctxt + i,
>                             c.cmp->trap_ctxt + i);
>      }
> -    for ( i = 0; i < ARRAY_SIZE(v->arch.debugreg); ++i )
> -        v->arch.debugreg[i] = c(debugreg[i]);
>  
>      if ( has_hvm_container_vcpu(v) )
>      {
> +        for ( i = 0; i < ARRAY_SIZE(v->arch.debugreg); ++i )
> +            v->arch.debugreg[i] = c(debugreg[i]);
> +
>          /*
>           * NB: TF_kernel_mode is set unconditionally for HVM guests,
>           * so we always use the gs_base_kernel here. If we change this
>
>
>
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel


--------------000709030605060803090307
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit

<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <div class="moz-cite-prefix">On 10/12/13 15:48, Jan Beulich wrote:<br>
    </div>
    <blockquote cite="mid:52A745FA020000780010BF2E@nat28.tlf.novell.com"
      type="cite">
      <pre wrap="">They're being taken care of later (via set_debugreg()), and temporarily
copying them into struct vcpu means that bad values may end up getting
loaded during context switch if the vCPU is already running and the
function errors out between the premature and real commit step, leading
to the same issue that XSA-12 dealt with.

Signed-off-by: Jan Beulich <a class="moz-txt-link-rfc2396E" href="mailto:jbeulich@suse.com">&lt;jbeulich@suse.com&gt;</a>
Acked-by: Ian Campbell <a class="moz-txt-link-rfc2396E" href="mailto:ian.campbell@citrix.com">&lt;ian.campbell@citrix.com&gt;</a></pre>
    </blockquote>
    <br>
    Reviewed-by: Andrew Cooper <a class="moz-txt-link-rfc2396E" href="mailto:andrew.cooper3@citrix.com">&lt;andrew.cooper3@citrix.com&gt;</a><br>
    <br>
    <blockquote cite="mid:52A745FA020000780010BF2E@nat28.tlf.novell.com"
      type="cite">
      <pre wrap="">

--- a/xen/arch/x86/domain.c
+++ b/xen/arch/x86/domain.c
@@ -740,11 +740,12 @@ int arch_set_info_guest(
             XLAT_trap_info(v-&gt;arch.pv_vcpu.trap_ctxt + i,
                            c.cmp-&gt;trap_ctxt + i);
     }
-    for ( i = 0; i &lt; ARRAY_SIZE(v-&gt;arch.debugreg); ++i )
-        v-&gt;arch.debugreg[i] = c(debugreg[i]);
 
     if ( has_hvm_container_vcpu(v) )
     {
+        for ( i = 0; i &lt; ARRAY_SIZE(v-&gt;arch.debugreg); ++i )
+            v-&gt;arch.debugreg[i] = c(debugreg[i]);
+
         /*
          * NB: TF_kernel_mode is set unconditionally for HVM guests,
          * so we always use the gs_base_kernel here. If we change this



</pre>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
Xen-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Xen-devel@lists.xen.org">Xen-devel@lists.xen.org</a>
<a class="moz-txt-link-freetext" href="http://lists.xen.org/xen-devel">http://lists.xen.org/xen-devel</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>

--------------000709030605060803090307--


--===============7860477313179440685==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

--===============7860477313179440685==--