Xen project Mailing List

Re: [PATCH v3] x86: Fix XEN_DOMCTL_gdbsx_guestmemio crash

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Mon, 25 Apr 2022 15:36:35 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pJjRhj0zC21ekkO4MkALsPFI8gwH5FzS2z+xka8dvOo=; b=iBFhZqVxh/H58Oc4BjJkXWZWodY+xJmbDbx/TpqzFcJOyFPLjOnBTQ8wc4zZRbGOL3SRRIW8DPNoKj9CJpVRggFESOPb36xBQ/7nbyE8dTOM8Zse453TuWSLKm3YsXu+Y6cZzGDPlZTf2+kYWYHUynswirYUWdILLgDdwByO7lipiV4cgr/wOrYB7QkeEC5AVvPm7rl/3BJHZ7TbfpxseuXSWc9yfe0mhxo81OZFl3g8+irb5Qj1esoh6y7HKs1V7nOKvPCyiZb8gU81ZTHWT0E+BE+X0G1E9Aj2+npS244NPFfzXUVqnX/zYkcdt7KGLLFGlIQ0s+dGcm84vvJcHA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iypJsdzCf/Pc4GpKjAp4tXANFj6VXrTn7sl42q1pmNOmL+bQgLoIKrGXBcLL4zXy1ZXsRCkbr3EgYdQGv/zNCfJiWwF8PijX9nXM6q1u4M3v11eAi/zI/tcXuivMEM71k/YfXbtbmIId/r1J1SVHTKzy0rNY9MUwUtAEYC++p5T53nRaJBVtnZDFQnb1wHPux+0XTsuyOOq9MIzl9ijJ4Dtaa7pccOi/9/jDGBDCv+KsCGKw7QLVIImH+CQEII1e7dD71CY9kfwNxNVxTPHAUoZy+/WyaeITlBvorbgT14XXP6oQ4Ls4T/xIdtUxIw5Gf33sss2+PPlUsn4bNNrgqQ==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Mon, 25 Apr 2022 13:36:51 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 25.04.2022 14:37, Andrew Cooper wrote: > When CONFIG_GDBSX is compiled out, iommu_do_domctl() falls over a NULL > pointer. One of several bugs here is known-but-compiled-out subops falling > into the default chain and hitting unrelated logic. > > Remove the CONFIG_GDBSX ifdefary in arch_do_domctl() by implementing > gdbsx_domctl() and moving the logic across. > > As minor cleanup, > * gdbsx_guest_mem_io() can become static > * Remove opencoding of domain_vcpu() and %pd > > Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Technically Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> Yet as mentioned before, ... > --- a/xen/arch/x86/domctl.c > +++ b/xen/arch/x86/domctl.c > @@ -816,71 +816,12 @@ long arch_do_domctl( > } > #endif > > -#ifdef CONFIG_GDBSX > case XEN_DOMCTL_gdbsx_guestmemio: > - ret = gdbsx_guest_mem_io(d, &domctl->u.gdbsx_guest_memio); > - if ( !ret ) > - copyback = true; > - break; > - > case XEN_DOMCTL_gdbsx_pausevcpu: > - { > - struct vcpu *v; > - > - ret = -EBUSY; > - if ( !d->controller_pause_count ) > - break; > - ret = -EINVAL; > - if ( domctl->u.gdbsx_pauseunp_vcpu.vcpu >= d->max_vcpus || > - (v = d->vcpu[domctl->u.gdbsx_pauseunp_vcpu.vcpu]) == NULL ) > - break; > - ret = vcpu_pause_by_systemcontroller(v); > - break; > - } > - > case XEN_DOMCTL_gdbsx_unpausevcpu: > - { > - struct vcpu *v; > - > - ret = -EBUSY; > - if ( !d->controller_pause_count ) > - break; > - ret = -EINVAL; > - if ( domctl->u.gdbsx_pauseunp_vcpu.vcpu >= d->max_vcpus || > - (v = d->vcpu[domctl->u.gdbsx_pauseunp_vcpu.vcpu]) == NULL ) > - break; > - ret = vcpu_unpause_by_systemcontroller(v); > - if ( ret == -EINVAL ) > - printk(XENLOG_G_WARNING > - "WARN: d%d attempting to unpause %pv which is not > paused\n", > - currd->domain_id, v); > - break; > - } > - > case XEN_DOMCTL_gdbsx_domstatus: > - { > - struct vcpu *v; > - > - domctl->u.gdbsx_domstatus.vcpu_id = -1; > - domctl->u.gdbsx_domstatus.paused = d->controller_pause_count > 0; > - if ( domctl->u.gdbsx_domstatus.paused ) > - { > - for_each_vcpu ( d, v ) > - { > - if ( v->arch.gdbsx_vcpu_event ) > - { > - domctl->u.gdbsx_domstatus.vcpu_id = v->vcpu_id; > - domctl->u.gdbsx_domstatus.vcpu_ev = > - v->arch.gdbsx_vcpu_event; > - v->arch.gdbsx_vcpu_event = 0; > - break; > - } > - } > - } > - copyback = true; > + ret = gdbsx_domctl(d, domctl, &copyback); > break; > - } > -#endif ... I'm not overly happy with the retaining of the case labels here (and the knock on effect it'll have for other subsystem domctl-s), so unlike usually this R-b isn't implicitly an A-b. Which doesn't matter in practice, aiui ... Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.