|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 2/6] x86/domctl: Fix TOCTOU race with the use of XEN_DOMCTL_getvcpuextstate
>>> On 12.09.16 at 11:51, <andrew.cooper3@xxxxxxxxxx> wrote: > A toolstack must call XEN_DOMCTL_getvcpuextstate twice; first to find the size > of the buffer to use, and a second time to get the actual content. > > The reported size was based on v->arch.xcr0_accum, but a guest which extends > its xcr0_accum between the two hypercalls will cause the toolstack to fail the > evc->size != size check, as the provided buffer is now too small. This causes > a hard error during the final phase of migration. > > Instead, return return a size based on xfeature_mask, which is the maximum > size Xen will ever permit. The hypercall must now tolerate a > toolstack-provided buffer which is overly large (for the case where a guest > isn't using all available xsave states), and should write back how much data > was actually written into the buffer. > > As the query for size now has no dependence on vcpu state, the vcpu_pause() > can be omitted for a small performance improvement. > > Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |