[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/2] xen/cpupool: Reject attempts to add a domain to CPUPOOLID_NONE
- To: Luca Fancellu <Luca.Fancellu@xxxxxxx>
- From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
- Date: Wed, 18 May 2022 11:14:17 +0000
- Accept-language: en-GB, en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qA6mY1TGIYqa1RUBfpYs4NWpiulEUJrZAoKn08ZRtus=; b=dxSFYgcRNpBv5NxI8ge/h5qB4mDVGSItE0M4NlnYHU473rt0tGGRlQI8o6gl5sLjiROeawDH7RojEZ4NBltjWsIBsD+apXCDhLQSwTH4hECt644fTAIb+8kyQsN0hvGD9wGvIov/5wnRXGS2MP7NFtoKF1io30IGJ3GodC66jzDWJceP1aj57eum5YSI5jTGXUbqAo9lCVeCbCFARTYkW1e0OjJQGbBq/QG8rzAl7rT2d6QSIJnTwMtkuOmJPwhkOu2aJmi5ivmzAq0nZcsRSPksdh/uydCrehkclO7faEYU24nfmLNd5hRFxz73k+siTg5bfn+Y1JBhKghImJZhvg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Cbg8jyyhlBPZfNastX9WhxVJpZ+Ky14EjdUZ+LZ8bzqr+Tt8c9b3KGlnxQltqVoidzJGZtvg0xqc38SDj3U/Vot7PkVw9kbrNWVYx0NuJehdGtyhchHUsBet5Rm6tN5dsVPNQZEJliop54Cn9vTmv81blQ2cu2jb9Dlq1508TfyTdEwBO+F/3JB178D52FsokyCq/Tta5w1gjGAjRP50ZsZe5ti0eHl9ubEhYQdRkWuIxlce7OcSfHQ526kMc93I0FQIUsTh4h+r9K1zD3kqGGm1iQ09fIMImeQlyTK+suQyfgVshjUZuQnx2MgSlsKLwQmAUgg4AtQAglMY2Ze4rA==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Dario Faggioli <dfaggioli@xxxxxxxx>
- Delivery-date: Wed, 18 May 2022 11:14:31 +0000
- Ironport-data: A9a23:/MiTlKBYdsErUhVW/z/iw5YqxClBgxIJ4kV8jS/XYbTApGwlgj0Bx 2QcW2nVM/jeMTSnL9F2YIWwp0wDvpbUnYBlQQY4rX1jcSlH+JHPbTi7wuYcHM8wwunrFh8PA xA2M4GYRCwMZiaA4E/raNANlFEkvU2ybuOU5NXsZ2YgHGeIdA970Ug5w7Ng0tYx6TSEK1jlV e3a8pW31GCNg1aYAkpMg05UgEoy1BhakGpwUm0WPZinjneH/5UmJMt3yZWKB2n5WuFp8tuSH I4v+l0bElTxpH/BAvv9+lryn9ZjrrT6ZWBigVIOM0Sub4QrSoXfHc/XOdJFAXq7hQllkPhww vNgpaWaEj0KL6fzhOAsCwlEGQFxaPguFL/veRBTsOS15mifKT7A5qsrC0s7e4oF5uxwHGdCs +QCLywAZQyCgOTwx6+nTu5rhYIoK8yD0IE34yk8i22GS6t3B8mcGM0m5vcBtNs0rulIEezTe Iwybj13YQ6bSxZOJk0WGNQ1m+LAanzXLGQF9w3P/vNfD277klBz8qDyOdruI9GRYsNQoVepj 3r+4DGsav0dHJnFodafyVqIm+TG2w3yXokfELml3vdwhRuYwWl7IA0bUx63rOe0jma6WslDM AoE9yw2t68w+Ue3CN7nUHWQonGeuQUHc8FNCOB84waIooLY7Q+WCWkDSj9pc8E9uYk9QjlC6 7OSt9bgBDgqvLjLT3uYr+2QtWnrZnNTKnIebygZSwdD+8PkvIw4khPISJBkDbKxidr2Xzr3x lhmsRQDulnatuZTv43TwLwNq2jESkThJuLt2jjqYw==
- Ironport-hdrordr: A9a23:cna8V65Pfh147EjtzgPXwZGCI+orL9Y04lQ7vn2ZFiY5TiXIra qTdaogviMc0AxhI03Jmbi7Scq9qeu1z+843WBjB8bZYOCAghrmEGgC1/qu/9SEIUHDH4FmpM BdmsRFaeEYSGIK9foSgzPIXerIouP3lpxA7N22pxgCcegpUdAY0+4TMHf4LqQCfngjOXNPLu v42iMonVqdUEVSSv7+KmgOXuDFqdGOvonhewQ6Cxku7xTLpS+06ZbheiLonis2Yndq+/MP4G LFmwv26uGIqPeg0CLR0GfV8tB/hMbh8N1eH8aB4/JlaQkEyzzYJriJaYfy+Azdk9vfr2rCV+ O85SvICv4Drk85uFvF+CcFlTOQiArGoEWStGNwyUGT3fARAghKSvapzLgpDCcwoSAbza5B+b MO0GSDu5VNCxTc2Cz7+tjTThlv0lG5uHw4jIco/jRiuKYlGclsRLYkjQpo+VY7bVDHwZFiFP MrANDX5f5Qf1/fZ3fFvnN3yNjpWngoBB+JTkULp8TQilFt7TpE5lpdwNZakmYL9Zo7RZUB7+ PYMr5wnLULSsMNd6pyCOoIXMPyAG3QRhDHNn6UPD3cZeo6EmOIr4Sy7KQ+5emsdpBNxJwumI 7ZWFcdrmI2c1KGM7z44HSKyGG4fIyQZ0Wc9igF3ekJhlTVfsuZDQSTDFYzjsCnv/ITRsXGRv fbAuMiP8Pe
