[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v5 12/17] xen/libxc: sched: DOMCTL_*vcpuaffinity works with hard and soft affinity

To: Jan Beulich <JBeulich@xxxxxxxx>, Dario Faggioli <dario.faggioli@xxxxxxxxxx>
From: George Dunlap <george.dunlap@xxxxxxxxxxxxx>
Date: Tue, 3 Dec 2013 18:21:32 +0000
Cc: Marcus Granado <Marcus.Granado@xxxxxxxxxxxxx>, Justin Weaver <jtweaver@xxxxxxxxxx>, Ian Campbell <Ian.Campbell@xxxxxxxxxx>, Li Yechen <lccycc123@xxxxxxxxx>, Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, Juergen Gross <juergen.gross@xxxxxxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Matt Wilson <msw@xxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Keir Fraser <keir@xxxxxxx>, Elena Ufimtseva <ufimtseva@xxxxxxxxx>
Delivery-date: Tue, 03 Dec 2013 18:21:43 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 12/03/2013 10:06 AM, Jan Beulich wrote:

On 03.12.13 at 11:02, "Jan Beulich" <JBeulich@xxxxxxxx> wrote:

On 02.12.13 at 19:29, Dario Faggioli <dario.faggioli@xxxxxxxxxx> wrote:

+                goto setvcpuaffinity_out;
+
+            /*
+             * We both set a new affinity and report back to the caller what
+             * the scheduler will be effectively using.
+             */
+            if ( vcpuaff->flags & XEN_VCPUAFFINITY_HARD )
+            {
+                ret = xenctl_bitmap_to_bitmap(cpumask_bits(new_affinity),
+                                              &vcpuaff->cpumap_hard,
+                                              vcpuaff->cpumap_hard.nr_bits);


There's no code above range checking vcpuaff->cpumap_hard.nr_bits,
yet xenctl_bitmap_to_bitmap() uses the passed in value to write into
the array pointed to by the first argument. Why is this not
xenctl_bitmap_to_cpumask() in the first place?


And just to make it explicit - with fundamental flaws like this, I'm
not certain anymore whether we really ought to rush this series
in for 4.4.

I'm certainly getting nervous about the prospect. However, the abovebug would only be triggered by bad input from domain 0, right? I supposeeven that would be a potential security issue in a highly disaggregatedenvironment.

Other bugs in this patch would be similar. This path is taken on domaincreation IIUC; so bugs in this particular patch would probably either beunexpected behavior of the affinities, or failure to handle unusualinput from a trusted source (domain 0).


 -George

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v5 12/17] xen/libxc: sched: DOMCTL_*vcpuaffinity works with hard and soft affinity
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v5 12/17] xen/libxc: sched: DOMCTL_*vcpuaffinity works with hard and soft affinity
  - From: Dario Faggioli

References:
- [Xen-devel] [PATCH v5 00/17] Implement vcpu soft affinity for credit1
  - From: Dario Faggioli
- [Xen-devel] [PATCH v5 12/17] xen/libxc: sched: DOMCTL_*vcpuaffinity works with hard and soft affinity
  - From: Dario Faggioli
- Re: [Xen-devel] [PATCH v5 12/17] xen/libxc: sched: DOMCTL_*vcpuaffinity works with hard and soft affinity
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v5 12/17] xen/libxc: sched: DOMCTL_*vcpuaffinity works with hard and soft affinity
  - From: Jan Beulich

Prev by Date: Re: [Xen-devel] [PATCH v4 03/15] libxl: introduce libxl_get_nr_cpus()
Next by Date: Re: [Xen-devel] [PATCH v4 03/15] libxl: introduce libxl_get_nr_cpus()
Previous by thread: Re: [Xen-devel] [PATCH v5 12/17] xen/libxc: sched: DOMCTL_*vcpuaffinity works with hard and soft affinity
Next by thread: Re: [Xen-devel] [PATCH v5 12/17] xen/libxc: sched: DOMCTL_*vcpuaffinity works with hard and soft affinity
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.