From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrew Cooper Subject: Re: [PATCH 3/3] xen/gdbsx: Security audit of {, un}pausevcpu and domstatus hypercalls Date: Thu, 24 Jul 2014 12:11:43 +0100 Message-ID: <53D0E9EF.4050800@citrix.com> References: <1406199410-15823-1-git-send-email-andrew.cooper3@citrix.com> <1406199410-15823-4-git-send-email-andrew.cooper3@citrix.com> <20140724110746.GC1821@deinos.phlegethon.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <20140724110746.GC1821@deinos.phlegethon.org> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Tim Deegan Cc: Keir Fraser , Ian Campbell , Ian Jackson , Xen-devel , Jan Beulich List-Id: xen-devel@lists.xenproject.org On 24/07/14 12:07, Tim Deegan wrote: > At 11:56 +0100 on 24 Jul (1406199410), Andrew Cooper wrote: >> diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c >> index 243f42f..6b2479e 100644 >> --- a/xen/arch/x86/domctl.c >> +++ b/xen/arch/x86/domctl.c >> @@ -1030,11 +1030,10 @@ long arch_do_domctl( >> if ( !d->controller_pause_count ) >> break; >> ret = -EINVAL; >> - if ( domctl->u.gdbsx_pauseunp_vcpu.vcpu >= MAX_VIRT_CPUS || >> + if ( domctl->u.gdbsx_pauseunp_vcpu.vcpu > d->max_vcpus || > Not >= ? Indeed. I seem to have formatted an old patch. v2 on its way. ~Andrew > >> (v = d->vcpu[domctl->u.gdbsx_pauseunp_vcpu.vcpu]) == NULL ) >> break; >> - vcpu_pause(v); >> - ret = 0; >> + ret = vcpu_pause_by_systemcontroller(v); >> } >> break; >> >> @@ -1046,13 +1045,14 @@ long arch_do_domctl( >> if ( !d->controller_pause_count ) >> break; >> ret = -EINVAL; >> - if ( domctl->u.gdbsx_pauseunp_vcpu.vcpu >= MAX_VIRT_CPUS || >> + if ( domctl->u.gdbsx_pauseunp_vcpu.vcpu > d->max_vcpus || > Same thing here. > > Tim.