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
- Thread-index: AQHYaiYkCDtg+YouUE6RTw/ztN5ARK0kb2CAgAANJgA=
- Thread-topic: [PATCH 1/2] xen/cpupool: Reject attempts to add a domain to CPUPOOLID_NONE
On 18/05/2022 11:27, Luca Fancellu wrote:
> Hi Andrew,
>
>> On 17 May 2022, at 20:41, Andrew Cooper <andrew.cooper3@xxxxxxxxxx> wrote:
>>
>> c/s cfc52148444f ("xen/domain: Reduce the quantity of initialisation for
>> system domains") removed the path in domain_create() which called
>> sched_init_domain() with CPUPOOLID_NONE for system domains.
>>
>> Arguably, that changeset should have cleaned up this path too.
>>
>> However, c/s 92ea9c54fc81 ("arm/dom0less: assign dom0less guests to
>> cpupools")
>> changed domain_create() from using a hardcoded poolid of 0, to using a value
>> passed by the toolstack.
>>
>> While CPUPOOLID_NONE is an internal constant, userspace can pass -1 for the
>> cpupool_id parameter and attempt to construct a real domain using default
>> ops,
>> which at a minimum will fail the assertion in dom_scheduler().
>>
>> Fixes: 92ea9c54fc81 ("arm/dom0less: assign dom0less guests to cpupools")
>> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> Thanks for this fix, with the introduction of 92ea9c54fc81 ("arm/dom0less:
> assign dom0less guests to cpupools”)
> we’ve checked all the path passing struct xen_domctl_createdomain, and at
> that time it seems to be that
> the new cpupool_id member would have been always zero when created from the
> tool stack, am I wrong?
Hypercalls are an entirely public API/ABI.
Looking through xen.git gets you the common users, but it most
definitely doesn't get you all users of the interface.
This hypercall specifically gets fuzzed (there's a KFX PoC somewhere),
but it's a bug for any hypercall to be able to hit an assertion/crash/etc.
> I’m asking so that I will keep in mind for the future.
>
> However with your second patch of this serie, the tool stack is able to write
> it, so I guess this fix now is mandatory.
>
> I’ve tested your patch, enabling boot time cpupools, on an arm machine and
> booting Xen+Dom0 and another DomU
> by dom0less feature, and all works.
>
> Reviewed-by: Luca Fancellu <luca.fancellu@xxxxxxx>
> Tested-by: Luca Fancellu <luca.fancellu@xxxxxxx>
Thanks.
~Andrew
|
