[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] xen: detect uninitialized xenbus in xenbus_init

  • To: Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 18 Nov 2021 09:40:42 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=llQ4wRsyJ0uGbRlru51nj9tulLG7/T2vCEv5MdCMxTM=; b=f22gJbkX4/TAC2N1aDrIPIcj+2jhtGt2zW4tjXBH6a3xqIL2zaIUO9x8jd2R9oDwCmyVxM8d3cewjcfHwGDlqnN2oR74tjHsq/K8OrdDGGsNy1aqnwIr5dNrsrScNFKnywn8Lx5NEMvyjMVXlxPeS4bDuwXyBw4yCHM2aV7iTe5cgi6eU5Ppf6xIq29R39Q4Q4cxg3urNDVin49PQ8a0mKbDrSevm8HmUp+03xpW9SiQCv8eKWGkL2TKSzONSQhfFkPnfV1tptnnz9uCqYzTZYWuo+ab3yJ2JGZLHNpY9BJWgReEw8pbGaDgSNhgmQLl6dl5HSOYZshK+2hIGNm7fQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DecLPgdqOw04eIHzxby8foNruQm7zL5CVvalwhQOFCwgBLJKdOAVwU1/K4V+LvedHLBLAA/kNvTgwKcg0GHYbtFb9adTgOuPjGvRu3WobkJTwK2kyRgjNfP4qCLanFQNPlswNfufNJ8u7n6icxv63dyOvJ5Ldn/yDR+OcnWA184/sxllevVF40plkLZAAFcz0tnorwdbYDA6huFlcGxFCBKY3y+jAygiJOMnDwuADOLrzFTcOkzR7zDfVV4SrOfieMNnnFLEo3D3bbw0/DDAHPhIggfH7U3stvC8/C/zHs1BgrYiHw1jebgiprravVHhyGqzQDaRK3PXtxxw5gU4Pw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: boris.ostrovsky@xxxxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>, stable@xxxxxxxxxxxxxxx, jgross@xxxxxxxx
  • Delivery-date: Thu, 18 Nov 2021 08:41:04 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 18.11.2021 03:37, Stefano Stabellini wrote:
> On Wed, 17 Nov 2021, Jan Beulich wrote:
>> On 17.11.2021 03:11, Stefano Stabellini wrote:
>>> --- a/drivers/xen/xenbus/xenbus_probe.c
>>> +++ b/drivers/xen/xenbus/xenbus_probe.c
>>> @@ -951,6 +951,18 @@ static int __init xenbus_init(void)
>>>             err = hvm_get_parameter(HVM_PARAM_STORE_PFN, &v);
>>>             if (err)
>>>                     goto out_error;
>>> +           /*
>>> +            * Uninitialized hvm_params are zero and return no error.
>>> +            * Although it is theoretically possible to have
>>> +            * HVM_PARAM_STORE_PFN set to zero on purpose, in reality it is
>>> +            * not zero when valid. If zero, it means that Xenstore hasn't
>>> +            * been properly initialized. Instead of attempting to map a
>>> +            * wrong guest physical address return error.
>>> +            */
>>> +           if (v == 0) {
>>> +                   err = -ENOENT;
>>> +                   goto out_error;
>>> +           }
>>
>> If such a check gets added, then I think known-invalid frame numbers
>> should be covered at even higher a priority than zero.
> 
> Uhm, that's a good point. We could check for 0 and also ULONG_MAX

Why ULONG_MAX? The upper bound is determined by the number of physical
address bits (in a guest: the virtual counterpart thereof). In a 32-bit
environment ULONG_MAX could in principle even represent a valid frame
number.

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.