| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20110610100139.GG5098@whitby.uk.xensource.com> Date: Fri, 10 Jun 2011 11:01:39 +0100 From: Tim Deegan <Tim.Deegan@...rix.com> To: Igor Mammedov <imammedo@...hat.com> CC: <xen-devel@...ts.xensource.com>, Keir Fraser <keir@....org>, Stefano Stabellini <stefano.stabellini@...citrix.com>, "containers@...ts.linux-foundation.org" <containers@...ts.linux-foundation.org>, Li Zefan <lizf@...fujitsu.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Michal Hocko <mhocko@...e.cz>, "linux-mm@...ck.org" <linux-mm@...ck.org>, Keir Fraser <keir.xen@...il.com>, "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>, "balbir@...ux.vnet.ibm.com" <balbir@...ux.vnet.ibm.com>, Paul Menage <menage@...gle.com>, KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>, Hiroyuki Kamezawa <kamezawa.hiroyuki@...il.com> Subject: Re: [Xen-devel] Possible shadow bug Hi, At 18:47 +0200 on 09 Jun (1307645229), Igor Mammedov wrote: > It's rhel5.6 xen. I've tried to test on SLES 11 that has 4.0.1 xen, however > wasn't able to reproduce problem. (I'm not sure if hap was turned > off in this case). More detailed info can be found at RHBZ#700565 The best way to be sure whether HAP is in use is to connect to the serial line, hit ^A^A^A to switch input to Xen, and hit 'q' to dump per-domain state. The printout for the guest domain should either say "paging assistance: shadow refcounts translate external" or "paging assistance: hap refcounts translate external". (If you don't have serial you can get the same info by running "xm debug-keys q" and then "xm dmesg" to read the output.) > >you're willing to try recompiling Xen with some small patches that > >disable the "cleverer" parts of the shadow pagetable code that might > >indicate something. (Of course, it might just change the timing to > >obscure a real linux bug too.) > > > Haven't got to this part yet. But looks like it's the only option left. Actually, looking at the disassembly you posted, it looks more like it might be an emulator bug in Xen; if Xen finds itself emulating the IMUL instruction and either gets the logic wrong or does the memory access wrong, it could cause that failure. And one reason that Xen emulates instructions is if the memory operand is on a pagetable that's shadowed (which might be a page that was recently a pagetable). ISTR that even though the RHEL xen reports a 3.0.x version it has quite a lot of backports in it. Does it have this patch? http://hg.uk.xensource.com/xen-3.1-testing.hg/rev/e8fca4c42d05 Cheers, Tim. -- Tim Deegan <Tim.Deegan@...rix.com> Principal Software Engineer, Xen Platform Team Citrix Systems UK Ltd. (Company #02937203, SL9 0BG) -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists