| Message ID | 20171115134759.14398-1-apop@bitdefender.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
>>> On 15.11.17 at 14:47, <apop@bitdefender.com> wrote: > The altp2m_vcpu_enable_notify subop handler might skip calling > rcu_unlock_domain() after rcu_lock_current_domain(). Albeit since both > rcu functions are no-ops when run on the current domain, this doesn't > really have repercussions. > > The second change is adding a missing break that would have potentially > enabled #VE for the current domain even if it had intended to enable it > for another one (not a supported functionality). Thanks, much better. > Signed-off-by: Adrian Pop <apop@bitdefender.com> > Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Jan
On 15/11/17 14:10, Jan Beulich wrote: >>>> On 15.11.17 at 14:47, <apop@bitdefender.com> wrote: >> The altp2m_vcpu_enable_notify subop handler might skip calling >> rcu_unlock_domain() after rcu_lock_current_domain(). Albeit since both >> rcu functions are no-ops when run on the current domain, this doesn't >> really have repercussions. >> >> The second change is adding a missing break that would have potentially >> enabled #VE for the current domain even if it had intended to enable it >> for another one (not a supported functionality). > Thanks, much better. > >> Signed-off-by: Adrian Pop <apop@bitdefender.com> >> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> > Reviewed-by: Jan Beulich <jbeulich@suse.com> FOAD, Requesting a release ack for this change. ~Andrew
Hi, On 15/11/17 14:16, Andrew Cooper wrote: > On 15/11/17 14:10, Jan Beulich wrote: >>>>> On 15.11.17 at 14:47, <apop@bitdefender.com> wrote: >>> The altp2m_vcpu_enable_notify subop handler might skip calling >>> rcu_unlock_domain() after rcu_lock_current_domain(). Albeit since both >>> rcu functions are no-ops when run on the current domain, this doesn't >>> really have repercussions. >>> >>> The second change is adding a missing break that would have potentially >>> enabled #VE for the current domain even if it had intended to enable it >>> for another one (not a supported functionality). >> Thanks, much better. >> >>> Signed-off-by: Adrian Pop <apop@bitdefender.com> >>> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> >> Reviewed-by: Jan Beulich <jbeulich@suse.com> > > FOAD, Requesting a release ack for this change. Release-acked-by: Julien Grall <julien.grall@linaro.org> Cheers,
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index 205b4cb685..0af498a312 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -4534,12 +4534,18 @@ static int do_altp2m_op( if ( a.u.enable_notify.pad || a.domain != DOMID_SELF || a.u.enable_notify.vcpu_id != curr->vcpu_id ) + { rc = -EINVAL; + break; + } if ( !gfn_eq(vcpu_altp2m(curr).veinfo_gfn, INVALID_GFN) || mfn_eq(get_gfn_query_unlocked(curr->domain, a.u.enable_notify.gfn, &p2mt), INVALID_MFN) ) - return -EINVAL; + { + rc = -EINVAL; + break; + } vcpu_altp2m(curr).veinfo_gfn = _gfn(a.u.enable_notify.gfn); altp2m_vcpu_update_vmfunc_ve(curr);